Collection and processing of your personal data
We only collect and process your personal data if:
It is necessary in order for us to be able to provide our service or product, which you have either requested a quotation or contracted for; or
You have agreed to it; or
It is necessary for compliance with our legal and/or regulatory obligations as providers of insurance; or
We have legitimate reason or where there are reasons of substantial public interest to do so, such as for fraud prevention, debt collection and anti-money laundering checks; or
The data is already publicly available.
What types of personal data we handle
We collect and process the personal data that you provide about yourself and others to be covered under by the policy when interacting with us, either online or via email, phone or post. We may also collect data about you from any health services providers involved in delivering our services to you.
Such personal data may include, but is not limited to the following:
First name and surname;
Postal and/or email address;
Gender, date of birth;
Country of residence and/or nationality;
Unique identifier information (e.g. your customer username or number and password, service number);
Financial information (e.g. bank account information);
Health information, where it is relevant to the service we provide;
Other details relevant to your particular insurance requirements;
Some details provided by your device such as IP address, device ID, device type, and location data.
How we use your personal data
We may use the personal data we collect and process about you in order to:
- Provide you with access to our website and our customer portal;
- Provide and administer your insurance quotation and policy;
- Process any payments required for the products and services you have requested;
- Provide you with information including without limitation, quotations, service documentation, newsletters, promotions, competitions and responses to applications;
- To show advertisements of relevant insurance products via social media channels (for example, using TikTok Custom Audiences ad targeting, and Google Custom Match). You are in control of the advertisements you see and can use the preference settings of the social media provider you use to manage these.
- Respond to any enquiries from you regarding our products and services;
- Where you have agreed, provide you with information about certain other goods and services which we believe may be of interest to you;
- Offer customer surveys to help us improve our service;
- To help us improve our services and products;
- Meet our legal and regulatory obligations;
- Detect and prevent fraud or other illegal activities.
Some of the personal information we process may be sensitive information, such as details about your health or medical records. Where appropriate, we will rely on a specific legal exemption to process your sensitive personal data for insurance purposes, where it is an essential as part of your insurance cover. Otherwise we will ask for your consent, before collecting and processing your sensitive information. Please note that we may not be able to sell you an insurance policy if we are unable to process relevant sensitive information.
We may use your personal data, including your health data, to automatically determine, based on a risk assessment of both the likelihood and cost of you making a claim, whether to offer insurance cover, what insurance products to offer, whether to offer to renew cover, and to arrive at the price of that insurance cover. You have the right to request a personal review by us of such decisions so that you may express your point of view and ask us to reconsider such decisions.
When you ask for a quotation or buy a policy, we will send your details to, and also use information from your insurer and from fraud prevention agencies. We will make use of such data to combat fraud.
If you wish to opt-out of any automated decision-making, please let us know, however, in some circumstances we may not be able to offer or provide you with a quote for a policy as some automated decisions are required to provide your insurance policy.
The name and other details about your insurer and how they process your information can be found in your policy wording.
If you provide information about anyone else, you confirm that they (or their legal guardian) have agreed that you may give us their information, including sensitive information, for the reasons described in this document.
Personal data sharing and transferring
We will not share your personal data with anyone else unless you agree to this, or such sharing is necessary to fulfil our contract with you, or we are legally allowed or required to do so. Moreover, your personal data will only be shared with selected organisations which comply with our security procedures and policies.
Organisations we may share your personal data with include:
- Another member of our group of companies where they help provide our services to you;
- Our service providers and subcontractors, where they us help provide our services to you;
- To a regulating body or other authority where we need to comply with a regulatory or legal obligation;
- Crime prevention or debt collection organisations;
- When required to protect our legitimate interests.
Some of those organisations may be based in a country outside the European Economic Area or where different data privacy laws apply. We will only transfer your personal data to that country if they ensure an adequate level of protection of your rights and freedoms, the transfer is necessary for the performance of your contract, or you have given us your consent, or that organisation is contractually bound to meet European Economic Area data protection law.
We will not sell your personal data to anyone.
Personal data protection and storage
We handle your personal data in accordance with adequate and reasonable procedures and technologies in order to maintain and protect its security, availability, confidentiality and integrity, and prevent its unlawful or unauthorised processing, accidental loss or damage, from its collection until its destruction.
Where personal data is transmitted across the internet, it will be encrypted.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of your personal data, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Personal data disposal and retention
We will only keep your personal data for as long as it is needed for the purposes for which it was collected and we will remove from our systems all personal data which is no longer required. Typically the retention period is 6 years.
We will only retain your personal data after this time where we are required to do so, in order to meet a regulatory or legal obligation.
-What are cookies – Cookies are small data files which our website may place on your computer or mobile device when you visit it. They help us understand how you use our website, they allow our website work more efficiently and they facilitate and improve your website user experience.
-Cookies we use
They make it easier to use our website by keeping track of your movement from page to page so you do not get asked for the same information you have already provided. This way, you can quickly and easily navigate around it without having to authenticate or reprocess each new page you visit.
Persistent, permanent or stored cookies
They help our website remember your navigation preferences and settings when you visit again in the future, for example, language selection. They are also used to remember if you were logged in to a website. They therefore speed up and enhance your website user experience.
These cookies will not usually collect or store any personal information about you unless you provided that information into the website yourself. They are placed on your computer or mobile device until they expire or you delete them.
We do not create or read third-party cookies for advertising, dynamic re-marketing or any other marketing purpose.
We use Google Analytics to measure and improve the performance of our website and create statistical reports on our website activity (e.g. number of visitors and page views, types of browsers used, purchases, etc.). We do not share any personal data about you with Google Analytics.
- You have agreed to it; or
- We have legitimate reason to do so, such as for fraud prevention or debt collection.
You have the right at any time to:
- Delete cookies that have already been set;
- Modify your cookie settings.
If you wish to restrict, block or delete cookies yourself, you can do this through your browser settings. The ‘Help’ function within your browser should tell you how. Alternatively, you may wish to visit www.aboutcookies.org or www.allaboutcookies.org, which contains comprehensive information on how to do this on a wide variety of desktop browsers. For information on how to do this on the browser on your mobile phone you will need to refer to your handset manual.
To opt out from Google Analytics visit https://tools.google.com/dlpage/gaoptout.
Please note that by refusing, deleting or disabling session or persistent cookies you may not be able to access certain areas or features of our website.
If you want to learn more about cookies, you can contact the Information Commissioner’s Office (ICO). Further information can be found at Ico.org.uk.
-Changes to our policy
You have the right at any time and, normally, free of charge to:
Request a copy of the personal data we hold about you and certain details as to how we use it. We may charge a reasonable fee to provide further copies, and can refuse to give you this information if your requests are clearly unjustified or excessive;
Have your personal data corrected if it is inaccurate or incomplete;
In certain circumstances, request the deletion of your personal data for example, where it is no longer necessary for us to keep it for the purpose for which it was originally collected or processed, unless we have a legal or regulatory obligation to retain the personal data;
Ask for further processing of your personal data to be restricted. Where you have previously entered into a contracted service or product with us, this may imply cancelling the contracted service or product;
In certain circumstances, to request that we transfer your personal information to another third party, where technically feasible;
Request that you are not subject to automatic individual decision-making;
Withdraw your agreement to direct marketing.
Where we have requested your consent, you have the right to withdraw this. However, in some circumstances we may no longer be able to process your insurance policy.
How to contact us
For the purposes of data protection legislation, Trinity Insurance Services Ltd is the data controller.
This privacy notice applies to Trinity Insurance Services and the following trading styles, Insignia Insurance Services and ProCycle Insurance.
Data Protection Officer Data.Protection@talktotrinity.com
Trinity Insurance Services Ltd,
Metro House, Northgate, Chichester West Sussex PO19 1BE
If you are unsatisfied with our response, you can contact the Information Commissioner’s Office (ICO). Further information can be found at https://ico.org.uk/. Additionally you have the right at any time to lodge a complaint with the ICO in relation to how we use your data.
Changes to our policy