Updated: January 2021
Who We Are
Ancile Insurance Group Ltd is authorised by the Financial Conduct Authority.
Registered Office: Kao Hockham Building, Edinburgh Way, Harlow, Essex CM20 2NQ. Registered in England, Company No 05429313.
If you would like to find out more about the group, please visit our website at www.ancileinsurance.com.
We are committed to protecting your privacy. We comply with the current Data Protection Regulations and aim to maintain consistently high levels of best practice in our processing of personal and/or sensitive personal data.
How We Use the Information You Provide
Any personal information you supply to us via our website or by phone will be treated in accordance with the General Data Protection Regulation and Data Protection Act.
We will be processing your personal data in order to fulfil our contract with you and our legal/compliance obligations.
Administering Your Policy
We collect and process your personal information for the purposes of insurance administration by us or our agents, including the processing of any claims you may make. Please note if a claim is of a medical nature this could involve the use of your medical information or contacting your doctor. You will be asked to give consent before your doctor is contacted, but you should be aware that refusal could affect the outcome of your claim. We collect your personal information on our website, or over the phone when you obtain a quotation or purchase a policy from us. In order to provide you with an accurate quotation and to administer your policy we will collect and process the following personal information: Name, address and contact details, medical history and credit or debit card information.
Please note, we do not store any credit or debit card information on our computer systems or in our call recordings.
Before you provide any data to us, we will endeavor to make it clear why we need it.
In the course of administering your policy we may contact you from time to time by email, this may include, but is not limited to;
- Providing instructions on what to do in a medical emergency before you go on your trip
- Providing details on how to make a claim when you return from your trip
If you have provided an email address when you purchased a policy, you may also be contacted on our behalf by a third party to request feedback on the service we provided. This third party will only send you one email and will not use your data for anything else.
In order to receive an accurate quotation, it is often necessary to conduct a medical screening questionnaire, either online or by phone. The information you provide is processed to provide a score which affects the price of your insurance.
We will use the information you provide to administer your policy. In the event of a claim this could involve contacting your doctor to verify your medical history.
Please make sure you answer all questions accurately and honestly for yourself and everyone who is to be insured. If you don't, your policy may be cancelled, or treated as if it never existed, and your claims may be rejected or not fully paid.
Renewal of Cover
To offer renewal of cover on an annual policy.
If you have taken out an annual insurance policy, we will contact you 30 days before your policy is due to expire to notify you that the policy is about to expire and provide you with a new quotation.
For the Investigation of or Prevention of Crime
When required to do so by law we will disclose information to police or other fraud or crime prevention agencies for the purpose of investigating or preventing crime.
Compliance with Regulatory Bodies
When required to do so we will disclose information to regulatory bodies for the purposes of monitoring and/or enforcing our compliance with their regulations. For example, but not limited to, the Financial Conduct Authority or the Information Commissioners Office.
We may also process your data for the following legitimate interests:
We may contact you from time to time regarding the same or similar products.
You can opt out of receiving marketing communications when you purchase your policy and in all subsequent communications.
We use website usage information and analysis to improve our systems and service.
As with the majority of websites, when you use our site, we log your IP address and which pages you have downloaded. This information is used to improve the performance or identify errors with the functioning of our website. Log files are stored securely and are automatically deleted after 30 days.
We also place cookies on your device to improve your experience and provide anonymous information about how users interact with our site including how they find our site, where they leave our site and which pages are the most popular.
Research and statistical purposes
We may process your data for research and statistical purposes to help us to improve our products and services.
We analyse statistical information from claims submitted, including date of birth, destination and medical history in order to improve our products and inform our pricing strategy. If you don’t want your data to be used in this way you can exercise your Right to Erasure and request that we delete your data.
We may use anonymised sales and demographic information, such as average age from existing customers to inform our marketing strategy. If you don’t want your data to be used in this way you can exercise your Right to Erasure and request that we delete your data. Any new information you provide to us may be used to update an existing record we hold for you. If you provide a work email address, we will not be responsible for third parties who are authorised to access your work email address having access to any communications we send.
We ask for your home, mobile telephone number, and email address to enable us to contact you in relation to an enquiry you have made, to contact you about relevant products or services, to contact you if there is a problem with your order, or there is another genuine reason for doing so.
Security and Storage of Your Data
We take every reasonable step to ensure that any information you provide via the forms on our website or by phone is kept secure.
Our web servers comply with the General Data Protection Regulation and Data Protection Act and are located at a secure data centre with access limited to only a few personnel.
Remote access is limited to our IT provider via a secure VPN connection at their office or via a control panel where strict user credentials are required and can only be accessed over https (SSL). All our staff are fully trained on the General Data Protection Regulation and Data Protection Act and are constantly monitored to ensure that they respect customer privacy and maintain the security of customer data at all times.
All credit and debit card transactions are handled via a payment gateway. No credit card details are stored by us, either on our online systems or call recordings.
Our website is secured using a SSL Certificate, which encrypts all the information you enter before transmission. This means that your credit and personal information will be safe and secure.
Our websites conform to the PCI-DSS standard.
Please note, due to the nature of the internet, we cannot guarantee the security or privacy of emails or that any emails sent will be received by us.
Logging into Your Account
When you save a quotation or purchase a policy you are invited to create an account with us. Your account will be based on your name, date of birth and email address.
To keep your account and personal information secure you are required to create a secure password which must meet the following criteria:
10 characters long, have at least one lowercase letter, one uppercase letter, one digit and one special character (#?!@$%^&*-)
Accessing Your Policy Documents
When you purchase a policy, you can log in to your account to download your personal insurance documents. You can also request to have your documents posted to you.
Please note: We are unable to email your policy documents to you due to the sensitive personal information contained.
We are obliged and permitted by law and regulation to retain certain types of data for a minimum period of time. The minimum period of time tends to be for six years but can be longer if the statute or regulation requires or permits.
After that time, we will securely destroy all personal data.
We are happy to delete your personal information sooner than this if requested, for more information see the Right to Erasure section below.
Cookies are little files that websites put on your device to make visits quicker, easier and more relevant. Some cookies are essential for websites to work and others remember things about you to give you a better experience online.
Essential cookies – make our website function
Without these cookies, our website won't work properly.
We put 2 session cookies on your computer for the duration of your visit to our site. It stores data about the browser you are using and information you have entered in order for our website to function correctly and for us to provide you with a quotation or policy. One of these cookies is deleted when you leave our website, the other expires after 2 hours.
Website usage information – help us improve our website and track advertising
We use Google Analytics to analyse trends of behaviour on our website. These cookies collect aggregated information about how visitors use our site.
We use this aggregated information to improve our website - it never identifies individual users.
They give us an overall picture of how people find and use our website by telling us things like, how visitors found our site, the number of visitors to each page and what people do on the page, like which links they click on.
How to control cookies on your device
To opt out or delete cookies on your device visit http://www.youronlinechoices.com/uk/your-ad-choices This website will show you what cookies are active on your device, provides information about what they are doing and enables you opt out.
Disclosure of Information to Third Parties
We do not sell, trade or rent your information and will never disclose information about you to third parties, except to fulfil your specific orders for a product, for example a data processing company may need your details in order to administer your policy. Or in the event that third parties deliver the relevant service, for example, if you take out an insurance policy underwritten by a third party, a claims company will need your details in order to process any claims.
Cross-border Transfers of Information
Please note that we provide products and services for customers who may travel outside the European Economic Area (EAA). Therefore, if you travel on such holidays, and it is deemed necessary to provide the cover you have purchased, for example in the event of a medical claim, the information you provide may occasionally be transferred outside the European Economic Area.
It is worth noting however that some non-EEA countries do not afford the same level of data security as the UK. By submitting your details, you consent to this transfer in the event that it is necessary to process your claim. We will always use every reasonable effort to ensure sufficient protections are in place to safeguard your personal information.
We may also be obliged by law to pass on your information to the Police or any other statutory authority.
Your Rights Under the General Data Protection Regulation Under the General Data Protection Regulation an individual has specific rights with regards to their personal data.
The Right to Be Informed
When we collect any personal data from you, we endeavour to inform you why we need the information. This is generally in order to provide
you with an accurate quotation or to administer your policy. More information can be found in this privacy statement.
Your Right to Object (Opting Out of Direct Marketing)
When you purchase a product from us we consider it in our legitimate interest to place you on our marketing list to receive information about similar products and services from us (this may be by post, sms, email, telephone or social media), unless you opt out.
You will be given the opportunity to opt out of all marketing at the point of purchase, at the bottom of every subsequent electronic communication and when you log in to your account.
You can opt out of receiving marketing by using the opt out link which is at the bottom of every electronic communication.
Amendment and Rectification of Information
Please advise us in writing as to any changes in your circumstances or of any instances where you feel the data, we hold may be incorrect. We will amend details as required.
Subject Access Requests & Data Portability
You have a statutory right of access to accessible personal and/or sensitive personal data that we hold about you. In order to exercise this right, your application must be in writing for security reasons.
We can supply the data as a hard copy or as a csv file which can be imported into other computer systems.
Call recordings can be supplied as wav or mp3 files, these are common file types which can be listened to in a number of different applications.
Right to Erasure
Please note, if you have a live policy with us, we will not be able to delete your data unless you cancel the policy first. This is because we require your personal data to administer your policy and process any claims you may make.
Right to Restrict Processing
If you feel that the data, we hold for you is incorrect you have a right to ask us to restrict processing until you have supplied the correct data.
Making a Complaint
If you are not happy with the way that we collect, process or store your data you have the right to lodge a complaint.
Alternatively, if you would like to lodge a complaint with a supervisory body you can contact the Information Commissioners Office.
Visit their website https://ico.org.uk/concerns or call their help line 0303 123 1113