Privacy Statement

This privacy notice describes how Complectus Limited use personal data relating to our policyholders, service users and related individuals, and other enquirers and users of our website.

Use of our website

Complectus Limited recognises the importance of its online visitors’ privacy. Complectus Limited represents that it will not share personal information it obtains through this web site with any third parties, however visitors acknowledge that Complectus Limited may share such personal information with affiliated companies of Complectus Limited. Non personal information such as browser type, operating system and domain names, may be collected during visitors’ use of the web site and this information may be used by Complectus Limited to measure the number of visitors to the site. Whilst Complectus Limited continually reviews the content of its web site, the information provided on the website is provided without warranty of any kind, express or implied, including without limitation any implied warranty of suitability or fitness for any particular purpose. Complectus Limited believes the information provided on the website is accurate however errors or inaccuracies may be included and Complectus Limited does not accept any liability for such errors or inaccuracies. The web site is subject to legal terms and conditions and as such all visitors must recognise the value and importance of the protection of the material, substance, processes, capabilities, character and essence in the Complectus Limited areas (collectively “Content”). Visitors acknowledge that they have no right or licence to use any Content or any Complectus Limited trade mark without Complectus Limited’s express prior written consent.

Personal information provided to Complectus Limited via the Complectus Limited website, application forms, direct mail, emails and telephone calls will be used for the purposes outlined at the time of collection or registration. In addition, personal information may be used for statistical analysis.

We may also use cookies or similar technologies to collect website usage information, including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths. We do not, however, seek to relate this information to you as an individual nor combine it with other data relating to you. For further information, please refer to the Cookies section below. Processing personal data for the above purposes may entail sharing the information with employees, contractors and other companies affiliated to Complectus Limited.

Our website may include hyperlinks to, and details of, third party websites. Subject to our data sharing responsibilities we have no control over, and are not responsible for, the privacy policies and practices of third parties.

Direct marketing

If you give us your consent, we may send you communications (including by email and SMS) about products and services offered by us and third parties, which we believe may be of interest to you (for example because they relate to other products and services which you have purchased or in which you have shown an interest).

You may withdraw your consent at any time using the contact details on our website.

Sharing your information and our relationship with other parties

Third party claims handlers and underwriters

Third party organisations may handle claims under some of our insurance policies. Where this is relevant, further detail can be found in your policy documentation. They will obtain information about you and your policy directly from our business partner who sold you the policy (see below). These organisations will also act as a data controller, meaning that they will decide how they use your data in handling a claim and what additional information they may need from you, in accordance with their own data protection practices. We will not generally have access to the data they record, other than for audit purposes.

Purchasing insurance from our business partners

You may purchase our products from one of our business partners (for example as an add-on to other insurance you are buying from them). You may also purchase a policy which is underwritten by a third party organisation, for which they will process and service your claims.

In these circumstances, they will collect and share some of your personal data with us and our third party organisations in order for them to underwrite and administer your policy and to provide you with relevant services if you make a claim. These details include:

• Name (of policyholder and any related individuals under the policy)
• Address and contact details
• Level of cover and policy details
• Vehicle details, including car registration number (for motor breakdown insurance policies)
• Bank details for claims payments, reimbursements, policy checking.
Our business partner will also assign you a policy number which we will record alongside your other personal details.

Making a claim or requesting a service

You may contact one of our third party claims handlers and underwriters by telephone or on via a website to:

• make a claim under your insurance policy; or
• request a specific service under an existing service-only contract; or
• request a pay-on-use service (and enter into a new service-only contract

You may also enquire about such claims or services.

Details can be found in your policy documentation.

When you contact our third party claims handlers or underwriters in this way (or otherwise contact us for these purposes), they will collect additional information from you to assist with your enquiry, verify and handle your claim or service request, and, where appropriate, to settle the claim and provide the services. This includes arranging for service providers to the third party organisations to respond to and deal with qualifying incidents in settlement of your claim or as part of the services.

If you have purchased one of our insurance products and they are handling a claim under a policy which is underwritten by them, the claims handling service may use the brand of our business partner in dealing with your enquiry. However, the information collected by our business partners is used by them (rather than us) for these purposes.

In each case, the details we collect will include:
• Name, and policy or contract details
• Information about the claim or service request, including the surrounding circumstances, the assistance you require, and information within any related documents you provide to us.

This may include some sensitive personal data, and other information of a sensitive nature. For example, they may need to know information about the health or vulnerability of you, your dependents, or related individuals receiving services or involved in the assistance they provide, or other sensitive information about the circumstances of the claim or request. This is collected in order to make appropriate arrangements to deal with your claim and provide the relevant services.

They will also assign you a claim or service number, which they will record alongside your other personal details.

If you provide them with details relating to other individuals, please ensure such individuals are aware that they will use their details for the purposes of the insurance claim or service request, and direct them to this privacy notice for more information.

Calls to our third party claims handlers and underwriters call centres may be recorded, and they may keep additional records of their communications with you, and any arrangements made to settle your claim and provide you with services.

Other disclosures

We and our third party organisations may also disclose your personal data to the following parties:
• Legal authorities or regulatory bodies. For example, we are required to report details of any suspicious activities (for example relating to fraud or money laundering) to the National Crime Agency (NCA).
• Parties involved with current or prospective legal proceedings, or assisting us to establish, exercise or defend our legal rights. For example, we may share information with our legal or other professional advisers.
• Parties with whom you have given us permission to speak about your insurance policy or claim (including other relevant individuals under a policy).
• Other service providers, for example those providing data backup or technology services.
• Other parties to the extent that you have consented to us doing so, or we are otherwise required or permitted to do so by law.

Other collection and uses of your personal data

We, our business partners or third party organisations may also collect and use your personal data to:
• Record calls made to us for the purposes of record-keeping, training, quality control.
• Conduct surveys or ask you for feedback on our products and services, and may invite you to take part in focus groups. We use your responses and contributions to these for the purposes of quality control and improvement of our products and services.
• Carry out sanctions checking including to safeguard against fraud and anti-money laundering.
• Carry out audits of third parties who handle claims under our policies which may involve us reviewing samples of personal details used in relation to such services.
• If you contact us, for example over email, by telephone, by post, or over our website or social media, we may retain your contact details and your communication in order to handle your query and maintain records of communications.
• Maintain records of our activities and services, which may include communications exchanged with you or concerning you.
• Handle complaints about our activities, and to assess and manage any potential or actual legal action arising from such complaints.
• Assist us in improving our processes, products and services, for example root cause analysis on complaints. We seek to use anonymous data sets for these purposes.
• Review and enforce your compliance with our policy terms, website terms or other terms relevant to our relationship with you, or deal with related enquiries.
• Comply with our legal and regulatory obligations (including those imposed by the Financial Conduct Authority), or to protect and enforce our legal rights and those of other individuals.

Children’s data

We or our business partners do not intentionally offer insurance policies or service-only contracts or collect any personal information from children under 18 years of age. We shall seek to cancel a policy or service-only contract, refund the premium or payment and delete the details of such individuals when a parent or guardian notifies us that any personal details have been obtained from their child in this context.
However, some information about children may be collected and used in connection with a policy claim or provision of a service, for example where relevant to the circumstances of the claim or service provision and associated vulnerabilities.

Legal basis for use of your information

Data protection laws require us to identify the legal basis for the collection, use and disclosure of your data, as described above. The following apply to our activities:
• Collection and use of data which is necessary for performance of our contract of insurance or service-only contract with you, for example in order to administer a policy, handle claims and provide relevant services
• Collection and use of the data is necessary for performance of your contract of insurance with another company, to enable us to provide assistance or services and/or pay claims to you, where these are benefits processed and serviced by us.
• Collection and use of data which is in our legitimate interests, for example to manage our business, handle claims, provide services, respond to enquiries, maintain records of communications, handle complaints, enforce compliance with our terms and investigate fraud.
• Disclosure of data in the legitimate interests of the third party who receives it, for example our business partners who audit us, or third parties who handle claims under our insurance policies.
• Collection, use or disclosure of data to comply with a legal obligation, for example where our regulator or law enforcement authorities require us to do so.
• We obtain consent for direct marketing communications and, in some circumstances, for disclosures of your data.

Where we or our third party collect or record sensitive personal data, such as information about your health, we will separately seek your explicit consent to its use, unless our use of that data is necessary in the vital interests of you or another individual, or for the establishment, exercise or defence of legal claims.

International data transfers

We and our business partners collect, use, store and share your information as described above within the United Kingdom and the European Economic Area (the European Union plus Norway, Liechtenstein and Iceland) and Switzerland, across which the data protection laws provide a similar level of protection. We do not, therefore, currently transfer your data to countries without adequate data protection laws.

If we decide to re-locate our data processing facilities or service providers, or otherwise transfer your data to a location outside the United Kingdom, the European Economic Area [or Switzerland], we will ensure your data is given a similar level of protection to that required under United Kingdom data protection law.

Retaining your information

We and our third party organisations will retain your personal data for as long as it is needed for the relevant purposes specified above. This includes retention of some personal data following the end of our relationship with you, for example to resolve any potential disputes and for ongoing or prospective legal proceedings, to maintain records of our services, and otherwise to comply with our legal obligations and to defend our legal rights. You have a right to request further information about our retention periods. Please use the contact details below to make such a request.

Security of your information

We regularly review the technical and organisational security measures we have in place on our information and communications systems in order to prevent the loss, misuse or unauthorised alteration of your personal information.

Communications sent over our website, or using email, rely on the internet which is a publicly hosted network. So although we implement security measures for our systems, there remain risks that personal information you provide may be intercepted by others and any encrypted data may be decrypted.

You are responsible for keeping the password you use for accessing our website or business partner websites confidential. We will not ask you for your password, except when you log in to our website.

Your legal rights

In accordance with data protection laws, you have a right to:
• obtain a copy of the personal data we or our third party organisations hold about you, together with other information about how we process it;
• request rectification of inaccurate data, and, in some circumstances, to request us to erase or restrict our use of your data, or otherwise to object to our processing of your data for direct marketing purposes or for reasons relating to your particular situation;
• receive a copy (in a machine-readable format) of personal data which you have provided to us, where we process it electronically based on your consent or that it is necessary for performance of our contract with you. Such data may be transmitted to another data controller (such as another insurance provider); and
• make a complaint about how we handle your data to the Information Commissioner’s Office. Please visit www.ico.org.uk for further information about how to do this.
• withdraw any consent which you have given relating to use of your data, at any time. This includes consents to receiving direct marketing communications.

Note that there are certain limitations and exemptions to these rights which we may apply depending on the circumstances.

Please use the contact details within your policy documentation (or contact details below if appropriate) to send requests to exercise these rights (specifying what you are requesting), or if you would like further information about them.

Our contact details
Data Manager
Email: info@complectus.co.uk
Tel: 01737 854167

Cookies

A “cookie” is a small text file that is placed on a user’s computer hard drive by a website. There are several types of cookie and the most common are often referred to as ‘session’ cookies. These are used to keep track of information needed by a user as they travel from page to page within a website. These cookies have a short lifetime and expire within a few minutes of the user leaving the site.

Other types of cookies can be used to track internet activity after the user has left a website. These are usually sponsored by organisations external to the website being visited and are generally known as ‘third party’ cookies. These usually have a long lifetime with several months being quite common. They are ‘harvested’ and ‘refreshed’ whenever the user visits a page where the same or a similar cookie is being used.

Complectus Limited may use short lived ‘session’ cookies to tell whether a website user has logged, in, where to find details that can be used to pre-fill parts of on-line forms and to personalise the user’s visit to the website. They are also used to track anonymously which areas of the site are popular and which are not used; this allows us to target carefully our website resources.

Complectus Limited may use cookies in its email communications to personalise the email and track whether the mail has been opened or read and whether the recipient has used any website links contained in the email communication. This allows us to monitor and improve our email communications and website.

Complectus Limited cookies do not analyse visits to other website or any searches undertaken whilst on the Complectus Limited website.
Internet browsers normally accept cookies by default; however, it is possible to set a browser to reject cookies. If this is done it is important not to exclude the benign and useful session cookies. Choose an option that rejects all third party and long lived cookies.

Changes to the privacy policy

Complectus Limited may review and edit this policy from time to time. If we make any substantial change we will notify you by posting a prominent announcement on our website.

The policy was last updated on 22nd May 2018.