Protecting your personal privacy
The Simplyhealth Group is committed to protecting your right to privacy. We appreciate the sensitivity of the personal information that you disclose when you visit, or register on, our websites.
We observe high standards of confidentiality and comply with the Data Protection Act 1998, in respect of which we are a registered data controller.
This policy will help you understand why we collect your personal information, how it is used and what your rights are. It will enable you to make an informed decision as to whether you give us your personal information via our websites.
How we collect your personal information
When you register with us we will only record personal information with your knowledge and explicit consent. The personal information you provide, which may include your name, date of birth, email address, phone and fax numbers, will depend on the product or service to which you subscribe. We receive your personal information in the following ways:
When you give us your information
We collect information directly from you when you register for services via our websites, over the phone or via post.
When we get your information from other sources
We may acquire your information from reputable third party companies who operate in accordance with the Data Protection Act 1998. You will have already submitted your personal information to these companies and specifically given permission to allow them to pass it on to other companies that provide similar or complementary products and services to us.
When the website automatically stores information
We collect certain types of information from your web browser via 'cookies' when you use our websites. You can choose to visit our website anonymously and there are browser utilities to help you do this. However, you should be aware that if you configure your browser to 'disable cookies' then we would not be able to deliver an enhanced and personalised experience, as we would not be able to identify you.
How we use your personal information
As the Data Controller, we will store and process your personal data in accordance with the Data Protection Act 1998.
We will use your information only to inform you about, or administer Simplyhealth Group products or services, where you have expressly given your consent.
We use the information that we collect about you to notify you about our news, products and services or special offers, process payments and administer your policy and account. Using your personal information also enables us to personalise and enhance our online services to deliver a better experience for you. We also monitor your website usage to help us develop the website design and layout for your benefit.
If you buy a policy we and other Simplyhealth Group companies will use your information to provide our services, for assessment and analysis, for underwriting and claims handling, to improve our services, and to protect our interests.
We may use your information to keep you informed by post, telephone or other means about products and services, which may be of interest to you. If you do not wish your information to be used for these purposes, please write to:
The Data Protection Officer
We will keep information about you confidential. However, we may give information about you and how you use our products to the following:
1) Insurance companies, fraud prevention agencies and other organisations who may record, use and give out information to other insurers
2) People who provide a service to us or acting as agents on the understanding that they will keep the information confidential
3) Anyone to whom we may transfer our rights and duties under any agreement we have with you
4) We may also give out information about you if we have a duty to do so (such as to regulatory bodies including regulatory and governing bodies that preside over the practitioners for the type of treatment you have received), or if the law allows us to do so or if the person requesting the information has in our opinion, a legitimate interest in the disclosure.
Sensitive Personal Data
In order to assess the terms of the insurance contract or administer claims we may collect data, which the Data Protection Act 1998 defines as "sensitive personal data". By agreeing to the Policy Terms and Conditions you consent to this data being processed by us for these specific purposes. We will not use your sensitive personal data for any other reason unless we have first obtained your explicit consent.
How we share your information with third parties
Sometimes, we work in partnership with other companies that fulfill services on our behalf. For example, we use third party companies to processes credit card payments and provide marketing services.
We only provide them with access to personal information that is needed to perform their particular business function.
How we transfer your information
Your personal data will only be transferred between Simplyhealth Group locations, or Simplyhealth Group locations and authorised third party locations that meet adequate protection as stipulated in the Data Protection Act 1998. Where required, we will ensure that appropriate contracts are in place to secure the privacy of your personal details.
How we make your personal information secure
We have implemented the appropriate security to protect the personal information you disclose to us from loss, misuse, unauthorised access, disclosure, alteration and destruction. All personal information you provide to us is held on a secure server for as long as is reasonably necessary.
You should be aware that communications over the internet, which includes emails and registering on our websites, are not secure unless they have been encrypted.
We protect personal information that you input via the internet on our websites by using Secure Sockets Layer (SSL) software to encrypt the data.
However, email communication is not a secure medium and poses risks beyond our reasonable control. As a result errors and omissions in data can occur, for which we cannot accept any responsibility.
We strongly advise you to protect the confidentiality of your username and password to prevent unauthorised access to any private information. You should be aware that you are responsible for how our websites are used when your username, password and any other information which helps to identify you is entered to gain access to secure web pages.
This applies when you or another unauthorised party makes use of our websites. If you think that your username and password or any other information which helps to identify you is not secure, or is being misused please notify:
The Data Protection Officer
How we monitor communications
We may record or monitor telephone calls to and from Simplyhealth Group companies for training purposes, and to help us continually improve our products and services for you.
We also monitor incoming and out going email to enable us to protect our internal business systems.
How we link to other websites
We will provide links from Simplyhealth Group websites to other websites that are not operated by the Simplyhealth Group. Other websites may also reference or link to our websites. You should be aware that we are not responsible for the content or privacy practices of any websites other than ours.
How to remove your personal information from our records
If you have subscribed to receive notification about our products and services, you can request for your personal information to be taken off our lists, so you don't receive any further updates.
All our communications will offer you the opportunity to unsubscribe at the time you receive them. Alternatively you can contact:
The Data Protection Officer
Include your full name and address to be removed from our subscription lists. You will be notified that your personal information has been removed from our records. Please allow 7 days for this process to be completed.
If you have subscribed to our online policy services, before we unsubscribe you, we will need to check there are no outstanding transactions that require your personal data to complete. We will notify you if transactions are unresolved and when your data has been removed.
You should be aware that if you unsubscribe from our online policy services, you will no longer be able to access your information, or administer your policy online. If you have an active policy with us, we will need to keep a record of your personal information for as long as the policy is in effect.
How to contact us
The Data Protection Officer