Privacy & Security Policy
Who we are
SPB UK & Ireland Ltd is the group name of the following companies:
- Citymain Administrators Ltd
- Citymain Ltd
- Burnett & Associates Ltd
- Burnetts Computer Services Ltd
- Phone Service Centre Ltd.
- Loyal Insurance Services Ltd
- Square Pound Ltd
At SPB UK & Ireland we collect and use personal information for insurance policy, claims and card loss administration services. We are aware of our responsibilities to handle your personal data with care, to keep it secure and comply with applicable privacy and data protection laws.
We will ensure that transfers of personal data to a third country or an international organisation are subject to appropriate safeguards in accordance with UK GDPR.
The purpose of this policy is to provide a clear explanation of when, why and how we collect and use information which may relate to your "personal data" and explains your statutory rights.
What information we collect and how
We will collect data from you when you contact us directly for a policy quotation or visit one of our websites. * If you purchase a policy from one of our business partners your personal data will be provided to enable us to provide policy, claims and card loss administration services.
We may also collect information about you from other sources to help fraud detection and financial crime prevention. These other sources include registers held by reputable organisations.
The data collected may include:
Any personal details you provide when requesting a quotation or when you purchase insurance such as name, address, email address, telephone number, bank sort code and account number if your policy is paid by monthly direct debit.
- Any personal details forwarded to us by a third party on whose behalf we are providing a policy, claim or card loss administration service on behalf of the third party.
- Your IP address (this is your computer's individual identification number) which is automatically logged by our web server. This is used to note your interest in our website.
- Your preferences and use of email updates (if you select to receive email updates on products and offers).
- Session information stored in cookies, these do not include any personal information and are used to ensure the correct data is extracted from the database when using our interactive systems.
- Any additional information you submit to make a claim for example date of birth, name and address of the device user and vehicle registration number if item stolen from a car and other information you provide when making a claim. Further we may hold police crime reports.
- Any additional information you submit while using any of our websites
*Please note that some elements of our websites are managed and operated by our Group Head office at 71 Quai Colbert 76095 Le Havre Cedex France, and therefore will be subject to the following:
In accordance with French data protection legislation of January 6, 1978 as amended by the Act of August 6, 2004 (articles 38-43 of Act no. 78-17 of January 6, 1978 concerning "Information Technology, Files and Freedom of Information") you have the right to access, change, correct or delete information that refers to you by name. To exercise this right, you should write to firstname.lastname@example.org
For information on France's data protection legislation, please visit the website of the French Commission Nationale de l’Informatique et des Libertés at www.cnil.fr.
What we use your information for
Any personal data we collect from any website or by other means will be used in accordance with the Data Protection Act 2018 and UK General Data Protection Regulation.
The details we collect will be used as follows:
- If you are a prospective insured person we will use your personal data to consider an application to provide a quotation for an insurance policy, assess and evaluate risk, and, subject to applicable terms and conditions, provide you with a policy on the behalf of the insurer.
- To provide any related services such as policy administration in connection with any product you have purchased. In respect of claims handling services, the data will be used to assess the claim made and to evaluate the risk of fraud. We will also use personal data related to a claim to inform the renewal process and potentially future policy applications.
- To invite renewal of your policy, where applicable
- To contact you for marketing purposes but only where we have appropriate permissions to make contact.
- To analyse information in our various systems and databases to help improve the way we run our business and to provide a better service. To do this, we will use third party organisations for monitoring how customers use any website and issuing our e-mails for us. Please note where appropriate anonymised data fields will be used (particularly in relation to policy and claim information). In respect of Google analytics, the information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for evaluating your use of the website, compiling reports on website activity for us and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google.
We use your data in order to provide policy administration and claims administration services related to your insurance policy. Your data may also be used by us and/or S A Meacock and Co Ltd (who is the insurer) for fraud prevention purposes and may be shared with insurance industry anti-fraud databases for that purpose.
Protecting your privacy
We work with third parties to help manage our business and deliver services. These third parties may, from time to time, need to have access to your personal data. In addition, access may also be required as follows:
- the Insurer of the policy and regulator and organisations working to prevent fraud in financial services may require access to your personal data. We require all of our service providers to respect the confidentiality and security of personal data.
- When providing a service in relation to a claim; loss adjusters and service providers for the repair and replacement of an item and third parties who help manage our IT and back office systems.
We may be under legal or regulatory obligations to share your personal data with courts, regulators, law enforcement or in certain cases other insurers.
Where prior consent has been obtained from you we may use your personal data to send you direct marketing communications about insurance products or related services. This may be in the form of email, post, SMS, telephone or targeted online advertisements. Any marketing will be reasonable and proportionate. You have a right to prevent direct marketing of any form at any time. This right can be exercised by following the opt-out links in electronic communications, or by contacting us directly.
How long do we retain your information
Your personal information will not be retained for longer than is necessary and will be managed in accordance with our data retention policy. In most cases the retention period will be for a period of seven years following the policy record expiry date or the date of claim notification.
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact our Data Protection Officer below for any of these requests.
Data Protection Officer
SPB UK & Ireland
Telephone: 02392 836839
Automated Decisioning In Claims
In some cases where you register the need to make a claim under your policy, we may use automated processes to determine whether your claim falls within the scope of cover. This decisioning includes logic around the covered circumstances and is directly related to any cover and limits in place. We have relevant quality processes in place to ensure the accuracy of any claims decision where an automated process is in place.
We ask that you please attempt to resolve any issues with us first, by contacting the Data Protection Officer at email@example.com.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk