At Alpine Insurance Services Ltd (AISL), We are committed to ensuring your privacy and personal information is protected at all times. AISL complies with its obligations under the General Data Protection Regulation (GDPR) by keeping personal data up to date, by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
When we collect and use your personal information, we ensure we look after it properly and use it in accordance with our privacy principles set out below, keep it safe and will never ever sell it
Our Privacy Principles
1. Personal information you provide is processed fairly, lawfully and in a transparent manner.
2. Personal information you provide is collected for the purpose of obtaining an insurance quotation or purchasing an insurance policy.
3. Your personal information is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
4. Your personal information is kept accurate and, where necessary kept up to date.
5. Your personal information is kept no longer than is necessary for the purposes for which the personal information is processed.
6. We will take appropriate steps to keep your personal information secure.
7. Your personal information is processed in accordance with your rights.
8. We will only transfer your personal information to another country or an international organisation outside the European Economic Area where we have taken the required steps to ensure that your personal information is protected. Such steps may include placing the party we are transferring information to under contractual obligations to protect it to adequate standards.
9. Alpine Insurance Services Ltd does not sell your personal information and we also do not permit the selling of customer data by any companies who provide a service to us
How do we collect your personal information?
Whilst there are a number of ways in which we collect your personal information, the two main ways we might collect personal information about you are from things you tell us yourself, and from things we ask other people or organisations to share with us. Things you tell us could include conversations we have on the phone, what you’ve written on an application form or if you post something on one of our forums. We might also collect information about you from other people and organisations, such as credit agencies, or by checking databases, such as the electoral register. Please see below for a list of ways we collect your personal information:
We collect personal information directly from you:
- when you purchase any of our products or services;
- through quotes and application forms;
- via our telephone calls with you, which may be recorded;
- when you provide your details to us
- via enquiry, registration and claim forms;
- via feedback forms and forums;
What personal information do we collect?
We might collect personal information, such as your contact details, information about your bank or credit cards. The information we collect depends on which product or service you’re interested in for example if you are interested in obtaining car or travel insurance, we’ll collect information about the car you drive or where you’re planning to travel. Please see below for a more detailed list of personal information we collect.
The Information that is collected will depend on our relationship with you. Where other people are named on your policy, we may ask you to provide information below in relation to those people too, if this is relevant to your insurance.
When Alpine Insurance Services Ltd acts as a data controller of your personal information we may record the following about you and others relevant to your insurance:-
- Contact details such as name, email address, postal address and telephone number
- Details of any other persons included on the policy where they are named on your policy and the relationship to you as policyholder
- Identification information such as your date of birth, national insurance number, passport and driving licence
- Financial information such as bank details, credit card details and information obtained as a result of our credit checks
- Information relevant to your insurance policy such as details about your vehicle, property, previous policies or claims, recent damage, information about your travel plans, destination, planned activities and dates of travel
- Information relevant to your claim or your involvement in the matter giving rise to a claim
- Information about the nature of your business and commercial assets
- Details of bankruptcies and other financial sanctions such as HMRC investigations
Sensitive personal information
- Details of your current or former physical or mental health
- Details regarding criminal offences, including alleged offences, criminal proceedings, outcomes and sentences (previous criminal convictions, bankruptcies and other financial sanctions such as County Court Judgements)
How do we use your personal information?
We only use your personal information to provide you with an insurance quotation or insurance policy that meets your own personal needs. However, there are a number of other reasons why we use your personal information; please see below for a more detailed list of how we use your personal information.
- Processing is necessary in order for us to provide your insurance policy and services, such as assessing your application and setting you up as a policyholder, administering and managing your insurance policy, providing all related services, providing a quote, assisting with claims and communicating with you. In these circumstances, if you do not provide such information, we will be unable to offer you a policy or process your claim.
- Where we have a legal or regulatory obligation to use such personal information, for example, when our regulators, the Prudential Regulatory Authority, (PRA), the Financial Conduct Authority (FCA) and our data protection regulator, the Information Commissioner’s Office (ICO) wish us to maintain certain records of any dealings with you.
- Where we need to use your personal information for reasons of substantial public interest, such as investigating fraudulent claims and carrying out fraud, credit and anti-money laundering checks.
- Where you have provided your consent to our use of your personal information. We will usually only ask for your consent in relation to processing your sensitive personal information. This will be made clear when you provide your personal information. If we ask for your consent we will explain why it is necessary. Without your consent in some circumstances, we may not be able to provide you a policy or you may not be able to benefit from some of our services. Where you provide sensitive personal information about a third party (such as a named driver) we will ask you to confirm that the third party has provided his or her consent for you to act of their behalf.
- All the personal data that we hold about you will be processed by our staff in the United Kingdom, and no third parties will have access to your personal data without your consent, or unless there is a legal obligation for us to provide them with this information.
Who do we share your personal information with?
Who might we disclose your personal information to?
Disclosures to third parties
- We are required or permitted to do so by law or by regulatory bodies such as where there is a court order, statutory obligation or Prudential Regulatory Authority / Financial Conduct Authority or Information Commissioners Office request; or we believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action (including fraud) or is otherwise in the overriding public interest.
- Where you have named an alternative contact (such as a relative) to speak with us on your behalf. Once you have told us your alternative contact, this person will be able to discuss all aspects of your policy (including claims and cancellation) with us and make changes on your behalf.
- Our insurance partners such as companies, other insurers, reinsurers or other companies who act as insurance distributors
- Other third parties who assist in the administration of insurance policies such as another Insurance Company if there has been an accident which requires a claim to or from that Insurance Company
- Fraud detection agencies and other third parties who operate and maintain fraud detection registers
- The police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime
- Motor Insurers’ Information Centre and the DVLA
- Passing information to a third party for the purpose of validating your No Claims Discount (NCD) entitlement and this may be made available to other insurers Also to other companies or insurers for the purpose of validating your NCD entitlement
- Our third party services providers such as IT suppliers, auditors, lawyers, document management providers and tax advisers
- Other suppliers, providers of goods and services associated with this insurance and/or to enable us to deal with any claims you make
- Financial organisations and advisers
- Central Government
- The Financial Ombudsman Service and regulatory authorities such as the Financial Conduct Authority and the Information Commissioner’s Office
- Loss Adjusters
- Credit reference agencies
All the personal data that we hold about you will be processed by our staff in the United Kingdom, and no third parties will have access to your personal data without your consent, or unless there is a legal obligation for us to provide them with this information. Please be aware however that your personal data may be stored on a cloud-based system whose servers are located within the European Union.
How long do we keep records for?
In most cases, we only keep your information for as long as the regulations say we have to. This is usually between three and ten years after our relationship with you ends but it will vary depending on what data we hold, why we hold it and what we’re obliged to do by the regulator or the law.
The time period we retain your personal information for will differ depending on the nature of the personal information and what we do with it.
How long we keep personal information is primarily determined by our regulatory obligations. We typically keep quote information for 3 years, and policy and claims records for up to 10 years from the end of our relationship with you.
In some cases, such as if there is a dispute or a legal action we may be required to keep personal information for longer.
Long-term insurance products such as liability insurance is kept for an extended period
You have the following rights in relation to our use of your personal information.
The right to access your personal information
You are entitled to a copy of the personal information we hold about you and certain details of how we use it. There will not usually be a charge for dealing with these requests. Your personal information will usually be provided to you in writing, unless otherwise requested, or where you have made the request by electronic means, in which case the information will be provided to you by electronic means where possible.
The right to rectification
We take reasonable steps to ensure that the personal information we hold about you is accurate and complete. However, if you do not believe this is the case, please contact us by using the details shown in your documentation and you can ask us to update or amend it.
The right to erasure:
In certain circumstances, you have the right to ask us to erase your personal information, for example where the personal information we collected is no longer necessary for the original purpose or where you withdraw your consent. However, this will need to be balanced against other factors, for example according to the type of personal information we hold about you and why we have collected it, there may be some legal and regulatory obligations which mean we cannot comply with your request.
Right to restriction of processing:
In certain circumstances, you are entitled to ask us to stop using your personal information, for example where you think that the personal information we hold about you may be inaccurate or where you think that we no longer need to process your personal information.
Right to data portability:
In certain circumstances, you have the right to ask that we transfer any personal information that you have provided to us to another third party of your choice. Once transferred, the other party will be responsible for looking after your personal information.
Right to object to direct marketing:
You can ask us to stop sending you marketing messages at any time. Please see the Marketing section for more information.
AISL uses automated anti-fraud filters that check against lists of people known to have undertaken fraudulent transactions and will reject those applicants on the basis they are likely to defraud the company.
The right to withdraw consent:
For certain uses of your personal information, we will ask for your consent. Where we do this, you have the right to withdraw your consent to further use of your personal information. Please note in some cases we may not be able to process your insurance if you withdraw your consent.
You are in control of how we use your information for marketing. We will only contact you if you’ve agreed it’s okay.
Then, we might use your information to tell you about insurance products and services that could interest you or benefit you.
We do not sell your personal information to any third party marketing companies.
The right to lodge a complaint
You have a right to complain to the ICO at any time if you object to the way in which we use your personal information. More information can be found on the Information Commissioner’s Office website: https://ico.org.uk/
You can make any of the requests set out above using the contact details provided to you in this statement. Please note that in some cases we may not be able to comply with your request for reasons such as our own obligations to comply with other legal or regulatory requirements. However, we will always respond to any request you make and if we can’t comply with your request, we will tell you why.
In some circumstances exercising some of these rights will mean we are unable to continue providing you with cover under your insurance policy and may therefore result in the cancellation of the policy. You will therefore lose the right to bring any claim or receive any benefit under the policy, including in relation to any event that occurred before you exercised your right, if our ability to handle the claim has been prejudiced. Your policy terms and conditions set out what will happen in the event your policy is cancelled.
To exercise all relevant rights, or to raise queries or complaints, please in the first instance contact the Data Protection Officers, Stephen Wilkie, or Paul Lamkin.
By email: firstname.lastname@example.org
By post: The Data Protection Officer, Alpine Insurance Services Limited, 250 London Road, Hadleigh, Essex SS7 2DT
You can contact the Information Commissioner’s Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or by post at The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF