This privacy policy applies to Scottish Friendly group of companies’ services based in Glasgow offering a wide range of financial products and services. Scottish Friendly is committed to protecting the personal information we collect.
Privacy policy
Last updated March 2021
Our Privacy Policy explains when and why we collect, store, use and share personal information about our customers. It applies to personal information provided, either by you or by others on your behalf and explains the rights you may have in relation to the personal information that we hold on you.
You can read our privacy policy in full or use the links below to read a particular section. If you would like to print a copy of our Privacy Policy you can download the full version, available here.
-
1. About us
-
2. What information do we collect?
The personal information we collect about you will depend on the products and services you use. We have set out below examples of the types of information we may collect about you. We may receive this information from:
- You (including the devices that you use to contact us)
- Third parties we work with such companies who distribute our products, your solicitor, health professional
- Research organisation we use or
- Information that is publicly available
Where you provide information about other people, we expect you to be responsible for ensuring that they know we are using their personal information in accordance with this Privacy Policy and that you have obtained their consent.
We may ask you for, or you may voluntarily provide, sensitive information such as health information. We may collect this information when you purchase health insurance policies from us - in which case it will only be used with your consent, unless the law permits us to use such information without your consent. If you provide us with details of your health to help us to understand your specific circumstances, we will use it make appropriate adjustments to the products and services we offer based on the information you provide.
Special category data will only be used with your consent, unless the law permits us to use such information without your consent.
Information we may collect Examples of personal information we may collect Basic personal details
o Name
o Address
o Date of birth
o Gender
o Marital status
o Contact details
o National Insurance Number
Proof of identity o Passport
o Driving license
o Utility bill
o Birth certificate
o Marriage Certificate
Family details regarding o Spouse
o Partner
o Joint applicant
o Next of kin
o Dependants
o Designated beneficiary or trustee
Financial Information
o Bank details
Professional advisers’ details
o Financial Advisers
o Solicitors
Special Category data
o Physical
o Mental
o Family
o Medical history
o GP details
o Racial or ethnic origin
o Political opinions
o Religious or philosophical beliefs
o Trade union membership
o Genetic data
o Sex life/sexual orientation
Claim
o IP address (internet protocol address)
o Screens you access, time and date you access the mobile app, make and model of your mobile device, the operating system like iOS or Android
o Please see our Cookies policy on our website for more information.
Other
o Any other information you give to us
o Recording of telephone calls
o CCTV image if you visit our office
o Your preferences and interests when you tell us what they are or when we deduce them from what we know about you.
o Information you provide when entering prize draws, competitions or participating in customer research activities.
-
3. How we use your information
We use your information to
Examples
Administer your policy
o Assessing and processing your application
o Responding to your enquiries
o Managing and administering your product
o Dealing with claims
o Managing our relationship with you (for example, tracing you when we’ve lost touch to reunite you with the benefits of your product)
o Responding to any complaints you make
Processing your application
o Pricing to determine the price you will receive based on the information you give us for certain products
o To complete onboarding checks
Meet legal and regulatory obligations
o Verifying your identity
o Prevention and detection of crime including fraud, money laundering and obligations to check sanction lists.
Improve our business
o Marketing - please see the ‘Marketing and profiling’ section below
o Improving our products and services
o Maintaining service quality (calls to our customer services may be monitored and/or recorded for authentication, security, quality and training purposes)
o To profile our customer base and help us develop offers, products and services to provide you with the best customer experience. Please see the ‘Marketing and profiling’ section below for more information
o Contacting you to invite you to form part of our customer panel or research groups regarding our products, services or customer satisfaction surveys (you may be contacted by third parties on our behalf)
o Push notification through our App if you have signed up to receive them
o Research (for example, customer research) often conducted by a third party on our behalf
o Corporate reporting
o Analysis (for example, statistical analysis and customer profiling)
o “Retarget” web visitors via Google Adwords.
o Google Analytics third party audience data
o Targeted advertising via Facebook
-
4. Membership
We have a legal obligation to provide a copy of our members register to customers who request it which includes your name, address and the date you became a member and eligible to vote.
-
5. Marketing and Profiling
We may market to you by post. If you do not want to receive marketing from us by post, or if you have changed your mind about receiving marketing by email, texts and other electronic means please let us know by contacting our Customer Services Team. Our contact details can be located in the ‘Contact us’ section on our website.
We will only send you marketing messages by email, texts and other electronic means if we have your permission. You may receive marketing:
- direct from us; or
- from a third party on our behalf about a product or service that we think may be of interest to you.
We group and organise our customer information to help us develop offers, products and services to provide you with the best customer experience; this is known as profiling. We do this using the data on the interactions you have with us, your demographic data, and information on the products or services you have taken out with us.
We may analyse your personal information to create a profile so we can contact you with information that is relevant to you. We do not use profiling to make decisions about you which have legal or other significant effects.
-
6. Lawful basis for using your information
We will only collect, use and share your information where we have a valid reason to do so under the data protection legislation. We have four main reasons for using your information as shown below:
1 Contract – we have a contract with you to deliver a product or service to you or because you have asked us to take specific steps before entering into a contract. In order to perform that contract we need certain information from you; for example your contact details.
2 Legal basis – in some circumstances we are permitted by law to process your information, for example we need certain information from you in order to meet our legal obligations, such as proof of identity. This enables us to meet our fraud and anti-money laundering obligations.
3 To meet our Legitimate Interests – we may use your information for our legitimate business interests. When we process personal information to meet our legitimate business interests we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests ae not overridden by your interests or fundamental rights and freedoms.
4 Consent – there may be times when we need to obtain your explicit consent to collect and use your personal information (for example, when we need your consent to send you marketing messages by email, text and other electronic means). If we ask for your consent to process your personal information, you have the right to withdraw your consent at any time. Please see the section on ‘Your rights” further in this document for more information.
-
7. Who do we share information with?
We share your information with
Why we share it
Suppliers who provide services on our behalf
We use service providers, who agree to treat your data as securely as we do, in order to fulfil some of our business requirements for example, administer your policy on our behalf, welcome gift and benefit scheme suppliers and carry out searches that help us trace you if we lose touch.
Reinsurers
Reinsurers help us manage our risk and so they need to see information about the policies they are reinsuring.
Anyone you ask us to share your information with
If you ask us to share your information, for example with a trustee or professional adviser, we may check with you to confirm that the person asking for information on your behalf has your permission.
Regulatory, government and industry bodies such as:
o Financial Conduct Authority
o Information Commissioners Office
o HM Revenue & Customs
o Fraud Prevention Organisations
o Other Insurers
o Law enforcement bodies
To comply with our legal and regulatory obligations, this may include acting in accordance with best practice.
Customer research partners
We conduct customer research to understand what our customers think about the products and services we provide.
Sometimes we use third parties to undertake the research on our behalf. If you are contacted for research purposes we will clear about the purposes of the research, how any information you provide will be used, who will have access to it and how long will be kept. We will obtain your consent before we start the research.
Professional advisers such as:
o Auditor
o Trained medical professionals
We use professional advisers to provide services to us, for example legal advice, accountancy services, consultancy services and medical support services.
Courts and those involved in any legal process
If a court requires us to disclose your information or if it needs to be disclosed as part of a legal process.
-
8. Where do we send your information?
We store all of your data in the UK. No personal data will be processed outside of the UK without adequate data protection in place that is at least equivalent to the current UK data protection laws.
-
9. What if you do not provide personal information?
We try not to ask you for personal information that we do not need. If you do not provide certain information we may not be able to provider our service to you. For example, if you do not provide the information requested on a claim form we may not be able to process your claim.
-
10. Your rights
We have explained below your rights, but to keep things simple we have not included all the circumstances or conditions which apply to them. If you would like to exercise these rights please contact our Customer Services Team. Our contact details can be located in the ‘Contact us’ section on our website. If for any reason the right is limited or does not apply we will explain to you why this is the case.
Right to be informed – You have the right to be told how your personal information will be collected and used, which is detailed within this privacy policy.
Right of access (Subject Access Request) – You have the right to obtain the personal data that we hold about you and this will usually be free of charge. For your security, we will take reasonable steps to confirm your identity before providing you with any personal information we may hold on you.
Right to rectification - You have the right to have any personal data we hold concerning you rectified if you feel it is inaccurate or incomplete.
Right to data portability – you can request that we transfer information we hold about you to you or a third party in electronic form.
Right to erasure (Right to be forgotten) – in certain circumstances you can ask us to stop using or holding your information. If we can delete your information we will, but sometimes we have to maintain records for legal reasons. If we cannot comply with your request then we will contact you and explain why. If you ask us top stop using your information we will still keep it, but we will not do anything with it.
Right to object – You can ask us not to send you marketing messages.
Right to restrict processing – if you don’t want us to use your information for our business interests you can ask us to stop and we will do so unless there is an important reason why we need to continue using it.
-
11. How to update your information
It is important that the information we hold about you is accurate and up to date. Please let us know if your information changes, or the information we hold about you is incorrect. You can ask our Customer Services Team to update or correct your information free of charge.
-
12. How long do we keep your information?
We will keep your information for as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information for a period of time that enables us to:
- Maintain business records for analysis and/or audit purposes; or
- Comply with record retention requirements under the law;
- Defend or bring any existing or potential legal claims;
- Deal with any complaints regarding our products or services.
We will delete your personal information when it is no longer needed for these purposes. If there is any information that we unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the information.
We may send you marketing messages about our services for up to 2 years after your policy ends, unless you have opted-out of receiving marketing messages from us.
-
13. Changing this privacy policy
We may change this Privacy Policy from time to time to keep it up to date, or to comply with legal requirements. Any changes we make in the future will be posted on the Privacy Policy section of our website, and where necessary, notified to you.
-
14. Contact details
If you would like to contact the Scottish Friendly Data Protection Manager in relation to this Privacy Policy, please use the following details:
Data Protection Manager
Scottish Friendly Assurance Society Limited
Scottish Friendly House
16 Blythswood Square
Glasgow, G2 4HJE-mail at [email protected] .
-
15. Complaints
Please let us know if you are unhappy with how we have used your personal information. You can contact us using the details in the section above, so we can deal with your concerns.
If you remain dissatisfied, you have the right to complain to the Information Commissioner’s Office (ICO). You can contact the ICO on 0303 123 1113 or in writing to:
The Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF