5. How we use the data we collect
The Data Protection Regulation gives us a number of different conditions to allow us to process your information lawfully. We’ll only use your information when one of those conditions has been satisfied. Below you can see how we use your information and the legal grounds for processing this.
5.1 Product information requests
If you request product information from us, we collect any or all of the following information:
- Title, name, address, telephone number, email address, and date of birth.
This data will be collected from either a coupon that you have completed, or via telephone or email if you contact us.
The data you supply will be used for the following purposes:
- To send you an information pack in the post to fulfil your request for further product information. Our lawful basis for processing the information you give us is ‘contract’, because you have asked us to provide more product information before you can enter into a contract with us. If you have not taken out the product you enquired about or requested a further information pack within the first 3 months of your original request, we will stop processing your data for the purpose of providing an information pack.
- To send you information about Scottish Friendly products. When you enquire and express an interest in receiving information about our products and services, our lawful basis for processing your information for this purpose is ‘legitimate interest’. If you have not taken out a product with us within the first 2 years of your original request, we will stop processing your data for the purpose of sending you information about Scottish Friendly products. We will aim to retain your data in our marketing database for a maximum of 12 months after the date that we stop processing the data, after which it will be delete as soon as practicable.
- To email you with news and information from Scottish Friendly including information about our products and services. Processing is required to fulfil your request and by consenting to receive news, product and service information via email you agree to your data being processed on this basis.
- To "retarget" web visitors via Google Adwords, on the basis of our Legitimate Interests. For example, we may use Google's "retargeting" service to target our ads to you based on your prior use of our www.scottishfriendly.co.uk website when you visit other sites in Google's content network. For example, if you browsed our Junior Investment ISA on www.scottishfriendly.co.uk but left our site before converting, we may serve you an advertisment related to our Junior ISA when you are browsing other websites on the Google Content Network. This could be a banner ad space on a news website.
- We use Google Analytics' 3rd-party audience data such as age, gender, and interests to better understand the behaviour of our customers and work with companies that collect information about your online activities to provide advertising targeted to suit your interests and preferences. For example, you may see certain ads on this website or other websites because we contract with Google and other similar companies to target our ads based on information we or they have collected, including information that was collected via automated means (such as cookies). These companies also use automated technologies to collect information when you click on our ads, which helps track and manage the effectiveness of our marketing efforts. Google collects data about your activities that does not personally or directly identify you when you visit our wesbite, the website of entities for which we serve advertisements (our "Advertisers"), or the websites and online services where we display advertisements ("Publishers"). We use the information we collect to deliver you more relevant advertisements (referred to as "Retargeting"). Users may opt out of Google's use of cookies by visiting the Google Advertising Opt-out page.
- Existing Scottish Friendly customers may be "retargeted" via Google, our "Advertisers" and our "Publishers" from the email address associated with their Scottish Friendly account. From the email address, we identify data such as interests, online behaviours, and IP address to "retarget" you with other products/services on the basis of our Legitimate Interests. Users may opt out at any time by visiting Google Analytics Opt-out page or emailing directmarketing@scottishfriendly.co.uk
5.2 Setting up your product
When you apply for a product with us, we collect the information you provide as follows:
- Title, name, address, telephone number, email address, date of birth, investment selection, investment amounts, payment details, National Insurance number and marketing preferences.
- We may also collect certain medical data if your product includes any element of insurance such as our tax-exempt savings plans and life assurance products. We only process and store this sensitive data for the purposes of providing an insurance quote and ensuring claims are validly paid.
When you apply for our products your data may be used for the following purposes:
- To issue a limited number of emails to you within a short period of time if you do not fully complete the application, to identify if there is an issue we can help you with.
- To issue your confirmation email to confirm we are processing your application, if you have applied online.
- Processing the application for the product that you have applied for.
- To issue your welcome pack that contains your policy documentation.
- To issue your welcome gift, where applicable.
- To provide you with your My Benefits card, where applicable.
- To validate cashback payments from cashback websites, where applicable.
- To provide you with customer correspondence in relation to your product.
Processing is required to fulfil our contractual obligations to you. We will retain this data for the purposes of fulfilling our legal and regulatory duties, even after you close your product.
5.3 Sending you marketing communications about our products and services
When you apply for a product with us, we may use the information you provide to:
- Issue an electronic customer feedback survey.
- Send you information related to your product and other products you may be interested in. We will only do this if you have opted-in to consent to receive this information.
- Administer any prize draws or competitions that you enter. We will only do this if you have opted-in to consent to entering a prize draw or competition.
When your data is processed for marketing activity we may rely on our ‘legitimate interest’ to do so. This means that we will process your personal data when it is necessary for a legitimate business interest – as long as it is used fairly and without affecting your individual rights. We will never use your personal data unless we’ve ensured that it is fair and balanced to do so, it is within your expectations, and it is not unduly intrusive.
When you complete a survey you agree to your data being used for research.
We may analyse your personal information to create a profile so we can contact you with information that is relevant to you (see also section 5.10 below).
When you no longer have a product with us we will continue to contact you with information about our products and services for up to 2 years after your cancellation request and our lawful basis for processing your information for this purpose is ‘legitimate interest’. We will aim to retain your data in our marketing database for a maximum of 12 months after the date that we stop processing the data, after which it will be deleted as soon as practicable.
5.4 Product adminstration
If you contact us, we may collect any of the following information:
- Personal details to verify your identity.
- The conversation that takes place between us via the recording of your call.
- Requests you make such as changing your payments, changing your fund selection or making a withdrawal.
- Changes you notify us about to update your personal data, such as managing any changes of address or name.
- Correspondence that you send to us to undertake the processing of any claims you make.
- Correspondence that you send to us to respond to your queries or complaints.
This processing is required to fulfil our contractual obligations to you and by contacting us you agree to your data being processed on this basis.
Where you have taken a policy out via one of our protection cover partners we will receive your information from them. We may also need to source information if we lose touch, such as your contact details, to tell you about your product.
5.5 Email newsletter subscriptions
If you choose to sign up to our email newsletter service, we collect the following information:
This data will be used for the following purposes:
- Contacting you by email with news and information from Scottish Friendly.
This processing is required to fulfil your request and by consenting to receive product and service information via email you agree to your data being processed on this basis.
5.6 Web Access Statistics
Our websites use a variety of technologies that collect information about how visitors use our website. If you use our online services we collect the following information:
- URL of requested resource.
- Request timestamp.
- Client's IP address or hostname.
- HTTP request method.
- Data bytes in response.
- Response status code.
- User agent information.
This data will be used for the following purposes:
- Web site and system administration.
This data will be used by Scottish Friendly and our suppliers in order to monitor website and marketing campaign performance for analytical and research purposes. Our legitimate interest in processing this data is to ensure that our website is secure and works well.
5.7 Information from other sources
If you use another website that advertises our products and services, your data will only be passed to us with your permission. Where we receive your information, in addition to any product application data we receive, we will also collect the following data:
- HTTP cookies [see cookie policy for an explanation of a 'cookie'].
- Clickstream information.
This data will be used by Scottish Friendly and our suppliers with the legitimate interest to monitor website and marketing campaign performance for analytical and research purposes.
5.8 Research and analytics
Some or all of the information that you supply to us may also be used for research and statistical purposes. We study this to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
- Our products are developed with a particular set of customer needs in mind. To make sure your policy is still suitable for you and is working as we intended, we combine your information with others to analyse and segment it.
- We also combine your information with other customers’ to assess how much money we need to have available at any particular time.
- We may conduct research before we launch new products or before we make changes or improvements to existing products to make sure it’s the right thing to do. We might also conduct research to ask customers what they think of our products and services.
Our legitimate interest for research and analytics is to be able to identify groups of customers who may be interested in any new products we’re thinking about tailoring and developing. This is to make sure the features and charges are fair, as well as ensuring the products we provide you remain suitable.
We need to make sure our communications are easy to understand and that products are sold to the correct audience. To achieve this we use research to make sure our communications are efficient and connect with the right people; so that ultimately we have confidence that we are developing products with our customers’ in mind.
We also use research and analytics to make sure we are looking after your money as effectively as possible.
5.9 Automated decisions
We may use systems to make automated decisions based on personal information we have – or are allowed to collect from others – about you. This helps us to make sure our decisions are quick, fair, efficient and correct, based on what we know.
These automated decisions can affect the products we may offer you now or in the future, or the price that you are quoted. The type of automated decision we make includes:
- Pricing - we may decide what to quote for protection products based on what we know. If you apply for life assurance online with a re-insurer that we work with, our automated system may generate a price and decision based on your age and/or your health information provided.
You have the right to ask that we do not use your data to make automated decisions but this may mean that we are unable to provide a product or service to you.
You can object to an automated decision and ask that a person reviews it. If you want to know more about these rights, please contact us using the address above.
5.10 Customer profiling
Socio-economic
We may undertake research to provide us with insight into our customer types. We use commercially available sources of geodemographic data which uses a variety of publicly available and market research sources to divide the UK population into a series of categories. These categories are a way of grouping people who are likely to have similar social, demographic (e.g. age, location) and financial circumstances. The results are assessed and combined so we get a picture of our customers as a whole.
We keep a record of the category that you fall into so we can tailor our communications to you.
Vulnerability
The Financial Conduct Authority defines a vulnerable consumer as someone who, due to their personal circumstances is especially susceptible to disadvantage. It’s been identified that a lot of people will be vulnerable at some point in the life, so we need to make sure we can identify who these customers are and support them.
When you contact us and we suspect you may be less financially aware or less engaged in financial matters based on what you tell us, we will let you know that we are treating you as a vulnerable customer. We may also keep a note of this in your record so we can tailor this in our communications with you.
Customer Profile
We may also analyse the personal data we hold on you to build up a profile that we can use to help us understand what you would like from us. We do this using the data on: the interactions you have with us, your demographic data, and information on the products you have taken out with us.
5.11 Membership
We have a legal obligation to provide a copy of our members register to customers who request it. This includes your name, address and the date you became a member and eligible to vote.