The personal information we collect about you will depend on the products and services you use. We have set out below examples of the types of information we may collect about you. We may receive this information from:
You (including the devices that you use to contact us)
Third parties we work with such companies who distribute our products, your solicitor, health professional
Legal contracts or agreements
Research organisation we use or
Information that is publicly available
We may ask you for, or you may voluntarily provide, sensitive information such as health information. We may collect this information when you purchase health insurance policies from us - in which case it will only be used with your consent, unless the law permits us to use such information without your consent. If you provide us with details of your health to help us to understand your specific circumstances, we will use it make appropriate adjustments to the products and services we offer based on the information you provide.
Special category data will only be used with your consent, unless the law permits us to use such information without your consent.
Information we may collect
Examples of personal information we may collect
Basic personal details
o Date of birth
o Marital status
o Contact details
o National Insurance Number
Proof of identity
o Driving license
o Utility bill
o Birth certificate
o Marriage Certificate
Family details regarding
o Joint applicant
o Next of kin
o Designated beneficiary or trustee
o Bank details
Professional advisers’ details
o Financial Advisers
Special Category data
o Medical history
o GP details
o Racial or ethnic origin
o Political opinions
o Religious or philosophical beliefs
o Trade union membership
o Genetic data
o Sex life/sexual orientation
o IP address (internet protocol address)
o Screens you access, time and date you access the mobile app, make and model of your mobile device, the operating system like iOS or Android
o Please see our Cookies policy on our website for more information.
o Any other information you give to us
o Recording of telephone calls
o CCTV image if you visit our office
o Your preferences and interests when you tell us what they are or when we deduce them from what we know about you.
o Information you provide when entering prize draws, competitions or participating in customer research activities.
o Managing our relationship with you (for example, tracing you when we’ve lost touch to reunite you with the benefits of your product)
o Responding to any complaints you make
Processing your application
o Pricing to determine the price you will receive based on the information you give us for certain products
o To complete onboarding checks
Meet legal and regulatory obligations
o Verifying your identity
o Prevention and detection of crime including fraud, money laundering and obligations to check sanction lists.
Improve our business
o Marketing - please see the ‘Marketing and profiling’ section below
o Improving our products and services
o Maintaining service quality (calls to our customer services may be monitored and/or recorded for authentication, security, quality and training purposes)
o To profile our customer base and help us develop offers, products and services to provide you with the best customer experience. Please see the ‘Marketing and profiling’ section below for more information
o Contacting you to invite you to form part of our customer panel or research groups regarding our products, services or customer satisfaction surveys (you may be contacted by third parties on our behalf)
o Push notification through our App if you have signed up to receive them
o Research (for example, customer research) often conducted by a third party on our behalf
o Corporate reporting
o Analysis (for example, statistical analysis and customer profiling)
o “Retarget” web visitors via Google Adwords.
o Google Analytics third party audience data
o Targeted advertising via our social media platforms
To enable you to participate in a Prize Draw
o When you are automatically entered into our prize draws by creating an account or investing with us, our lawful basis for processing your information is legitimate interests.
o We have a legitimate interest in promoting our business by offering you, as a customer, the opportunity to automatically participate in our prize draws.
o You have the right to opt-out of our prize draws at any time - you can do this by sending an email to us at [email protected] or by sending any other form of communication to Scottish Friendly.
We may market to you by post. If you do not want to receive marketing from us by post, or if you have changed your mind about receiving marketing by email, texts and other electronic means please let us know by contacting our Customer Services Team. Our contact details can be located in the ‘Contact us’ section on our website.
We will only send you marketing messages by email, texts and other electronic means if we have your permission. You may receive marketing:
direct from us; or
from a third party on our behalf about a product or service that we think may be of interest to you.
We group and organise our customer information to help us develop offers, products and services to provide you with the best customer experience; this is known as profiling. We do this using the data on the interactions you have with us, your demographic data, and information on the products or services you have taken out with us.
We may analyse your personal information to create a profile so we can contact you with information that is relevant to you. We do not use profiling to make decisions about you which have legal or other significant effects.
We will only collect, use and share your information where we have a valid reason to do so under the data protection legislation. We have four main reasons for using your information as shown below:
1 Contract – we have a contract with you to deliver a product or service to you or because you have asked us to take specific steps before entering into a contract. In order to perform that contract we need certain information from you; for example your contact details.
2 Legal basis – in some circumstances we are permitted by law to process your information, for example we need certain information from you in order to meet our legal obligations, such as proof of identity. This enables us to meet our fraud and anti-money laundering obligations.
3 To meet our Legitimate Interests – we may use your information for our legitimate business interests. When we process personal information to meet our legitimate business interests we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests ae not overridden by your interests or fundamental rights and freedoms.
4 Consent – there may be times when we need to obtain your explicit consent to collect and use your personal information (for example, when we need your consent to send you marketing messages by email, text and other electronic means). If we ask for your consent to process your personal information, you have the right to withdraw your consent at any time. Please see the section on ‘Your rights” further in this document for more information.
We use service providers, who agree to treat your data as securely as we do, in order to fulfil some of our business requirements for example, administer your policy on our behalf, welcome gift and benefit scheme suppliers and carry out searches that help us trace you if we lose touch.
Reinsurers help us manage our risk and so they need to see information about the policies they are reinsuring.
Anyone you ask us to share your information with
If you ask us to share your information, for example with a trustee or professional adviser, we may check with you to confirm that the person asking for information on your behalf has your permission.
Regulatory, government and industry bodies such as:
o Financial Conduct Authority
o Information Commissioners Office
o HM Revenue & Customs
o Fraud Prevention Organisations
o Other Insurers
o Law enforcement bodies
To comply with our legal and regulatory obligations, this may include acting in accordance with best practice.
Customer research partners
We conduct customer research to understand what our customers think about the products and services we provide.
Sometimes we use third parties to undertake the research on our behalf. If you are contacted for research purposes we will clear about the purposes of the research, how any information you provide will be used, who will have access to it and how long will be kept. We will obtain your consent before we start the research.
Professional advisers such as:
o Trained medical professionals
We use professional advisers to provide services to us, for example legal advice, accountancy services, consultancy services and medical support services.
Courts and those involved in any legal process
If a court requires us to disclose your information or if it needs to be disclosed as part of a legal process.
We try not to ask you for personal information that we do not need. If you do not provide certain information we may not be able to provider our service to you. For example, if you do not provide the information requested on a claim form we may not be able to process your claim.
We have explained below your rights, but to keep things simple we have not included all the circumstances or conditions which apply to them. If you would like to exercise these rights please contact our Customer Services Team. Our contact details can be located in the ‘Contact us’ section on our website. If for any reason the right is limited or does not apply we will explain to you why this is the case.
Right of access (Subject Access Request) – You have the right to obtain the personal data that we hold about you and this will usually be free of charge. For your security, we will take reasonable steps to confirm your identity before providing you with any personal information we may hold on you.
Right to rectification - You have the right to have any personal data we hold concerning you rectified if you feel it is inaccurate or incomplete.
Right to data portability – you can request that we transfer information we hold about you to you or a third party in electronic form.
Right to erasure (Right to be forgotten) – in certain circumstances you can ask us to stop using or holding your information. If we can delete your information we will, but sometimes we have to maintain records for legal reasons. If we cannot comply with your request then we will contact you and explain why. If you ask us top stop using your information we will still keep it, but we will not do anything with it.
Right to object – You can ask us not to send you marketing messages.
Right to restrict processing – if you don’t want us to use your information for our business interests you can ask us to stop and we will do so unless there is an important reason why we need to continue using it.
It is important that the information we hold about you is accurate and up to date. Please let us know if your information changes, or the information we hold about you is incorrect. You can ask our Customer Services Team to update or correct your information free of charge.
We will keep your information for as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information for a period of time that enables us to:
Maintain business records for analysis and/or audit purposes; or
Comply with record retention requirements under the law;
Defend or bring any existing or potential legal claims;
Deal with any complaints regarding our products or services.
We will delete your personal information when it is no longer needed for these purposes. If there is any information that we unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the information.
We may send you marketing messages about our services for up to 2 years after your policy ends, unless you have opted-out of receiving marketing messages from us.