DNA Insurance Service Limited is committed to protecting the privacy and confidentiality of all individuals and takes its responsibilities regarding the security of data very seriously. We abide by the rules of the General Data Protection Regulation (GDPR) upheld by the Information Commissioner Officer (ICO) and are authorised and regulated by the Financial Conduct Authority (FCA) to advise and arrange insurance products. This includes processing any personal data lawfully, fairly and in a transparent manner.
Information collected via our website
We collect web usage information when you visit our website including information such as the IP address, date, time, page viewed or searched relating to your browsing activity, referring website and length of stay. Where you have provided personal data we may collect web usage information to enable us to build a demographic profile.
We may also use web usage information to create statistical data regarding the use of our website. Where statistical data is produced we may then use that data to help us assess the effectiveness of marketing campaigns, develop and deliver services and information to improve the overall effectiveness of our website. We will also use IP addresses to analyse trends, track users movements and gather broad demographic information for our own internal use.
Within our website you can interact with us, if you so wish. Where you provide your personal data on our website it will be taken as a positive action that you would like us to contact you for the purpose as set out on our website.
When you visit our website we may store some information (commonly known as a cookie) on your computer. Cookies do not damage your computer. Cookies are pieces of information that a website transfers to your hard drive to store and sometimes track information about you. Cookies are specific to the server that created them. They cannot be accessed by other servers. You do not have to accept cookies. You can decide if you want to accept cookies by changing the settings on your browser to either accept, reject or notify you when a cookie is set. All cookies used by this website are used in accordance with current UK and EU Cookie Law.
Type of Cookie Purpose
Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website. Like most websites, our site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website. Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us.
Linking to third party websites
We do not take responsibility for the privacy polices or practices of other sites, even where you access them using links from our website. You are advised to read the Privacy Notice of other websites prior to using them.
What information do we collect about you if you are interested in our services and why?
As a Brokerage and as part of our service we will only collect information from you so that we can advise and arrange insurance products that maybe suitable for you. In the financial services industry we call this factfinding which provides us with all the information that we need from you in order to provide you a with suitable product that meets your circumstances and requirements.
When obtaining information from you we will do this by phone, email, text, post, what’s app, face to face or web chat and will confirm the accuracy of the data collated. It is important that all the data we hold on you is accurate so that we can advise and arrange insurance products that are suitable to you.
The types of information we will collect from you includes; contact details, date of birth, gender, employment details, insurance needs, bank details. In addition, we may collect sensitive personal data such as medical conditions or criminal offence data where required to do so to arrange a policy on your behalf.
If you provide personal information about other individuals (such as employees, named drivers, family members etc) you must obtain their consent prior to disclosing it to us.
If you would like us to discuss your policy or the setting up of a policy with someone else who is acting on your behalf then we will need your consent first. We will also need consent from them before proceeding with an application.
Your data may also be used to help us assess your ongoing needs and to inform you about any insurance products or services that may meet those needs.
Transfer of personal information with third parties
Occasionally we may receive your contact details from a third party lead generator who you have expressed an interest in the products/service we have to offer. Where we use lead generators we will request from them that they have obtained your consent and have made it clear to you that they will pass your details on to a firm such as ours and that you will be expecting us to contact you.
We may also receive your contact details from a third party Introducer who has referred your details to us. Where we receive your information from an Introducer we will request confirmation that they have obtained your consent before passing your details to us. We will also confirm that you are expecting and understand the nature of the call.
We may also share your data with firms who assist us in meeting our obligation to you to arrange insurance. On occasion we use the support of other call centre type business’s or IT Support companies. Where we use such firms we will carry out due diligence on them and obtain a copy of their Privacy Notice and PI Insurance and have a contract in place that they will only act on our behalf.
Where you need to make a claim on a motor policy we may forward your details onto Action 365 Limited who specialise in motor claims and for non motor insurance policies we will provide your details to Oakleafe Group Limited.
We may also share your data with our Accountants to enable them to assist with our accounts. Where required we may share your data with our Solicitors, if we need them to act on our behalf for any legal matter.
Where we are unable to assist you arranging a particular insurance product then we may forward your details onto a firm who we believe will be able to help you. Where we do this we will obtain your consent and notify you who will be contacting you.
Information from other sources
We may obtain information from other sources such as public records, if required. This is to enable us to verify who you are or facts that you have told us are accurate.
How will we use this information?
We will only use your data in ways that you would reasonably expect us to. Below summarises how we use your data.
We will use the information you provide to us to research the market on your behalf to find a suitable policy that meets your circumstances and needs. Once we have carried out research we will provide you with a personalised quotation detailing the product information. Whilst you consider the quotation we will remain in touch to answer any questions you may have.
If you are happy to proceed we will then use your data to complete an application form which will then be forwarded to the relevant Insurer. We will then liaise with them on your behalf until the policy has been arranged. We will also keep in contact with you throughout the life time of the policy.
We will then contact you at renewal or when your policy is due to be reviewed so that we can continue to ensure that the policy you have in place remains suitable. Where your circumstances or personal information have changed we will update our records and notify the Insurer to do the same.
We will also use your data to assist you handle any claim you have on your policy or with handling a complaint if you are not happy with the service you have received.
As part of our service we like to keep our customers up to date with new products or offers that are available and maybe of interest. Therefore, we may contact you from time to time through email marketing, phone, text or other types of marketing material. If you wish to opt out of this at any point then please let us know.
In the interest to improve our services, telephone calls may be monitored and/or recorded for training purposes and to assist us handling a claim or complaint. Where we record the call you will be informed of this.
The lawful basis on which we use this information
How we use your information (detailed above) we will do so using the lawful basis legitimate interests. We have decided upon this basis as it allows us to meet with the ICO and FCA rules and is the most suitable lawful basis for processing data with a view to arranging a policy.
Who will it be shared with?
As stated above, if you wish to proceed to take out a policy then we will pass your details on to the Insurer the policy will be arranged with. The information we pass on will be detailed within the application we complete on your behalf.
If you are interested in using a credit facility to pay for your insurance then we will provide Premium Credit with your details and arrange payment through them.
Where required we may forward your details onto regulatory authorities or fraud agencies where we have a legal obligation to do so to comply with our regulatory requirements or where fraud is suspected. We may do this under the lawful basis legal obligation.
What we will do to ensure the security of personal information
We will not share any of the information you provide to third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us regardless of whether the information is in electronic or physical format. We use leading technologies and security measures to safeguard your information and keep strict security standards to prevent any unauthorised access to it.
How long will we retain your data
We will only hold data for no longer than is necessary. Where we have arranged a policy on your behalf we will keep your file including your personal data and any call recording, on record for a minimum of seven years after the expiry of an annual or short period contract, claim settlement or complaint, in line with our regulatory obligation with the FCA and English Law. Where we need to hold your file for longer than this then we will inform you of this.
Where you have enquired about a quote and are/or deemed a prospective customer we will hold your data for a maximum of two years.
What are your rights?
You have the right to:
- Be informed about how we use, share and store your personal information;
- Request access to the personal data we hold on you by emailing us at DPO@dna-insurance.com (also known as a Subject Access Request (SAR)). Where a SAR is requested we will respond promptly and within one month from the date we receive the request;
- Request your personal data is amended if inaccurate or incomplete;
- Request your personal data is erased where there is no compelling reason for its continued processing and we don’t have a legitimate interest to retain it;
- Request that the processing of your data is restricted;
- The right to object to your personal data being processed;
- Rights in relation to automated decision making and profiling.
Where the processing of your data is based on your consent, you have the right to withdraw this consent at anytime by contacting us by phone or email. We do not use automated decision making or profiling systems.
Where we need your consent we will ask for this separately. We do not use pre-ticked boxes or make assumptions that you have given your consent. Your consent must be freely given by positively opting in or making a clear affirmative action that you are giving your consent. We will do our very best to ensure you know exactly what you are consenting to and remind you that you may withdraw your consent at anytime by contacting us by email or phone. Where consent is obtained a record of this will be made confirming what you have consented to, the time and date and how consent was obtained.
Customers: Our customers are important to us however we appreciate that on some occasions you may wish to look elsewhere. If you do, we would like to stay in touch and therefore will ask for your consent in order for us to do so.
Potential Customers: Where you have expressed an interest in a product but have then decided not to proceed we would like to keep in touch therefore will ask for your consent to do so in case a product maybe of interest to you at a later date.
Non-Customers: We will only send you information about regulated products or services if we have obtained your consent to do so.
Right to complain
We hope that the service you receive from us is to the high standard you would expect. If at any point you are unhappy with the way we have used your data then please notify: Data protection officer by either email, post or phone below. If you remain concerned about the way we collect or use your personal data you can raise your concern with the Information Commissions Office (ICO) on 0303 123 1113. For further details you may visit the ICO website www.ico.org. We will tend to disclose the complainants identity to whoever the complaint is about, however if you wish your identity to remain anonymous, we will try to respect that. We will keep your complaint on record for two years once closed or six years if it also relates to how we arranged a policy and falls under the FCA ruling.
Changes to the information
We regularly review and, where necessary update our Privacy Notice. If we plan to use personal data for a new purpose our Privacy Notice will be updated and you will be notified.