Your privacy is important to us and we are committed to keeping it protected. We have created this Customer Privacy Notice which will explain how we use the information we collect about you and how you can exercise your data protection rights. This Privacy Notice will help you understand the following:
We are Royal & Sun Alliance Insurance plc (RSA), we provide commercial and consumer insurance products and services under a number of brands, such as MORE THAN. We also provide insurance services in partnership with other companies.
As an insurer, we need your personal information to understand the level of insurance cover you require. We’ll use this information (e.g. your name, address, telephone number and email address) to communicate with you and if you have agreed, to send you news and offers related to our products and services.
We need to use your information to create a quote for you, allowing you to buy insurance products from us. When buying a product from us, you’ll also need to provide us with details about the items you wish to be covered by the insurance (e.g. car make and model, your home).
We may need to check information you have submitted with external companies/organisations (e.g. the DVLA, the Motor Insurance Database, credit reference agencies and criminal conviction checks.) When buying certain products, sometimes we will ask for special categories of personal data (e.g. driving offences for motor insurance, medical records in case of injury).
Once you become a customer, we’ll need to take your payment details to set up your cover. This could be direct debit, credit or debit card information. To service your policy, we might contact you via our website, emails, telephone calls or post. When using these services we might record additional information, such as passwords, online identifiers and call recordings.
For some of our products, we may collect information through smart sensors to assess your insurance needs (e.g. a black box installed in your vehicle when you buy a telematics driving product, which collects and uses geo-location and driving behaviour data).
If you need to claim against your insurance policy, we will need to collect information about the incident and this may be shared with other selected companies to help process the claim. If other people are involved in the incident, we may also need to collect additional information about them which can include special categories of personal data (e.g. injury and health data).
In submitting an application to us, you may provide us with equivalent or substantially similar information relating to other proposed beneficiaries under the policy. You agree that you will bring this Privacy Notice to the attention of each beneficiary at the earliest possible opportunity.
Data protection laws require us to meet certain conditions before we are allowed to use your personal information in the manner described in this Privacy Notice. To use your personal information, we will rely on one or more of the following grounds:
For marketing, you will always be given a choice over the use of your data.
Where possible, we’ll collect your personal information directly from you. However, on occasion we may receive details about you from other people or companies. For example, this might happen if:
We request those third parties to comply with data protection laws and to be transparent about any such disclosures. If you would like some further information, please contact us.
We do not disclose your information outside of RSA except:
Sometimes your personal information may be sent to other parties outside of the European Economic Area (EEA) in connection with the purposes set out above. We will take all reasonable steps to ensure that your personal information is treated securely and in accordance with this Privacy Notice, and in doing so may rely on certain "transfer mechanisms" such as the EU-US Privacy Shield, and the standard contractual clauses approved by the European Commission. If you would like further information please contact us.
Before we can offer you an insurance product or service, we may need to conduct the following activities, which involve automated (computer based) decision-making:
The results of these automated decision-making processes may limit the products and services we can offer you. If you do not agree with the result, you have the right to request that we perform a manual reassessment using the same information that you originally provided. If you wish to do so please contact us
Your personal information will be retained under one or more of the following criteria:
If you have agreed, we might contact you by post, email, phone and text message to let you know about offers and services we think you’ll like. The messages may be personalised using information you have previously provided us.
You can ask us to stop contacting you for marketing purposes at any point.
We will only contact you for marketing purposes if we collected your information directly, except when authorised and instructed by the third-party acting on your behalf.
If you hold a product or service with us and think that the information we hold about you is incorrect or incomplete, please contact us and we will be happy to update it for you.
We understand that your personal information is important to you, therefore you may request the following from us to:
1. Provide you with details about the personal information we hold about you, as well as a copy of the information itself in a commonly used format.
2. Request your personal information be deleted where you believe it is no longer required. Please note however, we may not be able to comply with this request in full where, for example, you are still insured with us and the information is required to fulfil the conditions of the insurance contract.
3. Request the electronic version of the personal information you have supplied to us, so it can be provided to another company. We would provide the information in a commonly used electronic format. [Request Ref: DSR 3]
4. Request to restrict the use of your information by us, under the following circumstances [Request Ref: DSR 4]:
a. If you believe that the information we hold about you is inaccurate, or;
b. If you believe that our processing activities are unlawful and you do not want your information to be deleted.
c. Where we no longer need to use your information for the purposes set out in this Privacy Notice, but it is required for the establishment, exercise or defence of a legal claim.
d. Where you have made an objection to us (in accordance with section 5 below), pending the outcome of any assessment we make regarding your objection.
5. Object to the processing of your data under the following circumstances [Request Ref: DSR 5]:
a. Where we believe it is in the public interest to use your information in a particular way, but you disagree.
b. Where we have told you we are using your data for our legitimate business interests and you believe we shouldn’t be (e.g. you were in the background of a promotional video but you did not agree to be in it.)
In each case under section 5 above, we will stop using your information unless we can reasonably demonstrate legitimate grounds for continuing to use it in the manner you are objecting to.
If you would like to request any of the above, please contact us and submit a written request, including the request reference (e.g. DSR 1), as this will speed up your request. To ensure that we do not disclose your personal information to someone who is not entitled to it, when you are making the request we may ask you to provide us with:
All requests are free of charge, although for requests for the provision of personal information we hold about you (DSR1) we reserve the right to charge a reasonable administrative fee where, we believe an excessive number of requests are being made. Wherever possible, we will respond within one month from receipt of the request, but if we don’t, we will notify you of anticipated timelines ahead of the one month deadline.
Please note that simply submitting a request doesn’t necessarily mean we will be able to fulfil it in full on every occasion – we are sometimes bound by law which can prevent us fulfilling some requests in their entirety, but when this is the case we will explain this to you in our response.
If you have any queries regarding our Privacy Notice please contact us and we will be happy to discuss any query with you. Our Privacy Notice will be updated from time to time so please check it each time you submit personal information to us or renew your insurance policy.
If you have any questions or comments about this Privacy Notice please contact:
The Data Protection Officer
Dean Clough Industrial Park
You may also email us at firstname.lastname@example.org.
If you wish to raise a complaint on how we have handled your personal information, please send an email to email@example.com or write to us using the address provided. Our Data Protection Officer will investigate your complaint and will give you additional information about how it will be handled. We aim to respond in a reasonable time, normally 30 days.
If you are not satisfied with our response or believe we are not processing your personal information in compliance with UK Data Protection laws, you may lodge a complaint to the Information Commissioner’s Office, whose contact details are;
Information Commissioner’s Office
0345 / 0344 / 0343 / 0330 numbers will be charged at your local rate. 0800 telephone numbers are free and 0844 numbers are charged at 5p per minute from a BT Landline. Other provider's charges, including calls from mobile phones, will vary depending on your network rate
Cookies are small text files placed on your computer and are commonly used on the internet. There are various types of cookies which perform different functions, such as remembering which items you have placed in your shopping basket or analysing your browsing behaviour to enable advertisers to present you with adverts more relevant to you and your interests.
For more information about cookies, visit http://www.allaboutcookies.org
Most web browsers will accept cookies, but if you would prefer we did not collect data by this method, you can disable this function within your browser settings. If you want to delete any cookies that are already on your computer, please refer to the instructions for your file management software to locate the file or directory that stores cookies.
Below, we have set out the four categories of cookies that we use on our websites. These cookies are:
Some of our websites also include third party cookies, which are cookies not set by RSA. In each of the four categories above, we have specified where third party cookies are used.
The following types of cookies may be used during your visit to our website:
These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies, services you've asked for, such as obtaining a quote or logging into your account, cannot be provided. These cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet.
We use the following first party cookies which are strictly necessary:
There are no third party cookies in this category.
We update our site frequently and sometimes that involves some changes in the cookies we have listed above. We try our best to keep this list up-to-date.
These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. They also allow us to record and count the number of visitors to the website, all of which enables us to see how visitors use the website in order to improve the way that our website works.
These cookies do not collect information that identifies a visitor, as all information these cookies collect is anonymous and is only used to improve how our website works.
We use the following first party cookies for performance. Some of them may also appear as third party cookies:
DTM does not create cookies by default, but if certain functionality is leveraged, the following cookies will be set.
Predefined cookies (these will only be set if a condition is set in a rule that needs to use them):
Predefined localStorage settings (again, only set if the client sets them, not set by default):
User generated (will be set if a data element or mbox is created that needs them):
_storeGacMore information about Google analytics cookie use https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
Adobe Analytics Cookie opt-out
To opt-out of aggregation and analysis of data about your visit to this site, it is necessary to install a cookie on your browser. This cookie identifies that you have opted-out.
If you delete the opt-out cookie, or if you change computer or web browser, you will need to opt-out again.
Opt-out - exclude me from visitor session aggregation and analysis (install the rsa.122.2o7.net opt-out cookie) Click here to opt-out
Opt-in - include me in visitor session aggregation and analysis (do not install the rsa.122.2o7.net opt-out cookie) Click here to opt-in
Google Analytics opt-out: browser add-on http://tools.google.com/dlpage/gaoptout
Some of these may be set as first or third party cookies, depending on which part of our website you are browsing.
We update our site frequently and sometimes that involves some changes in the cookies we have listed above. We try our best to keep this list up-to-date but due to various technical constraints we can only update this list every three months.
These cookies allow our website to remember choices you make (such as your user name, language or the region you're in) and provide enhanced features. For instance, a website may be able to provide you with news or updates relevant to the policies you buy. These cookies can also be used to remember changes you've made to text size, font and other parts of web pages that you can customise.
They may also be used to provide services you have requested such as viewing a video or commenting on a blog. The information these cookies collect is usually anonymised. They do not gather any information about you that could be used for advertising or remember where you have been on the internet
We use the following first party cookies for functionality. Some of them may also appear as third party cookies:
Web chat services
In addition, some of our partners may use third party cookies in this category. We update our site frequently and sometimes that involves some changes in the cookies we have listed above. We try our best to keep this list up-to-date but due to various technical constraints we can only update this list every three months.
These cookies collect several pieces of information about your browsing habits. They are usually placed by advertising networks rather than website operators. They remember that you have visited a website and share this information with other organisations such as advertisers. They do this in order to provide you with targeted adverts more relevant to you and your interests. Quite often they will be linked to site functionality provided by the other organisation. Although the cookies can track your visits around the web they do not usually know who you are.
Learn more about the types of cookies used by Google.
AppNexus cookies set on the adnxs.com domain
Learn more about what these cookies do.
Quantcast cookies set on the quantserve.com domain:
This cookie is used to identify each shopper and attributes site interactions to them. The cookie is set to expire after 80 weeks, which is extended each time the shopper visits the site. If they don't return to the site within that period, the cookie will be automatically deleted.
This is a housekeeping cookie set to expire after 30 minutes and works in conjunction with the tms_VisitorID cookie to capture shopper activity.
This is a temporary cookie which lasts only for the duration of the browsing session. It is used to show the Trace Bar on the site when the Diagnostics: Open Your Website With Cart Trace link is clicked from the Settings | Settings Home page in Fresh Relevance. Therefore, it will not be seen by shoppers.
This is the default cookie used by PopOver SmartBlocks to suppress a PopOver x days after it is last seen, where x is configurable for each PopOver. The duration is also the same value as x.
For more information about how cookies work, you can also visit this Wikipedia page.
Information on deleting or controlling cookies is also available at http://www.allaboutcookies.org
Please note that if you disable cookies, our website functionality may be impaired and prevent you from obtaining a quotation or completing your purchase online.