PolicyBee is committed to protecting your privacy. We're providing this privacy notice to tell you how we collect and process your personal data.
To read our Cookies Notice, click here
To read our Applicant Privacy Notice, click here
PolicyBee is the trading name of PolicyBee Ltd, registered with company number 07421216. We're an online insurance broker, specialising in arranging insurance for freelancers, independent consultants, small consultancies and small businesses.
In order for us to provide you with a quote and then insurance, and deal with any claims or complaints that might arise, we need to collect and process data about you. This deems us a 'data controller'. As data controller, we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.
Throughout this document we refer to Data Protection Legislation which means the Data Protection Act 2018 (DPA2018), United Kingdom General Data Protection Regulation (UK GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the aforementioned legislation. Where data is processed by a controller or processor established in the European Union or comprises the data of people in the European Union, it also includes the EU General Data Protection Regulation (EU GDPR). This includes any replacement legislation coming into effect from time to time.
The legal basis we rely on for processing personal data is Article 6(1)(b) of the UK General Data Protection Regulation (UK GDPR) which relates to processing necessary to allow us to perform our contract with you or to take steps at your request, before entering a contract. The purposes for which we will process your personal data on the basis of contract are listed below.
In some cases, we may use personal data to pursue our legitimate interests (Article 6(1)(f) of the UK GDPR), provided your interests and fundamental rights do not override those interests. The purposes for which we will process your personal data on the basis of legitimate interest are listed below.
If you are a prospective customer but not actively taking steps towards entering into a contract with us, we will seek your consent (Article 6(1)(a) of the UK GDPR) to process your personal data for the following purposes:
We may collect your information when you:
We may collect information from your employer where you are a representative of one of our suppliers.
We share the data you provide with selected insurance providers and Feefo, a customer feedback company. These businesses will not use your personal information except to provide services on your behalf. They're required to maintain the confidentiality of your information.
We do not sell, rent or otherwise give customer data to third parties.
Your personal information will be retained in accordance with our retention policy which categorises all of the information held by PolicyBee and specifies the appropriate retention period for each category of data. Those periods are based on the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and PolicyBee's business purposes.
Generally we keep quote information for 3 years, and policy and claims records for 7 years from the end of our relationship with you. If there is a dispute or a legal action, we may need to keep this personal information longer.
All information collected from you during your usage of our website is transmitted to us using Transport Layer Security (TLS) encryption. Payment cardholder information is in addition relayed instantly to our payment gateway provider. We do not store any payment cardholder information.
Inbound and outbound email is transmitted using Transport Layer Security (TLS) encryption when supported by the endpoint.
We secure all personal information you have provided us on computer servers in a controlled, secure environment, and protect that information from unauthorised access, use or disclosure.
Non-digital personal data received is scanned to our network and the originals are confidentially destroyed.
We'll only disclose your personal information, without notice, if we have to by law or in the good faith belief that such action is necessary to:
We do not transfer personal information outside of the combined areas of the United Kingdom and European Union.
You have the right to:
You can find out if we hold any personal information on you and request that information by making a 'subject access request'. If we do hold information about you we will:
Where we rely on consent to process your personal data you have a right to withdraw your consent at any time by contacting us via telephone on 0345 561 0320 or emailing us at email@example.com or by clicking the unsubscribe link in any of our marketing messages.
No fee usually required: you will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
If you find the information we hold about you is wrong, you can ask for it to be corrected. You can also ask us to delete the information. To do so please call us on 0345 561 0320 or email us at firstname.lastname@example.org. For record-keeping and compliance purposes, we'll retain certain information collected from you in connection with commercial transactions.
Our website may contain links to third party websites. This privacy notice doesn't cover how organisations that own the external websites process your personal data. We encourage you to read the privacy notices on the other websites you visit.
We are registered with the Information Commissioner's Office (the ICO) with registration number Z259095X.
Our Data Protection Officer is:
The DPO Centre Ltd.
50 Liverpool Street
Phone: 0203 797 1289
You have the right to submit a complaint about our processing of your personal data. Our supervisory authority is the Information Commissioner's Office and submitting a concern can be made using its website: https://ico.org.uk/concerns/handling/
We keep this policy under regular review. We may change this privacy notice from time to time by updating this page in order to reflect changes in the law and/or our privacy practices.