1. Who are we?
Commercial & General Limited includes the brands Bettersafe.com and Insure Now, both of which operate in the UK. We all take your privacy very seriously.
Commercial & General Ltd (company number 03994456) is the data controller in relation to the processing of the personal information that you provide to us when you use our Services. Its registered address is 17 Teddington Business Park, Station Road, Teddington, TW11 9BQ.
If you have any queries relating to our use of your personal information, or any other related data protection questions, please contact our Customer Services Team at firstname.lastname@example.org.
EU General Data Protection Regulation 2018 (GDPR)
2. How do we collect personal information?
In some circumstances, group companies may be used to perform some data processing functions on behalf of Commercial & General, but this will not provide any group companies with authorisation to use your data outside of these specific functions.
3. What personal information do we collect?
We collect personal information that you give to us when using our Services via any of the Sites, for example, we may collect your name, address, date of birth, email address or telephone number as well as some details relevant to the products you are enquiring about. This might be, for example, to obtain an insurance quote, to buy a product, or enter a competition.
When providing our Service to you, we may also store information about how you use our Sites, for example, the pages viewed, the website from which you came to visit our Sites, changes you make to information you supply to us, details of the quotes you request and your transactions, together with details of your financial information, for example, bank account or payment details. We make sure that we have appropriate security measures to protect your information (see section 11 “How secure is our site and what steps do we take to keep you safe?” below). We will periodically review your personal information to ensure that we do not keep it for longer than is permitted by law see section 14 below which details how long we keep your personal information for.
It is your responsibility to check and ensure that all information and data you provide on the Sites is correct, complete, accurate and not misleading and that you disclose all relevant facts.
When providing our Services to you we do not need to collect or process personal information which data protection legislation defines as sensitive personal information, such as medical history or criminal convictions.
We do not knowingly collect or store any personal information about children under the age of 16. If you are aged under 16 please get your parent or guardian’s permission before you provide any personal information to us.
To ensure the Services we provide continue to meet your needs, we may ask you for feedback on your experience of using the Sites. Any feedback you provide will only be used as part of our programme of continuous improvement and will not be published on the Sites.
4. How do we use your personal information?
We may use your personal information:
To enable you to access and use the Services;
To personalise and improve aspects of our Services;
For research, such as analysing market trends, and customer demographics;
To communicate with you, including some or all of the following:
Sending you information about products and services which we think may be of interest to you - If you agree, we will contact you (depending on your contact preferences) via email, post, telephone, SMS, or by other electronic means such as via social and digital media. This may include new product launches, newsletters, promotions, competitions and opportunities to participate in market research.
Sending you annual renewal quotes based on information you previously provided to us (if you have requested quotes) - when our systems indicate that your renewal is due (either when a policy you bought from us is due to expire, or based on the dates you entered for your most recent quote) we may resubmit your quote details to give you an idea of what your quotes could be for your next renewal.
Sending you a confirmation email of your quote - when you obtain a quote with us, you may automatically be sent confirmation of your quote by email or SMS so that you have a record of it and can easily retrieve your quote in the future. This is a standard part of our Services and by using the Services you agree to receive these communications.
To process a transaction between you and a third party, such as an Insurer;
To track sales, which may involve us sharing data with your Insurer relating to the product(s) you have bought. Your Insurer may also send us information they hold relating to the product(s) you have bought for this purpose;
To match our data with data from other sources - we may validate and analyse your information and, in some cases, match it against information that has been collected by a third party to ensure that the information we hold about you is as accurate, as possible. As well as ensuring that any marketing material that we send you is appropriate to your needs;
To enable you to share our content with others, e.g. by using any 'Recommend a friend' or 'Social Sharing' functionality on our Sites.
We will store the personal information you provide and may use it to pre-populate fields on the Sites and to make it easier for you to use the Sites when making return visits (for example, when you visit our renewal sites).
We may monitor or record your calls, emails, SMS or other communications but we will do so in accordance with data protection legislation and other applicable law. Monitoring or recording will always be for business purposes, such as for quality control and training (e.g. where you call our customer service helpline), to prevent unauthorised use of our telecommunication systems and Sites, to ensure effective systems operation, to meet any legal obligation and/or to prevent or detect crime.
5. Why do we process your personal information?
We will only collect and use your personal information (as described in section 4) in accordance with data protection laws. Our grounds for processing your personal information are as follows:
Consent – Where necessary we will only collect and process your personal information if you have given your consent for us to do so, for example, we will only send you certain marketing emails and process any sensitive information about you if we have your consent.
Legitimate Interests – We may use and process some of your personal information where we have sensible and legitimate business grounds for doing so. Under European privacy laws, there is a concept of “legitimate interests” as a justification for processing your personal information. Our legitimate interests in processing your personal information are:
To enable you to access and use the Services by searching the websites to obtain quotes; processing any transaction between you and a third party, and tracking sales. Using your information in this way is an essential part of us being able to provide the Services to you;
To communicate with you about the Services. We need to keep you informed about your use of the Services, for example, sending you a confirmation email of your quotes and renewal notices. This won’t include marketing communications unless you have given us your consent to receive these; and
To improve our Services. We may use your personal information to: personalise aspects of our service and for market research. We constantly aim to improve our Services to you and using your personal information in this way helps us to do this.
You have a right to object to our use of your personal information for these legitimate interests, including where we may use your personal information to create a profile to inform customer demographics. If you raise an objection we will stop processing your personal information unless very exceptional circumstances apply, in which case we will let you know why we are continuing to process your personal information. Please contact our Customer Services Team at email@example.com if you wish to exercise this right.
6. Who do we share your personal information with?
When you use any of our Services, we may disclose your personal information to the following parties:
Other members of the Commercial & General Ltd group.
Our channel operators: whilst the majority of the channels on our Sites are run by us, some of our channels are designed and maintained for us by our service providers. We may receive your personal information from these service providers and use it in accordance with section 4 above. We will only use the personal information we receive from third parties where the relevant third party can show that it was collected and processed in accordance with the law.
Other service providers that we engage to help us provide certain services and/or functionality, such as hosting, data storage and analytics companies, including those listed in section 8 below.
The Financial Conduct Authority and/or other regulatory/governing bodies, for the purposes of compliance monitoring.
Where permitted by data protection and privacy law, we may also disclose information about you (including electronic identifiers such as IP addresses) and/or access your account:
If required or permitted to do so by law;
If required to do so by any court, the Financial Conduct Authority, the Competition and Markets Authority or any other applicable regulatory, compliance, Governmental or law enforcement agency;
If necessary in connection with legal proceedings or potential legal proceedings; and/or
In connection with the sale or potential sale of all or part of our business.
If we reasonably believe false or inaccurate information has been provided and fraud is suspected, details may be passed to fraud prevention agencies to prevent fraud and money laundering.
7. Who might out provides share your personal information with?
Some of our providers will use your personal information to assess your circumstances (including information about any third party who is named on the policy) and verify the information that you have provided to us.
Some providers may carry out checks with fraud prevention and credit reference agencies, both when you first buy your policy and at renewal (insurers generally run these checks to ensure that they can verify your identity, help prevent fraud and money laundering). If providers do these checks, they will be quotation searches only but will be visible to other organisations. Both public data (e.g. the electoral roll) and private data (e.g. your personal credit history) may be checked in this way.
Some providers may carry out checks against data they already hold on you, such as data from existing products, account data, data from previous product transactions, and accounts that you may already hold with them
8. Third-party data processors
We use a number of third-parties to process personal data on our behalf. These third-parties have been carefully chosen and all of them comply with the legislation set out in section 1. All third parties based in the USA are EU-US Privacy Shield Compliant.
9. What cookies do we use?
A cookie is a very small text file placed on your computer or device. Cookies help us to:
Understand browsing habits on the sites;
Understand the number of visitors to the sites and the pages visited; and
Remember you when you return to the sites, so we can provide you with access to previously saved quotes, or email you quote details.
Facilitate navigation of the sites and retain the information you enter as you move from page to page when obtaining a quote or purchasing a product.
10. What advertisement do we show on our Sites?
Commercial & General does not feature third-party advertising on any of its websites and there are no third-party cookies deployed for this purpose.
Commercial & General does use Display Advertising, using Google Analytics which permits advertisements and remarketing to be served on third-party websites across the internet relating to a search made on any of the Sites. The Sites and third parties, including Google, use first-party cookies and third-party cookies to inform, optimise and serve such advertisements. You can opt-out of, or customise, these advertisements using the Google Ads Preferences Manager.
11. How secure is our site and what steps do we take to keep you safe?
The security of your personal data is very important to us and our Sites use HTTPS to help keep information about you secure. Security during the transfer is called the Secure Sockets Layer (SSL) and Transport Layer Security (TLS).
SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when securing browsing of social media sites.
However, no data transmission over the internet can be guaranteed to be totally secure. Certain information, for example, your credit card details and personal details, are encrypted to minimise the risk of interception during transit.
You may complete a registration process when you sign up to use parts of the Sites or Mobile Applications. This may include the creation of a username, password and/or other identification information. Any such details should be kept confidential by you and should not be disclosed to or shared with anyone. Where you do disclose any of these details, you are solely responsible for all activities undertaken on the Sites where they are used.
We do our best to keep the information you disclose to us secure. However, we can't guarantee or warrant the security of any information which you send to us, and you do so at your own risk. By using our sites, you accept the inherent risks of providing information online and will not hold us responsible for any breach of security.
It might sometimes be necessary for us to transfer your personal information outside of the European Economic Area (EEA) to locations that may not provide the same level of protection as the UK. However, we will only transfer your personal information out of the EEA if we have put in place appropriate safeguards and protections as stated under UK law for example by the use of a data-transfer agreement incorporating certain standard model protection clauses.
12. How can you amend your preferences?
Any electronic marketing communications we send you will include clear and concise instructions to follow should you wish to unsubscribe at any time. You may also amend your marketing preferences by contacting firstname.lastname@example.org.
Should you no longer wish to be contacted by us, you can advise us at any time by contacting our Customer Services team on +44 (0) 203 740 4431 - lines are open 08:00 to 20:00 on Monday to Friday and 09:00 to 18:00 Saturday and Sunday or by sending an email to email@example.com.
If you no longer wish to be contacted by providers for marketing purposes, please follow the instructions in their marketing communications, or consult their privacy policies for further information about unsubscribing.
13. Your personal data rights and how to contact us
You have certain rights under existing data protection legislation including:
Right to access: the right to request copies of your personal information from us;
Right to correct: the right to have your personal information rectified if it is inaccurate or incomplete;
Right to erase: the right to request that we delete or remove your personal information from our systems;
Right to restrict our use of your information: the right to ‘block’ us from using your personal information or limit the way in which we can use it;
Right to data portability: the right to request that we move, copy or transfer your personal information;
Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or where we use your personal information to carry out profiling to inform our market research and customer demographics (see section 5 above).
If you are not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may be able to refer your complaint to the relevant data protection regulator which in the UK is the Information Commissioner’s Office.
14. How long do we keep your personal information?
Last updated March 2020