Eversure Insurance is owned and operated by Eversure Limited, a company registered in England and Wales under company number 6751893, whose registered address is Bury House, 1-3 Bury St, Guildford, Surrey, GU2 4AW, United Kingdom. Authorised and regulated by the Financial Conduct Authority, register number 501311. You can check this on the Financial Services Register by visiting the FCA’s website http://www.fsa.gov.uk/register/home.do.
We are committed to protecting the privacy of our customers in accordance with the General Data Protection Regulation 2016 (GDPR). This policy explains how we handle personal information collected from customers of:
Bury House, 1-3 Bury St
Eversure Limited is a registered data controller under the General Data Protection Regulation (2016) in relation to the processing of any personal data in connection with our services. If you have any questions relating to our use of your personal data or any other data protection questions, please contact our Data Protection Officer via our Contact Us form. Eversure Limited is registered with the Information Commissioner's Office under registration no Z2760497.
1.) Your Rights
As part of the General Data Protection Regulation (GDPR), we provide you with the following rights:
- Right to be informed – we will be transparent and keep you informed about the collection and use of your personal data.
- Right of access – you have the right to request personal and supplementary information we hold about you, using the contact details below.
- Right to rectification – you have the right to rectify inaccurate personal data we hold about you, or complete any data that is incomplete using the contact details below.
- Right to erasure – the right to request the deletion of personal data where there is no compelling reason for its continued processing, with a response to be issued within 30 days.
- Right to restrict processing - you have the right to request the restriction or suppression of your personal data. When processing is restricted, we are permitted to store your personal data but not to conduct further processing.
- Right to portability – your right to obtain and reuse your personal data for your own purposes across different services.
- Right to object - processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics
- Rights related to automated decision making including profiling - you have the right not to have automated decisions about you solely through automated processes. The GDPR ensures safeguards for you as an individual against risks that can potentially damage a decision taken without any human intervention.
If you want to invoke any of these rights please contact us:
By Post: Bury House, 1-3 Bury Street, Guildford, Surrey GU2 4AW
Online: via our Contact Us form
2.) What personal information do we process?
When you browse one of our websites we record standard details of your visit in our administration databases and our web server log files. This information is held for statistical and administration purposes only and is collected in a way which does not identify you. We do this to find out things such as the number of visitors to the various parts of our website. We will not associate any data gathered from this site with any personally identifying information from any source. The data collected includes:
- your IP (Internet Protocol) address;
- the pages you access and any documents downloaded from our website;
- where applicable and available, the previous website you visited and the search query you used to reach our website;
- the type of browser being used;
- the type of operating system being used.
Telephone calls may be recorded for training and security purposes.
We may collect and store personal information that you choose to give us via online forms, by telephone or by email. For example if you:
- request to join one of our email lists
- request to join a discussion forum
- subscribe to one of our newsletters
- participate in an online survey / opinion poll
- participate in a quiz or competition
- complete a contact request form
If we receive your email address because you send us a message, your email address will only be used or disclosed for the purpose for which it has been provided and it will not be added to a mailing list or used or disclosed for any other purpose without your consent.
Making a Purchase
If you decide to purchase insurance from us, we will request and store information relevant to the purchase, such as your name, address, postcode, date of birth, email address, telephone numbers, and any other relevant details. This information will only be used for the purposes of arranging your insurance cover - e.g. we would only use the telephone number to communicate or discuss a problem with arranging the policy or providing cover.
Should payment fail to be completed, we may contact you to help you complete your purchase and help you overcome any technical issues that may have arisen during the user journey. This personal data will be held purely for the basis of completing that particular transaction, and will be retained for no longer than a two-week period.
Please note: For online purchases, we do not collect or store any debit or credit card details. Such information is taken and processed by our payment service provider and we therefore take no responsibility for such information. For offline purchases, any debit or credit card details taken will be destroyed immediately after use.
Information used for Marketing Purposes
As a previous customer, we may market similar products and services unless you have opted out. The opportunity to opt out will be clearly displayed during the original purchase process and in all subsequent marketing correspondence. This type of consent is known as a soft opt-in, as detailed in the Privacy and Electronic Communications Regulations. Under the GDPR, we will process this data under the ‘Legitimate Interests’ clause. We may also use your email address to contact you on the same date each year to offer a new quotation, based on the information that you have already submitted to us.
For all other types of marketing, we will always obtain your explicit consent, where clear and affirmative action is required to opt in. You may opt-out of receiving future notifications by clicking the unsubscribe link in the email, by emailing us directly, or sending a message on our Contact Us form.
Information used for Customer Feedback
All customers who either purchase insurance from us or subsequently contact our customer services department may receive an automated email from our feedback system services providers feefo.com, Trustpilot, Google Reviews and Zendesk. Customer feedback is an important tool for us to understand how we are performing and is integral to the operation of our website. After you have purchased you may opt out of receiving emails from feefo.com by using the feefo opt out link at the bottom of their email, by sending us an email, or via our ‘Contact Us’ page.
3.) What are the legal grounds for processing your personal data?
Data Protection law stipulates that we are permitted to use personal information only if we have a proper reason to do so. We have detailed below our legal bases for using your personal data:
- To perform our contract with you: Where processing of personal data is necessary for the performance of a contract to which you are party, or to take steps at your request before entering into it.
- For our own legitimate interests: Processing is necessary for the purposes of the legitimate interests pursued by us, except where these interests are overridden by your fundamental rights and freedoms. For example, for the purposes of market research, analysis and the development of statistics.
- Your consent: When you have given your explicit consent to the processing of your personal data. This includes marketing communications, such as direct mail and SMS messaging.
- Compliance with a legal obligation: Processing is required for compliance with a legal or regulatory requirement, to exercise your rights under data protection law, and for the establishment and defence of legal rights.
- For legal claims: Processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.
4.) Sharing of personal data with others
Subject to applicable data protection law, we may share your personal data with other approved organisations, such as insurance providers, for underwriting, claims and fraud prevention purposes. Your insurance provider may also need to share your information for the administration and management of your policy. In addition, in the course of using information in normal business practices such as data backup, banking and professional advisers, we may disclose information to other parties where this is required or permitted by law and by any relevant data protection legislation.
Insurance providers may exchange information through a number of different databases, including the Claims and Underwriting Exchange (CUE), which holds a record of incidents reported to insurers by policyholders and third party claimants. This exchange of information enables the insurers to validate the information you provide, both about yourself and any other named person within the application, and aims to reduce insurance fraud.
If you have used a 3rd party’s website to find us and provided them with your details prior to visiting our website, where we can identify that you visited us via their site, we may share limited information with them in order that they may identify a successful fulfilment.
Details about your rights and how the insurance provider collects, uses and discloses your personal information and that of any other insured person(s) is set out in the policy wording for the relevant insurance cover.
5.) International transfers
Your personal data may be transferred outside the UK and the European Economic Area. When transferring your personal data out of the EEA, we will do our best to ensure a similar level of security by ensuring that:
- We transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission, or seek assurances for the protection of your data.
- In the case of providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield. This is an approved framework that requires them to provide similar protection to personal data shared between the Europe and the US.
For example, when you opt in to receiving email updates from us, your personal data is stored on the secure servers of US-based third-party email provider, MailChimp (owned by The Rocket Science Group LLC). We use MailChimp to distribute marketing emails to our subscribers.
MailChimp is fully compliant with the EU-US Privacy Shield Framework. This means that they are certified to receive data from Eversure. Under the GDPR, Eversure Limited is deemed the ‘Data Controller’ and MailChimp the ‘Data Processor’. To find out more about how MailChimp stores and manages personal data, visit www.mailchimp.com/legal/privacy
6.) Accessing and retaining your data
Personal data that we process will not be retained for longer than is necessary. However, as detailed in section 3, we may retain your personal data where it is necessary for the purpose of complying with a specific legal obligation.
Data Access and Correction
We will maintain and update personal information collected from our websites as necessary or when we are advised by users that their personal information has changed. In order to comply with data protection legislation, it is our policy to only deal with the person named on our database. Unless you instruct us otherwise, we will not deal with any other party, other than in extreme and exceptional circumstances.
Right to Erasure Requests
We will respond no later than 1 month after receipt of a right to erasure request.
Please note, the right to erasure does not apply if processing is necessary for one of the following reasons:
- to exercise the right of freedom of expression and information;
- to comply with a legal obligation;
- for the performance of a task carried out in the public interest or in the exercise of official authority;
- for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing; or
- for the establishment, exercise or defence of legal claims.
Should we reject a right to erasure request, we will provide an explanation of why this is the case. Should you be unhappy with the decision, it is your right to make a complaint to the ICO or seek to enforce this right through a judicial remedy.
Viewing Your Data
A full copy of all of the data that we hold about you in our database can be obtained by you by issuing a request via our Contact Us form, or in writing to:
The Data Protection Officer
Bury House, 1-3 Bury St
We reserve the right to charge an administration fee for providing this service, but only where requests are manifestly unfounded or excessive, including repetitive requests or requests for multiple copies.
Electronic Data Storage and Security
By submitting your personal information, you agree that when necessary we may disclose your information to our insurance providers and their agents and service providers, some of which may be located outside the European Economic Area in countries providing less protection for personal data than the UK.
Whilst we take every reasonable precaution to keep your personal information secure you should be aware that any communications over the internet such as emails are not 100% secure. We cannot accept responsibility for unauthorised access or loss of personal data from items sent via the internet.
Any personal information provided to us will be stored on password protected databases. Calls may be recorded for training and security purposes and any recordings will be stored on password protected databases.
Staff members associated with the maintenance of this website will have access to administration files and databases which are password protected. Our website server, hosted by our internet service provider, is also password protected.
We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete, up-to-date and stored in a secure environment protected from unauthorised access, modification or disclosure.
Non-Electronic Data Storage and Security
Any personal data that is collected by us which is not stored electronically will be either immediately destroyed after use, or stored in a secure location protected from unauthorised access, modification or disclosure.
7. Links and Cookies
'Cookies' are small pieces of data that a web server can store on and later retrieve from your computer. Our websites store temporary and persistent cookies, which will either remain stored on your computer (until such time as they expire or they are deleted) or will be deleted when the browser window is closed. More information about cookies can be found at: http://www.allaboutcookies.org.
We may also allow very carefully selected third parties to place cookies when you visit our site. Third party cookies may be left by these selected companies who participate with us in marketing programmes. These cookies enable us to monitor which adverts you see and click.
The cookies used on our websites are based on the International Chamber of Commerce guide for cookie categories, being either strictly necessary, performance, functionality or targeting:
'Strictly Necessary' cookies let you move around the website and use essential features like secure areas, quotation forms and online purchasing. These cookies don't gather any personal information that could be used for marketing or remembering where you've been on the internet.
'Performance' cookies collect information about how you use the website, such as the pages you visit and any errors. These cookies don't collect any information that could identify you, the information collected is anonymous and is used to help improve website layout and functionality, understand which parts of the website our customers find the most useful and improve the overall effectiveness of our websites.
Using our site indicates that you accept the use of 'Strictly Necessary' and 'Performance' cookies. Accepting these cookies is a condition of using the website, so if you prevent them we cannot guarantee how our site will perform for you.
Cookies used on our website:
More information on ASP.NET_SessionId
|This cookie is essential for the operation of many features on our site. It is set automatically when you arrive on the website. This cookie is deleted when you close your browser.
More information on Cookies & Google Analytics
|These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from, the pages they visit, and if they have visited the website before.
How to Control Cookies
If you wish to block Google Analytics cookies, Google offers an opt-out browser add-on for most modern web browsers.
Alternatively, cookies can be disabled directly within your browser (Firefox, Internet Explorer, Google Chrome, Opera, Safari etc.)
For popular browers, further information can be obtained via the following links: