Privacy policy

Introduction

This privacy notice tells you what you can expect us to do with personal information we hold on you, what kinds of information we hold, how we receive it and who we receive it from. It also explains who else we may share your information with, and gives you details about your data rights and how you may use them.

This privacy notice is updated from time to time, to reflect any changes in how we use and handle personal information. If we make any significant changes, we will let you know directly.

This version of the privacy notice was published on the 4th October 2021.

This version contains updates to reflect that A-Plan Holdings is now the provider of the ingenie brand. We haven’t made any significant changes to the ways we use your personal data since the last version of our privacy notice was published.

Who does this privacy notice relate to?

This privacy notice relates to the following types of individuals, where we hold your personal information in relation to an ingenie product:

Individuals who have a non-ingenie product with A-Plan can find further information on how their data is used in A-Plan’s other published privacy notices, available on our website: www.aplan.co.uk.

There are other types of individuals who this privacy notice does not relate to, for example our employees and sub-contractors (including prospective and former employees and sub-contractors), employees of our current, former or prospective business partners and service suppliers, and members of the press.

If you are one of these individuals and would like further information on how we collect, use and store your data, please contact us. Our contact details are shown in the "how you can contact us" section of this notice.

A bit about us

Who we are

We are ingenie.

We trade under several other trading names and brands. You can find more information about these other brands on the A-Plan website: www.aplan.co.uk.

A few definitions

To be clear on what we mean in this privacy notice:

How you can contact us

We take data privacy seriously and your opinion matters to us. If you have any questions about this policy or how we use your information you can contact us in the following ways:

ingenie can be contacted via:

live chat customer service

Email: connect@ingenie.com

Our Data Protection Officer

A-Plan Insurance’s Data Protection Officer is Jonathan Cumpstey. He can be contacted in the following ways:

By e-mail: dpo@aplan.co.uk

By post: FAO The Data Protection Officer, A-Plan Insurance, 2 Des Roches Square, Witney, OX28 4LE.

What information we collect and how we use it

We collect your information and use it in different ways depending on your relationship with us and how you have interacted with us. This can include information we share with or receive from other third parties.

The lawful ways we use your data

We use your information for the following lawful reasons:

When we collect your personal data

We collect personal data from you when:

You can find further information on how telematics insurance works by reading our supplemental telematics privacy notice, available here

We also collect your information from other third-party sources where we have legal grounds to do so. These include anti-fraud and crime-prevention agencies, credit reference and vetting agencies, and other data providers.

We use cookies (small text files stored in your web browser) and other techniques to monitor how you use our website. For more information on what these are and how to opt out of these, please see our Cookies Notice, available here.

What information we use and hold about you

Depending on your relationship with us, we may hold the following types of information about you:

Identity and contact data: for example, your name, date of birth, postal address, telephone number and e-mail address.

Payment and account data: for example, your bank account details, credit/debit card details and information about your purchases with us, including any payment plans or arrears.

Location data: for example, your postal or IP address, the location of any insured property, and in the event of a claim, where the collision, theft or other incident occurred.

"Black Box" data: for example, information collected by our telematics insurances which shows your driving behaviours such as accelerating, braking and cornering habits, the journeys and routes you take and the times you travel, and the vehicle’s GPS co-ordinates.

Correspondence data: for example, copies of letters and e-mails we send you or you send to us, and notes or call recordings of any telephone conversations.

Internet data: for example, information collected by cookies and other online technologies such as Facebook pixels and Google Analytics, as you use our websites, our mobile apps or contact us by online methods.

You can find more information about the information we collect using cookies and other technologies in our Cookies Notice, available here.

Information we obtain from other sources; including credit agencies, anti-fraud and other financial crime prevention agencies, price comparison websites, and other data providers. This can include demographic data and interest-based data.

Complaint data: for example, what the complaint was, how we investigated it and how we resolved it, including any contact with the Financial Ombudsman Service or other third-party adjudicator services.

Some of our processes combine different sets of information we hold. This can include combining different data sets we have about you, or combining your information with that of other individuals.

Sensitive personal data

Some of the information we collect about you may be sensitive, for example data relating to your health and any medical conditions, or data relating to criminal convictions. We only collect this information where it is relevant to do so, such as:

Certain types of information are known as “special categories” under data protection law, and receive additional protection due to their sensitivity, for example information that reveals your race or ethnicity, your political views or your religious beliefs. We only use these types of data with your explicit consent, or to protect your vital interests or when it is necessary to meet a lawful purpose under the current legislation.

Who we share your information with

Where applicable, we share your personal information with the following types of third parties when we have a valid reason to do so;

Transferring data internationally

For business purposes, to help prevent/detect crime or where required by Law or Regulation, we may need to transfer your personal data to parties based overseas. Where we do this, we will ensure that your information is protected in accordance with the applicable Data Protection requirements.

If the Data Protection laws of the country that the recipient of your data is based in are not recognised as providing sufficient protection by UK law, we will ensure that the recipient enters into a formal legal agreement that reflects the standards required.

You have the right to ask us for more information about the safeguards we use when sending your personal data overseas. You can request more information by contacting us on the details shown in the "how you can contact us" section of this notice.

Retaining and destroying data

We retain information about you and the products you purchase to meet a number of legal and regulatory requirements, as well as our own legitimate business interests. For the period we retain your information, it is held securely by us or by third-party service suppliers contracted to store it on our behalf.

Our retention policy gives further information on the types of information we retain, how long we hold it for and why we hold it. You can request a copy by contacting us on the details shown in the "how you can contact us" section of this notice.

Automated decision-making and profiling

We use the information you provide to build a profile of you. We use this to assess whether we can offer you an insurance product and to determine the specifics of an insurance policy, for example the premium you pay and the compulsory excess for any claim. Much of the use of your data is done by “automated means” (done by computer without significant intervention by human beings), and this includes some of the decisions we make using your information, for example whether we can offer you insurance cover, the premium you pay and the terms of the policy.

If you have a telematics insurance policy, we’ll also use the data collected by the black box fitted to your vehicle to build a profile of your driving behaviours, which is used to inform quarterly premium adjustments, as well as provide driving feedback and alerts via our mobile app. Sometimes, the data will also be used to alert us of a potential collision, or to detect possible tampering with the black box itself.

You have rights in relation to automated decision-making and profiling. See the "your data rights" section of this notice for more information.

Your obligation to provide information to us

Where we collect information from you in relation to insurance products and services, you are under a legal duty to give us information.

If you are a personal client – that is, someone buying insurance which is wholly or largely unrelated to their profession, you are under a legal duty to answer all questions we ask fully and honestly, to the best of your knowledge. This is known as a “duty to take reasonable care not to make a misrepresentation” and is a requirement of the Consumer Insurance (Disclosure & Representations) Act 2012.

Business and commercial clients are under similar duty, known as “fair presentation”. This means that, in addition to answering our questions fully and honestly, you must also make reasonable searches for and disclose any significant or material facts which are relevant to the insurance being arranged. This includes reasonable searches of information available to other interested parties, such as agents and other people or organisations covered by the insurance, and is a requirement of the Insurance Act 2015.

We will provide you with further information on these legal duties, including which duty is applicable to you, when we arrange your insurance.

Failing to answer all questions asked fully and honestly, and failing to make reasonable searches or disclose material facts relevant to the insurance policy if you are a business client, may lead to a higher premium being payable, special terms or a higher excess being imposed, or the policy being cancelled or voided.

Your data rights

Data protection law gives you rights relating to your personal information. This section gives you an overview of these and how they relate to the information you give us.

The UK supervisory authority for data rights, the Information Commissioner’s Office (ICO), has also published detailed information about your rights on their website: www.ico.org.uk.

Your right to access

You have a right to request copies of the personal information we hold on you, along with meaningful information on how it is used and who we share it with.

This right always applies, but there are some instances where we may not be able to provide you with all the information we hold. If this is the case, we will confirm why we are unable to provide it - unless there is a valid legal reason that means we cannot let you know why.

Your right to rectification

If information we hold is inaccurate or incomplete, and this has an impact on the way we are using your data, you have the right to have any inaccuracies corrected and for any incomplete data to be completed.

If you ask us to rectify your information, we will either confirm to you that this has been done, or if there is a valid reason that this cannot be done, we will let you know why.

Your right to erasure (the right to “be forgotten”)

You have the right to request that your personal information is erased in certain circumstances.

If you ask us to erase your information, we will either confirm to you that this has been done, or if we are unable to delete it, let you know why and also inform you how long we will hold it for. For more information, see the "retaining and destroying data" section of this notice.

Your right to restrict processing

You can ask us to restrict the use of your information in certain circumstances.

If you ask us to restrict your information, we will either confirm to you that this has been done, or if we are unable to restrict it, we will inform you why.

Your right to object to direct marketing

You can object to receiving direct marketing from us.

If you do so, we will ensure that you do not receive such material going forward, unless you change your mind and specifically request it in the future.

Your right to object to automated decision-making

You can object to decisions made about you using your information and undertaken by purely automated means in some circumstances.

If you do so, we will either arrange for someone to assess the automated decision and confirm the outcome of this assessment to you, or explain to you why this right does not apply.

Your right to challenge our legitimate interests

You can challenge the use of your personal data where we use a legitimate business interest as a lawful basis to process your information. You can find more information on when we use this lawful basis in the "lawful ways we use your data" section of this notice.

If you do so, we will either confirm to you that the processing has stopped, or there is a valid reason for the processing to continue, we will inform you why.

Your right to object to the use of your information for statistical purposes

You can object to us using your information for statistical purposes in some instances.

If you do so, we will either confirm to you that the processing has stopped, or there is a valid reason for the processing to continue, we will inform you why.

Your right to data portability

In certain circumstances, you have the right to request that your information be compiled into a common, machine readable format and either provided directly to you or sent by us to a third-party you nominate.

If you request this, we will either act upon your instruction and confirm to you that we have done so, or if there is a valid reason that this cannot be done, we will tell you why.

Your right to complain

If you are unhappy with how we have used your data or if you believe we have failed to fulfil your data rights, you have the right to complain to us, and can contact us to raise your concerns using the details shown in the "how you can contact us" section of this notice.

If you remain unhappy with our response you may raise a complaint with a supervisory authority responsible for data protection and privacy.

In the UK, the supervisory authority is the Information Commissioner’s Office (ICO), who can be contacted using the following details:

Via their website: www.ico.org.uk

By e-mail: casework@ico.org.uk

By telephone: 0303 123 1113

By post: The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.

Exercising your data rights

You can exercise any of your data rights by contacting us using the information in the "how you can contact us" section of this notice and telling us which right or rights you would like to exercise.