We're here to help
0345 561 0320
Mon-Fri, 9am-5pm, local rate & mobile friendly
Back

Privacy notice

PolicyBee is committed to protecting your privacy. We're providing this privacy notice to tell you how we collect and process your personal data.

To read our Cookies Notice, click here

To read our Applicant Privacy Notice, click here

About us

PolicyBee Ltd is registered with company number 07421216. We're an online insurance broker, specialising in arranging insurance for freelancers, independent consultants, small consultancies and small businesses.

In order for us to provide you with a quote and then insurance, and deal with any claims or complaints that might arise, we need to collect and process data about you. This deems us a 'data controller'. As data controller, we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.

Throughout this document we refer to Data Protection Legislation which means the Data Protection Act 2018 (DPA2018), United Kingdom General Data Protection Regulation (UK GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the aforementioned legislation. Where data is processed by a controller or processor established in the European Union or comprises the data of people in the European Union, it also includes the EU General Data Protection Regulation (EU GDPR). This includes any replacement legislation coming into effect from time to time.

We may use your information on the following lawful grounds and for the following purposes:

The legal basis we rely on for processing personal data is Article 6(1)(b) of the UK General Data Protection Regulation (UK GDPR) which relates to processing necessary to allow us to perform our contract with you or to take steps at your request, before entering a contract. The purposes for which we will process your personal data on the basis of contract are listed below.

  • to evaluate your insurance application or renewal and provide you with a quote;
  • to arrange insurance on your behalf or to enable you to purchase your insurance policy online;
  • to administer your insurance contract including taking payments and making changes where requested or necessary;
  • to assist with insurance claims.

In some cases, we may use personal data to pursue our legitimate interests (Article 6(1)(f) of the UK GDPR), provided your interests and fundamental rights do not override those interests. The purposes for which we will process your personal data on the basis of legitimate interest are listed below.

  • to improve our website (we continually strive to optimise the performance of our website to provide you with a better experience)
  • to assist with the security of our infrastructure
  • to improve customer service (your information helps us effectively respond to your needs)
  • to provide you with 'risk tips'
  • to maintain our working relationship and contractual arrangements with our suppliers. This may include monitoring of the service and levels of service provided to us

If you are a prospective customer but not actively taking steps towards entering into a contract with us, we will seek your consent (Article 6(1)(a) of the UK GDPR) to process your personal data for the following purposes:

  • digital marketing (emails)

What personal information do we collect and use?

  • normally we'll simply be collecting basic information - your name, address, and contact details plus, if relevant, information about your work role including job title, your status as a director or partner, and possibly employment history, education history and professional accreditations
  • in certain circumstances, we will require further information such as your date of birth and gender
  • information which is relevant to your insurance policy including details of previous insurance policies and claims history
  • information relevant to any claim or complaint you may make. This will depend on the type of claim or complaint you make
  • financial information such as your bank details or credit details. We do not keep this information once the payment has been processed
  • your marketing preferences
  • when companies provide goods or services or are being considered as a potential supplier, we will only use the personal data they supply, which may include names, contact details and role job title of their representatives

How we collect your information

We may collect your information when you:

  • visit our website
  • use our social media
  • use our online chat
  • take part in our surveys
  • email, call or text us
  • ask for an insurance quote, or buy an insurance policy from us

We may collect information from your employer where you are a representative of one of our suppliers.

Sharing your information

We share the data you provide with selected insurance providers and Feefo, a customer feedback company. These businesses will not use your personal information except to provide services on your behalf. They're required to maintain the confidentiality of your information.

We do not sell, rent or otherwise give customer data to third parties.

Keeping your information

Your personal information will be retained in accordance with our retention policy which categorises all of the information held by PolicyBee and specifies the appropriate retention period for each category of data. Those periods are based on the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and PolicyBee's business purposes.

Generally we keep quote information for 3 years, and policy and claims records for 7 years from the end of our relationship with you. If there is a dispute or a legal action, we may need to keep this personal information longer.

Protecting your personal information

All information collected from you during your usage of our website is transmitted to us using Transport Layer Security (TLS) encryption. Payment cardholder information is in addition relayed instantly to our payment gateway provider. We do not store any payment cardholder information.

Inbound and outbound email is transmitted using Transport Layer Security (TLS) encryption when supported by the endpoint.

We secure all personal information you have provided us on computer servers in a controlled, secure environment, and protect that information from unauthorised access, use or disclosure.

Non-digital personal data received is scanned to our network and the originals are confidentially destroyed.

We'll only disclose your personal information, without notice, if we have to by law or in the good faith belief that such action is necessary to:

  • conform to the edicts of the law or comply with legal process served on us;
  • protect and defend our rights or property;
  • protect the personal safety of our users or the public.

We do not transfer personal information outside of the combined areas of the United Kingdom and European Union.

Your rights

You have the right to:

  • ask for access to your personal information via a 'subject access request'
  • ask for personal information we hold about you to be corrected
  • ask for your personal information to be deleted. This enables you to ask us to delete or remove your personal information where there is no good reason for us continuing to process it
  • object to the processing of your personal information where we are relying on a legitimate interest, and there is something about your particular situation which makes you want to object to processing it
  • ask for the processing of your personal information to be restricted. This enables you to ask us to suspend the processing of personal information about you
  • ask for your personal information to be transferred to another company

You can find out if we hold any personal information on you and request that information by making a 'subject access request'. If we do hold information about you we will:

  • provide you with a description of it
  • tell you why we are holding it and how long for
  • tell you who it could be disclosed to
  • where possible let you have a copy of the information in an intelligible form

Where we rely on consent to process your personal data you have a right to withdraw your consent at any time by contacting us via telephone on 0345 561 0320 or emailing us at contactus@policybee.co.uk or by clicking the unsubscribe link in any of our marketing messages.

No fee usually required: you will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

Changing and removing your information

If you find the information we hold about you is wrong, you can ask for it to be corrected. You can also ask us to delete the information. To do so please call us on 0345 561 0320 or email us at contactus@policybee.co.uk. For record-keeping and compliance purposes, we'll retain certain information collected from you in connection with commercial transactions.

External websites

Our website may contain links to third party websites. This privacy notice doesn't cover how organisations that own the external websites process your personal data. We encourage you to read the privacy notices on the other websites you visit.

Contacting us

Address: PolicyBee, 14 Brightwell Barns, Waldringfield Road, Ipswich, IP10 0BJ
Phone: 0345 222 5360
Email: contactus@policybee.co.uk

We are registered with the Information Commissioner's Office (the ICO) with registration number Z259095X.

Our Data Protection Officer is:
The DPO Centre Ltd.
50 Liverpool Street
London
EC2M 7PY

Phone: 0203 797 1289
Website: www.dpocentre.com

Making a complaint

You have the right to submit a complaint about our processing of your personal data. Our supervisory authority is the Information Commissioner's Office and submitting a concern can be made using its website: https://ico.org.uk/concerns/handling/

Changes to this privacy notice

We keep this policy under regular review. We may change this privacy notice from time to time by updating this page in order to reflect changes in the law and/or our privacy practices.