Introduction

Fresh Insurance Services Group Limited (Fresh/We) is are registered with the Information Commissioners Office (ICO) for data protection purposes under reference Z7026341. We trade under the brand names Ladybird Insurance, First Insurance (including First Van), Autosaint Insurance, Motor Trade Direct, Insure OK and Fresh Home. For the purposes of this notice personal data or data may include both personal data, such as your name, address, date of birth and claims history and “special” categories of data such as information about offences, criminal or motoring convictions and medical conditions.

We are committed to ensuring that your privacy is protected. Should we hold or use your personal data, you can be assured that it will only be used in accordance with this privacy notice. You must have received the consent of any third party named on your insurance policy to provide their personal data to us and you should show this notice to them. This policy should be read in conjunction with the Terms of Business that relates to your insurance policy with us. Fresh may change this policy from time to time, however we are not obliged to give notice of the changes so you should check our websites or contact us to ensure you are referring to the latest version.
 

How do Fresh obtain your personal data?

Fresh may obtain your personal data from a variety of sources. We may obtain it from you directly, a third party you have asked to act on your behalf such as a spouse or a friend, your parents or guardians or other parties named on the insurance policy. We may also receive data from other insurers or insurance brokers you have dealt with in the past, for example if we request them to provide us with proof of your no claims bonus entitlement.  We will also receive the data you have entered onto price comparison websites.

Information about you may also be obtained from credit reference agencies such as Experian or Call Credit, debt tracing agencies, the Claims Underwriting Exchange (CUE), the Motor Insurance Bureau (MIB) and the Driver and Vehicle Licencing Agency (DVLA).

We may request Driving Licence Numbers from all drivers as part of your application for motor insurance, if you add an additional driver to the policy mid-term or when you renew your policy. We may use your Driving Licence Number to obtain information from the Motor Insurers’ Bureau (MIB) Hub about your licence using the MyLicence service.   For details about how the MIB will treat your data when using the MyLicence service, please visit here. To view your driving licence data please visit here.


If you have a telematics box (or black box) fitted to your vehicle as a requirement of your insurance policy, we will collect data from this device. We may also obtain data about you through the use of technology such as cookies on our websites. Our full cookie policy is included below.
 

What will we use your personal data for?

Fresh will use your data for providing an insurance quotation, managing and administering your insurance policy, assisting with any claims, responding to complaints, policy enquiries, arranging premium finance or managing outstanding balances.

If you are insuring a vehicle or vehicles details of this/these and the insurer have to be passed to the Motor Insurance Database (MID) run by the MIB. This is to demonstrate that you have insurance cover on the vehicle(s) as required under the Road Traffic Act 1988 (RTA). This is normally done by the insurer but on occasion we may also do this on their behalf.

We may also use your personal data for analytical purposes, sometimes referred to as ‘Big Data’. For example, we may analyse how many claims happen in a particular postcode or if some types of people are more likely to be involved in accidents than others.  Using your data in this way assists us in providing our customers with the lowest premiums possible.  

We may ask you to participate in surveys that assist us in developing and improving the service we offer. We may use your personal data to keep you informed about other products and services that we have available and where we have your consent to do so we may share your data with other carefully selected financial services companies to allow them to contact you about products and services that may be of interest to you. You can withdraw consent at any time by contacting us using the information in the contact details section or using the ‘unsubscribe’ option in any marketing emails we send to you.

If your insurance policy requires the installation of a telematics box, we will use the data provided by the box to monitor your driving behaviour. Further details surrounding the manner in which we use your telematics data can be found below. We may also use location data from your telematics box which may be used to identify the location of the vehicle and the address at which your vehicle is regularly parked overnight. We may also provide your name, address and contact details to a third party contractor in order to arrange delivery and/or fitting of the telematics device.

In order to prevent and detect insurance fraud and other crimes, and aid in the prosecution of offenders, we may use your personal data to -
  • verify your identity using various credit reference agencies,
  • establish your insurance claims history, using the Claims Underwriting Exchange (CUE),
  • Confirm that you or anyone named on the policy does not appear on the HM Treasury Financial Sanctions List.
  • Prevent financial fraud and money laundering
Your personal data may also be used to allow us to fulfil our legal or regulatory responsibilities, this may involve sharing your personal data with authorities such as the Financial Conduct Authority (FCA), The Information Commissioner’s Office (ICO), police and governmental agencies if requested and required to do so.

If you are unable or unwilling to allow us to use your data in line with this privacy notice, we will be unable to enter into a contractual relationship with you.
 

Data derived if a telematics box is installed as a condition of your policy.

It is very important that you read this section so that you understand how Fresh use the data collected by the telematics box. The telematics box does not determine who is driving the vehicle so you must show this notice to any named driver on your insurance policy and any other person who may drive the vehicle under their own insurance (where their policy permits this).
 

What data is captured by the Telematics Box and how is this used?

For the purposes of providing you with insurance, it may be a term of your policy to have a telematics box fitted to your vehicle to record information about your driving style.   From the date of installation (or reactivation if the vehicle is already fitted with a suitable telematics box), we will use the telematics box to capture data from your vehicle. An electronic data feed will translate the GPS (Global Positioning System) co-ordinates from the box into a specific location which will provide detailed information including speed, braking/acceleration, cornering severity and physical location at any specific time. This information will be used to build up a profile of how, where and when your vehicle is driven and where it is parked overnight. This data will be processed by the telematics box service provider and their agents (and where necessary by us and our agents) which will converted into the scoring provided on your web based ‘dashboard’. This data is used to administer your insurance policy in line with the terms disclosed when the policy was purchased. It may also be used to verify that the vehicle is being used in the manner you have stated and is being kept at an address disclosed to us.
 

Who will we share your personal data with?

Fresh takes the security of your personal data very seriously and have a ‘data protection by design’ philosophy to the protection of your privacy. In order to provide our range of products and services to you, it is necessary to share your personal data with third parties. We always ensure that the required safeguards are in place before sharing your data outside of Fresh, its parent company (Vantage Holdings Limited) or any related company.  On occasion, it may be necessary to transfer some of your data outside of the EU, but we will only do so if we have a contractual agreement with that company to protect the data to the same levels as we would and the country in which they are domiciled allows them to offer such protection. We may utilise US companies that are members of the Privacy Shield scheme which affords you the same protection to you data as you would get within the EU.  More information on Privacy Shield can be found here

The following outlines who we may share your data with and the circumstances in which we would do this.

If you request a quotation
  • If you request a quotation with Fresh, we pass your personal data to the insurer(s) and their appointed agent(s) who will provide quotations for your policy. Insurers or their agents will act as data controllers alongside us. The data you provided will be held on our internal systems and those of our software provider(s) until they are removed in line with our retention policy, noted below.
  • In order to reduce insurance fraud and verify your identity, we may share your data with various credit reference agencies and anti-fraud databases such as the Claims Underwriting Exchange (CUE), Call Credit and Experian.
  • We may be requested by government or regulatory authorities, such as the Police or the Department for Work and Pensions, to provide your personal data to them.  If we are legally obliged to do so we may share your data with these government agencies for the purposes of crime and fraud prevention and the apprehension and prosecution of offenders.
  • We may share your personal data with internal or external auditors or professional advisors such as solicitors.
  • We may also share your personal data with anyone named on the insurance policy, parents or guardians of the policy holder or anyone whom you have authorised to discuss the policy on your behalf.
  • If false or inaccurate information is provided or fraud is identified, we may also pass your details to fraud prevention agencies. These and other organisations may access and use this information to prevent fraud and money laundering, for example, when checking details in insurance proposals or processing any type of insurance claim or potential claim. Other organisations, both inside and outside of the UK, may also access the information recorded by these fraud prevention agencies for the prevention of crime or other lawful reason. You can contact your insurer directly to find out which fraud prevention agencies they use.
  • We may share your personal data with the Financial Ombudsman Service, if you have made a complaint to them about the provision, or a failure to provide our services to you.
  • It may be necessary to share you data with regulatory, supervisory or government agencies if we are required to do so by law.

If you take a policy through us
  • If you decide to take a policy with Fresh, we pass your personal data to the insurer(s) or their appointed agent(s) who underwrite your policy and they may also share your personal data with their reinsurer(s). Insurers or their appointed agent(s) will act as data controllers alongside us. If you have a claim your personal data may be passed to a claims management company in order to assist with the administration and handling of the claim on your or an insurer’s behalf and to various anti-fraud databases for the detection and prevention of insurance fraud. The data you provided will be held on our internal systems and those of our software provider(s) until they are removed in line with our retention policy, noted below.
  • If your policy is cancelled or is not renewed then we may release details of any no claims bonus accrued, claims information and if applicable the reason for cancellation if this is requested by your new insurer or broker.
  • If you purchased a policy after using a price comparison website, we are obliged to confirm to them that you have purchased a policy in order to fulfil our contractual obligations.
  • In order to reduce insurance fraud and verify your identity, we may share your data with various credit reference agencies and anti-fraud databases such as the Claims Underwriting Exchange (CUE), Call Credit and Experian.
  • Details of any vehicle insured and the insurer will also be added to the Motor Insurance Database (MID), run by the Motor Insurers’ Bureau (MIB). This may be consulted by the police in order to establish who is insured to drive the vehicle. If you are involved in an accident, (in the UK or abroad) other UK insurers and the MIB may search the MID to ascertain relevant policy information. Persons with a valid claim in respect of a road traffic accident (including citizens of other countries) may also obtain certain information which is held on the MID. You can find out more about this here
  • If you apply to pay your premium via a finance agreement with Premium Credit Ltd, we will share your personal data with them in order for them to process your application for credit. They in turn may share this data with their appointed agents and credit reference agencies in order to ascertain your suitability for credit. Premium Credit will also note any late or missed payments with the credit reference agencies if you fail to pay these as they fall due.
  • We may be requested by government authorities, such as the police, HM Revenue and Customs or the Department for Work and Pensions to provide your personal data to them. Where we are legally obliged to do so, we may share your data with these government agencies for the purposes of crime and fraud prevention and the apprehension and prosecution of offenders. We may share your personal data with internal or external auditors or professional advisors such as solicitors.
  • We may also share your personal data with anyone named on the insurance policy, parents or guardians of the policy holder or anyone whom you have authorised to discuss the policy on your behalf.
  • If you have a telematics box fitted to your vehicle as a term of your policy, the data captured by this device is captured and processed by Wunelli Ltd. Octo Telematics Ltd or Trak Global Ltd. The data is used for the administration of your insurance policy in line with the terms you agreed to at the point of sale. It may also be used by us Wunelli Ltd, Octo Telematics Ltd and Trak Global Ltd for statistical analysis purposes.
  • We may also share your personal data with debt collection agencies (DCAs) or debt tracing services for the purpose of managing debts and recovering outstanding monies owing on your account. We may also share your personal data with credit reference agencies in order to assist us in the recovery of outstanding balances and may pass your details to the County Courts with a view to recovering any outstanding balance you owe by obtaining a County Court judgement (CCJ) against you. In addition we may sell the outstanding balance to a debt purchasing company.
  • If false or inaccurate information is provided and fraud is identified we may also pass your details to fraud prevention agencies. These and other organisations may also access and use this information to prevent fraud and money laundering, for example, when checking details on proposals and claims for all types of insurance. Other organisations both inside and outside of the UK may also access the information recorded by these fraud prevention agencies for the prevention of crime or other lawful reason. You can contact your insurer directly to find out which fraud prevention agencies they use.
  • If you have provided your explicit consent, we may also share your personal data with carefully selected third party companies within the financial services sector for the purposes of marketing. You can ask us to remove your consent for this at any time by contacting us using the information in the contact details section.
  • We use carefully selected third party companies to act as an email platform to allow us to contact you efficiently and will share your personal data with them to allow us to do this.
  • In the event that we undergo re-organisation or are sold to a third party any personal data we hold about you may be transferred to that re-organised entity or third party.
  • We may disclose your personal data to a card issuing company to validate your debit or credit card details and obtain payment where it is necessary to deliver the products and services bought by you.
  • We may share your personal data with the Financial Ombudsman Service, if you have made a complaint to them about the provision, or a failure to provide our services to you.
  • It may be necessary to share your data with regulatory, supervisory or government agencies if we are required to do so by law.
 

What legal basis do we use for processing your personal data?

Fresh will only use and store your personal data if we have a legal basis for doing so. It is your right as the subject of this data to be informed what the legal basis is for each type of processing that we undertake.

  • We will process your personal data for the purposes of providing an insurance quotation, managing and administering your insurance policy, assisting with any claims, responding to complaints, handling policy enquiries and arranging premium finance on the legal basis that this processing is necessary for the performance of a contract with you or in the course of entering into a contract with you. For the purposes above, personal data that is classed as “special data”, such as information relating to criminal or motoring convictions and medical conditions, will be processed in accordance with the law and on the legal basis that it is necessary for the performance of a contract necessary for reasons of substantial public interest. We will follow all appropriate safeguards to ensure the security of this personal data.
  • Telematics data is processed on the legal basis that it is necessary for the performance of a contract with you.
  • Vehicle data added to the MID is processed under the basis of a legal obligation (Road Traffic Act 1988).  
  • We may use your personal data for marketing purposes i.e. offering related products to you where we have a legitimate interest in doing so. We will normally seek your consent to marketing as an additional legal basis, but if we do not hold this we may still send you marketing material using legitimate interest alone. You have the right to request that we do not contact you for marketing purposes at any time by contacting us - see the Contact Us section below. If you withdraw consent then your interests will over-ride ours and we will be unable to use this legal basis to further process your data.
  • Where we have your consent we may pass your personal data to third parties for the purposes of marketing products and offers that may be of interest to you. We will also obtain your consent to pass on your personal data if we are unable to offer you a suitable product but have a relationship with another provider or intermediary who may be able to assist.
  • If your policy is cancelled or not renewed and we are contacted by your new insurer or broker to confirm details of any no claims bonus, claims history or the reason for cancellation, we may release this personal data under the basis of legitimate interest. If you do not wish us to do this then you may object or request that we restrict the processing of your personal data.  
  • For any processing of personal data for analytical purposes, our legal basis for processing is that it is necessary for the purposes of a legitimate interest.
  • If your personal data is being used for the purposes of debt recovery, our legal basis is that processing is necessary for the purposes of a legitimate interest.

How long will we retain your personal data?

If you decide to take a policy with us, we will retain your personal data for seven years from when your policy expires. We will also retain telephone call recordings for up to seven years.   

Where you have approached us through a price comparison website and we provide you with a quotation but you decide not to go ahead, we will retain your personal data relating to that quotation for no more than 120 days.

Where we have obtained your personal data directly or via a third party – for example another insurance broker or a marketing firm and we have your agreement to contact you at your next renewal, we will retain data for up to two years from your next renewal date.

If your insurance is an employer’s liability policy, we will retain the details of this policy for at least 60 years. This is ensure that the details are available to you should an employee lodge a claim against you far into the future, such as may be the case for an industrial disease where symptoms may not present themselves for many decades.
 

What rights do you have in relation to your personal data?

You have the following rights in relation to the data we hold about you, however some of these rights may not apply in certain circumstances – details are noted below. Fresh have strict internal processes in place that ensure your rights are upheld and that any requests you make in relation to these rights are responded to within 30 days of you making it.

The right to be informed

You have the right as a data subject to be informed in a clear and precise manner about the data we hold about you. Within this privacy notice we detail the nature of this data we hold, the reasons we hold it, how this data is used, who we will share this data with, how long we will retain your data and the rights you have in relation to your data. If you require any further information, you can contact us using the details in the contact us section.
 

The right of access

In order to demonstrate the legitimacy of the personal data we hold on you, its accuracy and the lawfulness of the processing we undertake, you have the right to request a copy of all data we hold about you. You can request this information free of charge using the details below in the contact us section. We will provide a copy of all personal data we hold about you within 30 days of you making this request.
 

The right to rectification

You have the right to ensure that all data we hold on you is both accurate and complete. If you are concerned that the data we hold about you is inaccurate or incomplete when considering the purposes for which your data is being used, you can ask us to rectify this. To do so, you should contact us using the details below.
 

The right to erasure (the right to be forgotten)

You have the right to request that all of the data we hold on you be erased from our systems. We may only be able to comply with this request in specific circumstances. This request would also apply to any third party whom we had shared your data with, and we would notify them accordingly if your request was valid. We will not be able to erase your data in all circumstances. For example, we would not be able to erase data that is being processed for the purposes of administering a live or lapsed insurance policy unless policy has been lapsed for seven years or more. This is because we have a legal obligation to retain this data for the defence of legal claims should a third party make a claim against your policy. If you require any further information, or you wish to exercise your right of erasure, you should contact us using the details below.
 

The right to restrict processing

You have the right to restrict our processing of your data under the following circumstances:

  • If you contest the accuracy of the information we hold until such time that we are able to verify the accuracy of this data or correct any errors.
  • You believe that the processing of this data is unlawful.
  • We no longer need the data for any purpose other than for the defense of any future insurance claims made against your policy.
  • You are awaiting a decision following an objection you have raised regarding an automated decision making process.

If you wish to exercise your right to restrict processing, you should contact us using the details below.
 

The right to data portability

Where we are processing data under the basis of contractual performance or consent you have the right to request that we provide your data in a machine readable format that you can then share with other businesses or in any other way you see fit. You have the right to request that we transfer your data to third parties directly for them to use as you see fit. We are able to provide your data either as an .XML file or a .CSV file. You are able to utilise your data in this way by contacting us using the details below.
 

The right to object

You have the right to object to your data being processed. The right to object for direct marketing purposes or profiling of your data for the purpose of direct marketing is absolute and we must cease the processing of your data for these purposes.  However for other processing the right to object is not absolute and there may be some compelling reason why we need to continue processing your data
 

The rights regarding automated decision making and profiling.

You have the right to request human intervention into any process involving automated decision making where this results in a legal implication to you.  This right would not apply to underwriting decisions or to applications for credit made on our website or internal system as this automated decision making is required for entering into a contract with us. Currently, we do not use automated decision making for any other functions, but if you have concerns regarding this, please contact us using the details below.  
 

The right to complain

You have the right to complain about the use of your personal data – in the first instance please contact us using the details below. Our complaint handling procedure is available upon request or can be accessed from the Fresh websites.  You are also entitled to complain to the Information Commissioner by writing to -

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Alternatively, you can access their website here.
 


What responsibilities do you have?

Fresh will always endeavour to ensure that your personal data is accurate and up to date. If you notice that any information on your policy documentation is incorrect or if any of your personal data changes, for example you move house, change your vehicle or occupation or you bank details, please contact us to make us aware of these changes.


Security

We are committed to ensuring that your personal data is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic contractual and managerial procedures to safeguard and secure the data we hold and use.


Use of the Fresh Insurance Website

By running a quotation on any of the Fresh websites, you agree that we may call you to discuss the quotation, regardless of whether you chose to proceed with it.

Use of cookies on the Fresh Insurance website and Universal Analytics

A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.  We use session cookies on our websites. We will use the session cookies to keep track of you whilst you navigate the websites.
 
We use Google Analytics to analyse the use of our websites. Google Analytics is a web analytics tool that helps website owners understand how visitors use with their website; this is also the only cookie we use on our sites. Google Analytics uses first-party cookies to track visitor interactions. User data gathered in Google Analytics can be analysed to help us to improve our sites.
 
Google Analytics generates statistical and other information about website use, which are stored on users' computers. Google will store this information and Google's privacy policy is available here. For more information on opting out of being tracked by Google Analytics across all the websites you use, visit this here.

For our reporting needs as well as system administration we may gather data about your computer which can include your IP address, operating system and browser type. This is statistical data about our users’ browsing actions and patterns.
 
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking, Tools>Internet Options>Privacy and then selecting “Block all cookies” using the sliding selector.  Blocking all cookies will, however, have a negative impact upon the usability of many websites, including ours.
 

Links to other websites

We provide links to third party websites as part of our service to you. We accept no responsibility for any statements, information, content and products associated with these third party websites. We accept no liability for these third parties for any viruses or anything else that could be infectious or destructive.
 
Our Contact Details
Postal address: The Data Protection Officer, Fresh Insurance Services Group Limited, Burnt Meadow Road, Redditch, Worcestershire. B98 9PA
Email: dataprotection@fresh.co.uk
Telephone: 0344 557 8400