U K Insurance Logo

Privacy Notice

We've got your data covered

Explore the different sections of our Privacy Notice to learn more about how we use your personal information. We refer to individuals as "customers" or "you" in this notice.

U K Insurance Logo
  • Q1 Who are U K Insurance Limited?

    We are U K Insurance Limited, but you might know us better as:

    DirectLine Logo churchill Logo privilege Logo Darwin Logo GreenFlag Logo

    This privacy notice applies to personal information processed by U K Insurance Limited. It tells you how we collect and use personal information, your rights under data protection law, and how to contact us if you have any concerns about our management of personal information.

    U K Insurance Limited is a company within Direct Line Group Plc and are a registered data controller Z648786. Click here to view all the companies in the same group as U K Insurance Limited.

    DirectLine motability Logo

    Together, Motability Operations Limited and U K Insurance Limited have arranged to give protection for users of both the Motability Contract Hire Scheme, and the Family Fund Mobility Support Scheme similar to that which you would receive under a fully comprehensive motor insurance policy.

    If you have any concerns about the way in which Motability Operations Limited use your personal information that are unrelated to your insurance cover, please direct any queries in writing to: Data Protection Officer, Motability Operations Limited, 22 Bishopsgate, 6th Floor, London EC2N 4BQ.

    GreenFlag Logo

    Green Flag Limited promotes and sells motorist-related products and services, including insurance. Green Flag Limited uses U K Business Solutions Limited (UKIBS) FCA regulatory permissions to introduce, sell, and administer breakdown insurance products.

    U K Business Solutions Limited (UKIBS) acts as an introducer and intermediary, promoting and selling both regulated and non-regulated product. It is a company within Direct Line Group Plc.

  • Q2 What personal information do we collect about you?

    We routinely collect, use and store the following types of personal information:

    Type Example
    Contact Name, Address, Telephone Number, Email address
    Social and Economic Marital Status, income and employment type
    Financial Payment card and banking details
    Technical Information about the devices and technology you use, including your IP address.
    Behavioural Information about how you interact with or use our product and services
    Contractual Information associated with the product or service we provide to you
    Biometric Information such as facial images from CCTV or voice transcripts from call recordings
    Communications Information contained in the letters, emails, texts or web chats you have with us
    Preferences This includes your marketing permissions, contact choices and any accessibility requirements such as large-print formats
    Identifiers Government identifiers such as Driving License
    Special Category Information revealing racial or ethnic origin, biometric data (where used for identification purposes), data concerning health
    Criminal Information relating to criminal offences, including alleged offences, criminal proceedings and previous criminal convictions, bankruptcies and other financial sanctions such as County Court Judgements.
    Support Needs Information which helps us to support our customers. For example, if you have specific needs, a health condition, or you're going through a difficult time
    Telematics and Vehicle Information Information from your vehicle's Telematics technology or onboard CPU. This may include data such as your location, speed, journey or information such as any impact or engine failures following an incident.
    Geolocation Information about your vehicle or device's location. For example, via your vehicle's onboard Geolocation or 'Connected Car' features

    When we process sensitive information about you (see Special Category above) we require an additional legal basis under data protection law. We may use these types of personal information without your consent if it is necessary for a legal obligation, as part of the establishment or defence of a legal claim or reasons of substantial public interest including:

    • for insurance purposes including, arranging, underwriting and administering an insurance contract and managing a claim under an insurance contract
    • for the prevention, detection and reporting of fraud and other financial crime
    • safeguarding the economic well-being of vulnerable individuals where we identify additional support is required
  • Q3 How do we collect personal information?
  • Q4 How do we use your personal information?
  • Q5 Who do we share personal information with?

    Who do we share your information with?

    Other companies within Direct Line Group We may share your personal information with third parties and other companies within our group of companies for the purposes we describe in 'How we use your personal information'. A list of our group companies can be found at https://www.u-k-insurance.co.uk/group-companies.html.
    Bank Account and Payment Card Information We use a specialist payment processor for securely managing transactions and payments and always ensure that financial details are handled securely under Payment Card Industry (PCI) Data Security Standards
    Financial Crime and Fraud prevention agencies and databases such as CIFAS, Synectics, Transunion and ENI Fraud prevention agencies will process personal information to assist our prevention of fraud and money laundering, and to verify your identity. They may also process your personal information to prevent fraud and money laundering by other people.
    If we or a fraud prevention agency determine that you pose a fraud or money laundering risk, we may refuse to provide the services and/or financing you have requested.
    A record of this risk will be retained by the fraud prevention agencies and may result in others refusing to provide services or financing to you. If you have any questions about this, please contact the appropriate fraud prevention agency.
    Regulatory Bodies We may need to share personal information with regulatory or public bodies to meet our regulatory and legal obligations. This includes the Prudential Regulation Authority, Financial Conduct Authority, Information Commissioners Office and the Financial Ombudsman Service
    Motor Insurance Bureau We'll will share your personal information with the Motor Insurance Database (MID), which is managed by the Motor Insurers' Bureau (MIB). For example, if you're involved in a road traffic accident then we and/or the MIB may search the MID to obtain relevant information. Please see Motor Insurance Bureau for more information
    Advertising Partners We partner with advertising companies, including social media sites, addressable TV providers and third-party websites, to display adverts about our products and services. Our Advertising Partners enable us to identify and engage with the right target audience, to create and distribute personalised content across platforms and services. For example, addressable TV providers allow us to customise the adverts displayed to individual households while they are watching the same programme.
    They use techniques like device recognition and interactions with social media content to tailor ads, but they don't target individuals by name. In most cases, cookies and similar technologies such as device fingerprinting are used to target this type of advertising. To learn more and manage their use, refer to our cookie policy.
    We may share personal information, e.g., an encrypted email address or device id, with our Advertising partners. The purpose is to show relevant ads to you on third party websites and apps. To do this, your data is matched with the database of the Advertising partner. If a match is found, you will receive relevant promotional content in your feed or search engine. If no match is found your data is securely destroyed. Your personal data is handled in a secure manner using a technique called hashing. This ensures your data is scrambled in a manner that makes it unreadable to anyone other than the recipient.
    Lexis Nexis Risk Solutions We share information concerning your request for a quote and your insurance policy with LexisNexis Risk Solutions who help us to check your identity and evaluate your insurance risk. LexisNexis Risk Solutions Limited does this by collecting data about you from public sources (such as the electoral register and insolvency service) and private sources (such as other insurers). More information on LexisNexis Risk Solutions Limited and how it collects and processes your data, your right to object and your other data protection rights is available here at https://risk.lexisnexis.com/group/processing-notices/insurance-services
    Driver and Vehicle Licensing Agency (DVLA) If you share yours or a named drivers Driving Licence Number (DLN) as part of your application for motor insurance, when adding a new driver or during renewal then the number is used to do an automated check with the DVLA driver database to retrieve the licence status, licence entitlement, relevant restriction information and any endorsement and conviction details.
    Claims and Underwriting Exchange and other industry databases We will share claim, incident details including dates, costs, fault status, any impact to no claim discount (NCD) and if any personal injury has occurred. The information we share will be accessible by other insurers.
    Other insurance companies, reinsurers and third parties We may share personal information to help settle any insurance claim or to verify that the information you have provided is correct (e.g we will check the amount of No Claims Discount you have told us with your previous insurer).
    Or where required or appropriate in connection with a proposed or actual sale, merger, acquisition, reorganisation, business transfer, financial arrangement, asset disposal or other corporate or financial transaction relating to our business and/or assets held by our business. Where such data is shared with a third party in connection with these transactions, it is done so under duties of confidentiality.
    Joint Account Holders Where insurance products are affiliated to a joint account personal information will be visible to both account holders; this will include details such as your name and address.
    My Account Where you are using a shared email address (e.g an email address which you and other individuals have access to) to manage your online account then some information about you and your products, quotes or other services will be visible to other profile users using the same email address. You can change the email address associated with your online account at any time.
    Representatives and/or Nominees In some circumstances we may share information with a representative who calls us on your behalf such as a spouse/partner such as where they are named on the agreement, or you have provided permission to speak with them.
    Credit Reference Agencies We will share personal information about you or anyone on the policy to credit reference agencies (CRAs). This help us verify your identity, and to determine the price of your insurance and your payment options when you take out a quote and at renewal of your insurance policy. Please see Credit Reference Agencies for more information
    Law enforcement and Government agencies We and fraud prevention agencies may permit law enforcement or government agencies to access and use your personal information, if they request it.
    Flood Re The Flood Re scheme helps homeowners get insurance in flood risk areas. If your property is eligible, we'll send your property details to the scheme.
    Market Research and Consumer feedback Agencies We may share personal information with these companies who will conduct market research and business analysis on our behalf
    Medical or other health services In order to manage personal injury claims we may receive relevant medical and treatment reports. These reports may need to be shared with other medical experts or treatment providers. This includes medical information or reports about you, witnesses, minors or pets.
    Brand and Service Partners Where your policy has been arranged through one of our brand partners then we will exchange information to provide and service your insurance policy.
    We collaborate with third-party companies to offer and supply roadside assistance services to their customers. For example, as part of a packaged bank account.
    Motability Operations Limited and their third-party providers We will provide personal information you update us about, such as your address, or permitted drivers, and claims history. This enables them to improve and provide services to you, which include keeping their records up to date, helping process applications you make and identify products that may be of interest to you. We will also share personal information with Motability Operations Limited third-party providers to enable them to provide their services to you such as roadside assistance. For further details on Motability Operations Limited third-party providers please see their privacy notice at motability.co.uk

    Transfers of personal data outside the UK

    We may send your personal information overseas to any part of the world to administer your insurance policy or insurance claim. The protections given to your personal information in other parts of the world may not be as strong as in the UK. Where possible, we will put in place agreements with the people we send your personal information to, to require them to treat your personal information with the same protections that we apply ourselves.

    Our agreements may include standard terms called Standard Contractual Clauses or International Data Transfer Agreements (IDTAs) approved by the UK Information Commissioner's Office or may require the other party to be signed up to government standards that are recognised as providing the right level of protection. But it is possible that regardless of what is set out in the agreement this would not stop a government in any part of the world from accessing your personal information, as they can often have power to overrule any agreements we make, for purposes such as crime prevention and national security.

    In some cases, we might need to share information to carry out the services we have promised to carry out, for example if you require urgent assistance abroad. In such an urgent situation we may not always have the time to put in place the type of agreement we would normally want to; however, we will ensure that if such a transfer is required that it complies with the standards required by data protection legislation.

  • Q6 How long do we keep personal information?

    Legal and operational requirements determine how long we retain your information. We keep your information for no longer than is necessary for the purposes it was collected for. We have adopted a data retention policy that sets out the different periods we retain personal information for in respect of these relevant purposes.

    As a general rule, we will keep it for 6 years from the end of your relationship with us, as it is likely that we will need the information for regulatory reasons, fraud prevention, or to defend a claim. For example, should you wish to bring some form of legal action relating to your relationship with us, this would generally need to be done within 6 years from the end of that relationship.

    In some cases where there is a valid reason to retain the data, it will be necessary for us to hold your information past the specified retention periods listed. For example, where a claim has involved a minor.

    We will also retain data in an anonymous form for statistical and analytical purposes, for example, to assess risk of flood damage occurring and have our own legitimate interests in retaining your data for a period beyond your policy lifecycle. These include defence of any late or delayed claims and improving our products and pricing.

  • Q7 Understanding your rights

    We want to make sure you are aware of your rights in relation to the personal information we process about you and importantly how you can exercise your rights. We have described these and the circumstances in which they apply in the table below.

    Data Subject Right Description
    Access You have a right to request a copy of the personal information we hold about you.
    Rectification You have the right to ask us to correct information that is inaccurate or incomplete.
    Erasure You have the right to ask us to delete personal information about you. We are not required to erase information if we still need it for the purposes for which it was collected or processed or where we have other legal grounds for processing your information.
    Objection You have the right to tell us you no longer agree to, that you object to, or that you wish to restrict us using information about you and ask us to stop.
    Portability You have the right to obtain and reuse the information that you have provided to us for your own purposes across different services. You may ask for this information to be provided directly to you or directly to another organisation. We will provide the information in a machine-readable format so that another organisation's software can understand that information.
    This applies where we have requested your permission to process your personal information, or you have provided us with information for the purposes of entering into a contract with us.
    Automated Decision Making To ask to review an automated decision made about you. See 'Automated Decisions and Artificial Intelligence' for more information
    Restriction Where possible, we will restrict the processing your personal information if you have raised an objection or erasure request in relation the processing of your personal information whilst we review your query.

    If you wish to exercise any of these rights, then our Data Rights Team may be contacted in writing at: U K Insurance Limited, Churchill Court, Westmoreland Road, Bromley BR1 1DP by email at: Data.Rights.Requests@directlinegroup.co.uk or via this form https://www.u-k-insurance.co.uk/data-rights-request.html

  • Q8 Contact Us

    If you have any questions about this Policy or how we use your personal information generally, then our Data Rights Team will be happy to help. Please see section 'Understanding your Rights' for their details.

    If you have any concerns about the way in which we are using your personal information, please contact our Data Protection Officer in the first instance at U K Insurance Limited, Churchill Court, Westmoreland Road, Bromley, BR1 1DP or alternatively by email at DataProtection@directlinegroup.co.uk and we will endeavour to resolve your concern.

    However, you do also have the right to complain about how we treat your personal information to the Information Commissioner's Office ("ICO").

    The ICO can be contacted at:

    ICO website: https://ico.org.uk/global/contact-us/

    ICO telephone: 0303 123 1113

    ICO textphone: 01625 545860