Hastings Direct — Car, Van, Bike & Home Insurance

Privacy notice

Introduction

Your privacy's important to us and we go to great lengths to protect it. This privacy notice tells you about the personal data we hold about you, so we can provide you with a Quote or insurance policy. It explains how we may collect, use and share your details and tells you about your rights under data protection laws.

If you'd like a copy of our privacy notice for your records, you can download a pdf version of the full document here.

1. Who we are

We're Hastings Insurance Services Limited (also referred to as 'Hastings', 'we', 'us' or 'our') and our registered office is at Conquest House, Collington Avenue, Bexhill-on-Sea, East Sussex TN39 3LW.

We trade under the names of Hastings Direct, Hastings Direct SmartMiles, insurePink and People's Choice and our brands include Hastings Premier, Hastings Essential, Insure Blue, Argos, Likewise and Renew.

Our Hastings Direct SmartMiles policy has a separate privacy notice which can be found here.

Our ICO registration number is Z7677970

For the purpose of Data Protection Laws:

  • 'Data controllers' are Hastings and each Product Provider named on your policy and policy schedule(s). This means that your Product Provider(s) are also in charge of, and responsible for, how they handle your personal data. We recommend reading your Product Provider's privacy policy which can be found on their websites. A list of our Product Providers can be found here
  • 'Data subjects' are Policyholders, premium finance customers, named drivers and residents in the insured home
  • 'Personal data' is information about an identified or identifiable natural person that could allow a living person to be identified.

2. Information we collect from or about you

We'll collect and process information about you from a number of sources, including details:

  • You give us
  • We collect from your use of our services
  • We get from other sources (both public and private).

If you choose not to give personal data

Sometimes we have to collect your personal data by law or under the terms of a contract we have with you. If you don't give us the data we ask for, we might not be able to give you a Quote or perform the contract we have with you. If this happens, we may have to cancel one of your products or services. We'll tell you if this happens.

3. Personal information about others

We may collect information about other people in your household or other named drivers. If you give us information about another person, it's your responsibility to make sure they:

  • Have been told about who we are and how their data will be used
  • Have given their permission for you to use their data (including any sensitive personal data).

4. How we use your information

So we can provide you with Quotes and policies, and to manage your policy, we must have a legal reason to use your personal data, and this is usually:

  • To comply with legal requirements
  • For the performance of contractual requirements
  • When it's in our legitimate interest
  • For the performance of a task carried out in the public interest, or
  • Under Data Protection Law, it's in the public interest for the insurance industry to process information about your health and criminal convictions where it's needed to provide insurance Quotes and insurance services. We ask you to tell us about your health and unspent criminal convictions so we can assess the risk allocated to your policy, such as the validity and extent of potential claims and to detect and prevent fraud.
  • With your consent.

Our legitimate interest for processing personal data includes validating the data you've given us against third party sources (both public and private), keeping our records updated, being efficient about how we fulfil our legal and contractual duties, identifying and detecting fraud and using it to build pricing models and risk acceptance criteria. You have a right to object to this processing, as detailed in Section 8.

This table explains the reasons for processing your data and which of the above lawful reasons we rely on to do so.

Why we process your personal data Needed for the preparation or performance of a contract Consent Compliance with legal obligation Legitimate interests
To get or decline your insurance Quote and/or credit application both at the point of sale, after you've made a change to your policy mid-term and on renewal  
To help us assess the risk allocated to your insurance policy we use penalty points and motoring convictions data from the DVLA    
To manage your policy and/or credit agreement e.g. for mid-term adjustments and handling any claims and to keep our records updated  
To help identify, prevent, investigate and report potential fraud    
To collect and recover money that is owed to us    
To manage how we work with Product Providers and other companies which provide services to our customers and us  
To help the research and development of our understanding of individuals behaviour. This is to improve price and risk acceptance models and our marketing strategy and includes use of your Quote data (whether you buy a policy with us or not)      
To use the personal data of existing customers* for marketing similar products and services (where you haven't opted out)    
To use the personal data of new customers** for marketing other products or services (where you've opted in)    
To collect and process your personal data through cookies to optimise your customer experience, to develop new ways to meet our customers' need, to grow our business and to identify and prevent fraud      
To report data (including personal data) to government organisations e.g. Police, Trading Standards, regulators, Courts      
*Existing customers means individuals who were our customers on or before 25 May 2018.
**New customers means individuals who became our customers after 25 May 2018.

Additional reasons for processing your data:

5. How we share your data

This section explains how your data will be shared by us.

6. How long will we store your information?

This section sets out how long we will store your data for. Your Product Providers may store your data for different periods of time and we recommend that you refer to your Product Providers' privacy notice available on their website.

If you ask for an insurance Quote, either directly or through a price comparison website, we will keep your personal data (whether you buy the policy or not) for three years from the date of Quote. After your Quote has been provided we will process this data for developing our acceptance risk criteria, pricing models and to prevent and detect fraud.

Where you buy an insurance policy from us, we will keep your personal data for the duration of your policy and for up to seven years afterwards for the following reasons:

  • To respond to any questions or complaints
  • To deal with claims against your policy.

We might keep your data for longer than seven years after you stop being a customer in the following circumstances:

  • Where a claim has been settled after you stop being a customer
  • Where minors are involved in a claim
  • Where there is a claim on your policy over a set amount – we use such personal data to inform our pricing models after the claim is finally determined.

7. Your rights and how to contact us

You have the right to:

  • A copy of the personal data we hold for you (please see Section 8)
  • Have your data corrected if it's wrong or incomplete
  • Have your data deleted or removed if it's no longer needed
  • Restrict the processing of your personal data
  • Withdraw any permission you've given in respect of your personal data (including marketing). You can unsubscribe through MyAccount or by contacting us here
  • Data portability – to keep and re-use your data in an electronic form for your own purposes or to ask we pass the information to another organisation
  • Get human intervention on the part of the controller, where you are subject to a decision based solely on automated processing, including profiling, which has a significant effect on you, to express your point of view and/or to contest the decision – see section 4 for more details on the automated decision making
  • Object where we're processing your information on the grounds of it being in our legitimate interest to do so.

We will uphold your rights to the best of our abilities; however, data protection laws allow us to continue to process your personal data if we have a legitimate reason to do so. For example, if data is needed for fraud prevention or legal requirements.

Our data protection team is responsible for overseeing questions in relation to this privacy notice. You can contact them at:

Data Protection Team
Email: dataprotection@hastingsdirect.com
Post: Hastings Insurance Services Limited, Conquest House, Collington Avenue, Bexhill-on-Sea TN39 3LW

Please make sure to include your full name, policy and/or Quote number if applicable, address and date of birth.

Hastings Direct SmartMiles

Our Hastings Direct SmartMiles policy has a separate privacy notice which can be found here.

You can contact the data protection office for our SmartMiles policy at:

Data Protection Officer
Email: dataprotection@igo4.com
Post: Hastings Direct SmartMiles, iGO4 House, Staniland Way, Peterborough PE4 6JT

8. Subject Access Request

You have the right to obtain:

  • Have confirmation your data is being processed
  • Access to your personal data
  • Other supplementary information, which is referred in this privacy notice.

You can access your personal information we hold by filling in this form or by writing to us at this address:

Data Protection Team
Email: dataprotection@hastingsdirect.com
Post: Hastings Insurance Services Limited, Conquest House, Collington Avenue, Bexhill-on-Sea TN39 3LW

9. Complaints

If you're not happy with the way your personal data is held or processed, please tell us using the contact details above.

You can complain to the Information Commissioners Office (ICO), the UK supervisory authority for data protection issues.

10. Policy updates

We may update or amend this privacy notice from time to time to comply with the law or meet changing business requirements. Any changes to this policy will be posted on this page.

This version was last updated on 25th May 2018. Historic versions are archived and you can get these by contacting us.

11. Glossary

'Data Protection Laws' means the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK.

'Product Providers' for the purposes of this privacy notice shall include your Insurer, reinsurers, any Underwriter, Administrator (each as defined in you Policy) and/or provider of your ancillary or additional products which either form part of your Policy or are purchased with it. A list of our Product Providers can be found here.

'IP address' is the term for an Internet Protocol address which is a numerical code that each device connected to the Internet has in order to identify that device. The code contains an element that supports location identification (to varying levels of accuracy).

"Personal information" means any information (including sensitive information) that we have obtained from you or third parties in connection with a service or product provided to you that is held now or at any time in the future by us.

'Terms and Conditions' the terms and conditions set out in the policy and or policy booklet(s) issued to you.

'Quote' for the purpose of this privacy notice shall include any Quote for a new policy, renewal of your existing policy or when you make a mid-term change to your existing policy.

Join us...

Image of a seagull standing on some railings