The pages on this website are only directed at UK residents and comply with appropriate UK legislation and regulation.
This privacy policy has been provided to let you know how we use and look after your personal information. This includes what you tell us about yourself, what we learn by having you as a customer, and the choices you give us about what marketing you want us to send to you. The policy also tells you about your privacy rights and how the law protects you when (i) we contact you (ii) you contact us (iii) you visit our website.
We promise to:
Data Controller
Smart Insurance is a trading name of Neilson Financial Services Limited.
The data controller is Neilson Financial Services Limited who is authorised and regulated by the Financial Conduct Authority and entered on the Financial Services register under reference 594926. Neilson Financial Services Limited is registered in England and Wales under no. 07986483. Our registered address is 2 Windsor Dials, Arthur Road, Windsor, SL4 1RS. All products are arranged by Smart Insurance and issued, underwritten and administered by Scottish Friendly Assurance Society Limited (Scottish Friendly) who is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority and entered on the Financial Services Register under reference 110002.
Where data is provided to our partners in relation to a service you have requested, our partners may also act as data controllers. If you would like more information about how any of our partners process data, you should read the privacy policy for the relevant partner which will be available on the partner’s website. More information about this is set out under “Who we share your personal information with”.
Data Protection Law
We are conscious of our responsibilities as a "data controller" under the UK General Data Protection Regulation (UK GDPR) and we shall endeavour to ensure that the personal information we obtain and use will always be held, used, transferred, and otherwise processed in accordance with that regulation and all other applicable data protection laws and regulations. Neilson Financial Services is registered with the Information Commissioner under registration number ZA125017. If you would like more information about our data protection policy, please contact us using the details shown on our website.
How the Law Protects you
The law allows us to use personal information only if we have a clear reason to do so. This includes how we share data outside of Neilson Financial Services Limited. To meet this requirement, we will only process personal data in the following circumstances:
There are circumstances where an alternative legal basis allows us to process personal data legitimately. Where we rely on an alternative legal basis for processing personal data, we will tell you what it is.
How we use information about you
We collect personal information from you when you contact us over the telephone or by email, when you complete application forms and when you access our website. We also collect personal information about you from third parties (more details can be found under the heading “Where we collect your personal information from”). We have provided examples below of the ways we may use your personal information and why.
When/Where we collect and process your personal information | Legal Basis we can rely on to process personal information | Rationale |
When you call us or request to be called back | i) Legitimate Interest ii) Contract | i) Contact initiated by you ii) Applies when you request a quote with a view to entering into a contract with us or to make changes to your existing policy |
When we call you to promote and sell our products | i) Consent ii) Legitimate Interest | i) We have evidence of your clear and unambiguous consent to be contacted ii) When we can demonstrate an existing relationship with you and you have not objected to receiving our calls in the past directly or by registering with the Telephone Preference Service |
When we write to you to tell you about additional products and services. | i) Consent ii) Legitimate Interest | i) You have given your agreement to marketing ii) To provide marketing that we think will be of interest to you |
To assess your eligibility for cover | i) Contract ii) Substantial Public Interest | i) We need to obtain personal information to determine whether or not we are able to set up a policy for you ii) This may involve collecting information from you about your Health and Lifestyle. Without this, we will not be able to proceed with an application for cover |
To contact you for the purposes of notifying you of any important information regarding your Policy. | Contract | i) To keep our records accurate and up to date ii) To update you regarding any changes being made to the Policy |
To deal with claims, complaints and general enquiries | i) Contract ii) Legal Obligation | i) To administer claims and answer any questions you have when you contact us ii) To respond to complaints in line with regulatory requirements |
Transfer data to Third Parties
| Contract
| i) To enable our insurer partner to undertake underwriting activities and to administer your policy. ii) To enable providers of additional products, services or promotional offers you’ve asked for to provide these products, services or offers to you. |
When you agree to take part in a questionnaire or survey | i) Consent ii) Explicit Consent | i) From time to time, we may ask customers to participate in a questionnaire or survey. We will only do so for legitimate business purposes, with your consent. ii) The survey may ask you to provide us with sensitive data, such as information about your health. Where this is the case, we will gain your separate, clear and unambiguous consent. |
To offer you additional products and promotional offers on our website | Legitimate Interest | When you request a quote with a view to entering into a contract with us, we may, from time to time, offer you additional products and/or promotional offers we believe you will have a genuine and legitimate interest in, during the course of your online application. |
Data Analysis - Profiling: To develop and manage our brands, products and services by understanding our customers behaviours and preferences
| Legitimate interests | i) Defining target markets to which products are suited ii) Using our data to identify new audiences who are likely to want our products iii) Charging appropriately for products iv) Meeting genuine needs of customers through the products we provide |
Where we collect personal information from:
Data you provide:
We may also receive data from:
The categories of personal data that we may obtain from third parties are:
When you provide us with personal data about others, you must (unless we agree otherwise): (a) inform the individual about the content of this Privacy Policy and any other applicable privacy notices provided to you; and (b) obtain their permission (where possible) to share their Personal Information with us in accordance with this Privacy Policy and other applicable privacy notices.
Data we collect when you use our services
Who we share your personal information with
We may use and share your personal information with service suppliers and financial institutions who we partner with. This includes the insurer and reinsurer when you apply for insurance through us. Scottish Friendly becomes a data controller when a policy has been issued to you and will process your personal information for their legitimate business purposes, which include:
Whenever Scottish Friendly uses your information for these purposes personal data rights are considered carefully and you have a right to opt-out of some of this processing. For more information on how Scottish Friendly uses your information, or how to opt-out, please see Scottish Friendly’s Privacy Policy at (https://www.scottishfriendly.co.uk/privacy-policy).
In addition, we may share your personal data with third parties we partner with, to provide you with additional products, services or promotional offers you have applied for.
We may also share your personal information with legal and regulatory bodies such as the Financial Conduct Authority, the Financial Ombudsman Service and the Information Commissioner’s Office, to fulfil a legal or regulatory obligation, assist with an investigation, or demonstrate compliance.
If we sell our company or part of it, we will share your information with the purchaser, who may then provide you with information on their products and services.
We may transfer and process any personal information you provide to us to countries outside the European Economic Area. Again, we will ensure that all adequate safeguards are in place in connection with such transfer and that all necessary consent has been obtained.
How we use your information to make automated decisions
To assess your eligibility for cover we may use systems to make automated decisions based on personal information we collect from you. This involves us asking you to answer Health and Lifestyle questions when applying for cover under our Life Insurance Policy. The decision to provide cover is based on the answers you provide. These decisions do not involve human input, and the software and systems apply predefined logic programming and criteria to make a decision and assess how we deal with you in connection with the provision of services. We will hold this data safe and secure at all times.
You have the right not to be subject to a decision which is based solely on automated processing, to express your point of view and contest the automated decision. You do not have to take part in this underwriting process, but if you don't Scottish Friendly won't be able to provide you with an insurance policy. If you do not wish to be subject to Scottish Friendly’s automated decision-making process, we will be unable to continue with this application.
If you choose not to give personal information
We may need to collect personal information by law, or under the terms of a contract we have with you.
If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform services needed to administer your policy. It could also mean that we cancel a product you have with us.
Any data collection that is optional will be made clear at the point of collection.
Marketing
We will only use your personal information to send you marketing messages to tell you about relevant products and services or offers that may be of interest to you if we have a valid reason to do so under data protection legislation. The two main reasons we rely on are where we have your consent, or if we have a legitimate interest to do so.
When we rely on legitimate interests, we will issue you with marketing that we think will be of interest to you. We will only do this when we believe that our legitimate interests do not override your privacy rights.
You can ask us to stop sending you marketing messages and update your choices by contacting us at any time.
Whatever you choose, you will still receive important information such as changes to your existing products.
How long we keep your personal information
We maintain a data retention policy which governs how long we will keep your personal data for. We retain personal data about our customers and prospective customers. We will only keep your information for as long as reasonably required to demonstrate we have met our obligations to you and the rules that apply to us.
We will keep your personal information for as long as you are a customer. After you stop being a customer, we will keep your data for up to 7 years for the following reasons:
We may keep your data for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons. If we do, we will make sure that your privacy is protected.
Your Rights
Individuals have a number of rights in connection with their Personal Information. These rights only apply in certain circumstances and are subject to certain exemptions. These rights are noted below.
All enquiries in respect of these rights will be handled by Smart Insurance, however, where necessary, we will liaise with other parties with whom we have shared your personal information ("Who we share your personal information with" above) when dealing with your request.
How to get a copy of your personal information
You can access the personal information we hold on you by contacting our Data Protection Officer. You can email us, write or call us using the following details:
Data Protection Officer at Smart Insurance, PO Box 6063, Windsor, SL4 9GL
Email service@smartinsurance.co.uk or call us on 0800 458 6901.
Letting us know if your personal information is incorrect
You have the right to question any information we have about you that you think is wrong or incomplete. We will take reasonable steps to check its accuracy and correct it.
If you want us to stop using your personal information
You have the right to object to our use of your personal information, or to ask us to delete, remove or stop using it if there is no need for us to keep it. This is known as the “right to object”, “right to erasure” or the “right to be forgotten”.
However, there may be occasions when we will not be able to delete personal information if a legal or regulatory requirement prevents us from doing so.
Restricting the use of your personal information
You can ask us to restrict the use of your personal information if:
Data portability
You can ask us to provide you with personal information you have given us, in a format that can be read by a computer. You can also ask that we share your data in this format, to someone else.
Opting out of advertising
You can opt out of advertising from Smart Insurance and other brands by making changes on Facebook and Google.
Visit these links to find out how:
Google: https://support.google.com/ads/answer/2662922?hl=en-GB
Facebook: https://www.facebook.com/help/146952742043748
How to withdraw your consent
If we have relied upon your consent to process your personal data, you can withdraw your consent at any time. Please contact us if you wish to do so.
If you withdraw your consent, we may not be able to provide certain products or services to you. If this is the case, we will let you know.
How to Complain
Please contact our Data Protection Officer if you are unhappy with how we have used your personal information. To contact us about any of your rights set out in this Privacy Policy please write, email or call our Data Protection Officer at Smart Insurance, PO Box 6063, Windsor, SL4 9GL, email service@smartinsurance.co.uk or call us on 0800 458 6901. Please provide your full name, email address, date of birth and quote number or policy number when contacting us.
You also have the right to complain to the Information Commissioner’s Office.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Smart Insurance are committed to protecting your privacy and we promise to treat it securely, fairly and lawfully.
When we collect any personal information through our website and technology platforms, we will be transparent about what we collect, why we collect it and how we intend to use the data.
Protecting our customers is at the heart of everything we do at Smart Insurance and protecting your information is no exception. We use cookies on our website(s) and other similar technologies to collect anonymous data so that we can improve and enhance your experience when you use our services. These cookies allow us to:
We will collect information about how you use our website to:
How to manage and switch off cookies
Your web browser provides settings that allow you to manage or switch off cookies. If you do switch off cookies, remember that you may not be able to use all the services on our website. You can find out more about managing and switching off cookies at the independent website allaboutcookies.org.
You can update your cookie preferences using this link here.
What are Cookies
“Cookies” are small pieces of text files which are sent to your browser and stay on your computer or mobile device when you visit our website. Cookies do not damage your device they are used to ‘remember’ you when you visit our website again. Cookies alone cannot be used to identify you.
A cookie will transport information about how you use our website to us. The cookie does not keep any of the data it collects.
Cookies are often referred to as session or persistent cookies, depending on how long they are used:
In addition to how long a cookie is kept on your computer, a cookie is then divided into four types:
Strictly necessary cookies
These cookies are essential to enable services you have specifically requested such as requesting a quote and/or purchasing a product.
Strictly necessary cookies | Purpose | Period |
ASP.NET_SessionId | Used to remember information required for navigation and other site interactions such as your details throughout the purchasing process. Overview of Microsoft privacy | Session |
ARRAffinity | Used to request routing and load balancing by our hosting platform, Microsoft Azure. | Session |
XSRF-TOKEN lvapp_session | This cookie is written to help with site security in preventing Cross-Site Request Forgery attacks. This cookie is associated with Involveme, an app producing forms. This cookie allows the forms to function within the website. | Session 1 day |
OptanonConsent | This cookie is set by the cookie compliance solution from OneTrust. It stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given. The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered. It contains no information that can identify the site visitor. | Persistent – 1 Year |
OptanonAlertBoxClosed | This cookie is set by websites using certain versions of the cookie law compliance solution from OneTrust. It is set after visitors have seen a cookie information notice and in some cases only when they actively close the notice down. It enables the website not to show the message more than once to a user. The cookie has a one year lifespan and contains no personal information. | Persistent – 1 Year |
visitorId | Used to track user actions in a session to support site navigation and user interaction. | SESSION |
TransactionId | Used to connect visitor actions together to support site navigation and user interaction. | Persistent – 6 months |
cookietest | Common cookie name could have a number of different origins. Where this is first party and a session cookie, its most likely to do with checking to see if the browser is set to block or allow cookies. | SESSION |
Performance cookies
These cookies collect information about how you use our website, for instance which pages you visit most often, and if you experience error messages. These cookies don't collect information that identifies you. All information is aggregated and therefore anonymous. They are only used to improve your experience whilst visiting our website.
Performance cookies | Purpose | Period |
_gid _gat_UA-nnnnnnn-nn _ga_MJXVYSTZHF _ga | Google Analytics is Google's free web analytics tool that helps website owners understand how their visitors engage with their website. Google Analytics collects information anonymously, and reports website trends without identifying individual visitors. Universal Analytics is a set of technological innovations that improve the way data is collected and processed in Google Analytics. Universal Analytics uses cookies to track visitor interactions. These cookies are used to store information, such as what time the current visit occurred, whether the visitor has been to the site before, and what site referred the visitor to the web page. Google Analytics customers can view a variety of reports about how visitors interact with their website so they can improve their website and how people find it. Different cookies are used for each website, and visitors are not tracked across multiple sites. | Persistent – 30 days 2 years 2 years 2 years |
_vwo_uuid_v2, _vwo_uuid _vwo_sn, _vwo_referrer, _vis_opt_s, _vis_opt_test_cookie _vwo_ds _vis_opt_exp_n_combi | These cookies are associated with the product Visual Website Optimiser, by Wingify. The tool helps site owners measure the performance of different versions of web pages. | Persistent – 1 Year |
__adal_ses __adal_root_domain_test_nnnnnnnnnnnnn __adal_id __adal_cw __adal_ca | This cookie name is associated with software provided by Adalyser to enable optimization of TV advertising by tracking sessions and conversion timings in relation to TV ad spot air times. This is a pattern type cookie with a common root of __adal_root_domain_test_ followed by a string of numbers. | Persistent Session Session 2 years 6 days 179 days |
Targeting/Advertising cookies
These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see the same advert and help us measure the effectiveness of advertising campaigns.
Targeting / Advertising cookies | Purpose | Period |
_gclxxxx | Google conversion tracking cookie | 90 days |
_uetsid _uetvid MUID | This cookie is used by Bing to determine what ads should be shown that may be relevant to the end user perusing the site. This is a cookie utilised by Microsoft Bing Ads and is a tracking cookie. It allows us to engage with a user that has previously visited our website. This cookie is widely used my Microsoft as a unique user identifier. It can be set by embedded microsoft scripts. Widely believed to sync across many different Microsoft domains, allowing user tracking | 1 day 389 days 1 year |
A3 | Used by Yahoo for targeted advertising | 1 year |
Social Media Cookies
These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
Social Media Cookies | Purpose | Period |
_fbp | Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers | Persistent – 90 days |
Apart from cookies we also use local storage and tags to help us enhance your browsing experience.
Like cookies, local storage is stored locally on your machine, within your browser like cookies, history, saved pages, etc. Local storage contains ‘name/value’ pairs (i.e. postcode / SL4 1RS, surname / ‘Smith’) and a web page can only access data stored locally within its domain.
Tags are a small piece of code which is placed on our website and collects data. This code would only collect data on our website. A tag will not be stored on your browser; however, it may use a cookie which could be placed on your browser.
Last updated: August 2022