Privacy Notice

This privacy notice tells you what we do with information we collect about you. It’s relevant to anyone who uses our services, including policyholders, prospective policyholders, website users and beneficiaries under our policies, such as named drivers. We refer to all these individuals as “customers” or “you” in this notice.

1. Who “we” are

In the context of the Action 365 Ltd trading as Stella Services Comprehensive Car Insurance Policy, Stella Services and U K Insurance Limited (together “We”, “Us” or “Our”) are the data controllers of Your personal information. Stella Services are responsible for the arranging and administering of the Stella Comprehensive Car Insurance Policy and any marketing activity and U K Insurance Limited process Your information for underwriting and claims fulfilment purposes.

You can contact Stella Services on data privacy matters at compliance@withstella.co.uk or by writing to them at Stella Services, BizSpace, Cheadle, Cheadle Place, Stockport Rd, Cheadle SK8 2JX. Additionally You can contact U K Insurance Limited on data privacy matters in relation to underwriting or claims at Data Protection Officer, U K Insurance Limited, Churchill Court, Westmoreland Road, Bromley, Kent BR1 1DP or alternatively by email at Data.Rights.Requests@directlinegroup.co.uk. U K Insurance Limited do not undertake any marketing activity in respect of Your Stella Services Policy. You will need to contact Stella Services if You require information or changes to Your marketing preferences are required.

2. What information do we collect about you?

Information collected from you & cookies policy

Where we have collected information directly from you, rather than your broker, it will usually be obvious what this is, as you will have given it to us. This might not be the case, if you have visited our website, where we have used cookies to collect information from your computer or portable electronic devices.  Please see our cookies policy for more information.

Information collected from others

We can collect information about you from others. This includes information from:

• Joint policyholders or policy beneficiaries. Where you are named on a joint policy or a beneficiary of that policy, we may collect information about you from any named policyholder. We will ask them to confirm that they have your permission to give us this information about you.
• Fraud prevention, law enforcement or government agencies and other data sources used to prevent or detect fraud or provide details to us about criminal convictions or offences.
• HM Treasury and other authorities in relation to regulatory issuesg. where someone is subject to a financial sanction they will appear on HM Treasury’s asset freezing list.
• Credit reference agencies g. credit searches that are made when we produce a quotation for a new policy or at renewal. (Note that the results of these searches are automatically deleted after 12 months and do not affect your ability to obtain credit.) Please also see section 4 below.
• Driver and Vehicle Licensing Agency (DVLA). We may ask for your Driving Licence Number (DLN) and the DLN of any named drivers as part of your application for motor insurance. The number is used to do an automated check with the DVLA driver database to retrieve the licence status, licence entitlement, relevant restriction information and any endorsement and conviction details. If you do not wish to provide your DLN you can choose to answer the questions about your licence information yourself.
• External sources such as no claims discount databases, the electoral role and insurance comparison websites to help us decide what the risk is in selling the policy and from companies that hold information about insurance renewal dates, marital status, household residents, vehicle details, employment status and household income to help us work out which information we should provide to you about our other products and services.

Sensitive personal information

We collect information that is sensitive, such as information about children, health or geo-location (which may be sensitive personal information because, for example, it can pinpoint your location at a hospital), and information related to unspent past criminal convictions or offences. We also collect your sensitive personal information for specific types of policy or applications, for example when offering you a travel policy or a driving application e.g. Telematics.  We obtain this from your mobile devices for driving applications and the following people:

• The main policyholder either directly or via your broker will provide most of the information we collect about health (including confirming whether hospital treatment is being sought) and unspent criminal convictions or offences, including on behalf of others named on the insurance policy e.g. medical screening to support a travel policy;
• Fraud prevention or law enforcement agencies may provide details to us about criminal convictions or offences;
• Witnesses to an accident may provide medical information to us if there is an investigation of a claim;
• We may use information about a child, for example, where the child is a beneficiary under a policy or if involved in an accident.

We collect and use this information as part of your insurance quotation or contract with us, or where it is necessary for a legal obligation, or as part of the establishment or defence of a legal claim.

3. What do we do with information we collect about you and why may we do this?

We use your personal information in order to meet our obligations in our contract of insurance with you.  We and other companies within our group of companies use your personal information in the following ways:

A. Provide insurance services

When you request us to provide you with a quote for one of our insurance policies or you purchase an insurance policy from us, we use information about you:

• To decide what the risk might be in selling you the policy, to quote for, and provide you with, a premium for that policy and any special terms that may apply to that policy (noting that we may use automated decision making to make this assessment – see section 9 below);
• To administer your policy and monitor the payment of instalments if you pay us your premium in this way;
• To contact you about the policy (e.g. for billing or renewal purposes);
• To discuss your policy and with your broker and to provide them with details about your insurance policy, premium and claims history so that they can manage your policy with us; and
• To provide the agreed service if you make a claim (e.g. sending someone to assist you in a roadside breakdown situation or to provide you with medical assistance if you are injured or unwell when overseas).

We cannot provide the services unless we use the information about you in this way.

B. Do what we are required to do by law

As part of our duty as an insurer providing insurance services, sometimes we are required by law to use information about you:

• to help make sure our customers are being treated fairly (e.g. to assist our regulators or suppliers where we have a legal duty to do so) or to help identify if it is necessary for us to make adjustments in our service to aid and meet the needs of vulnerable customers);
• To deal with complaints;
• To help prevent and detect crime (including, for example, the prevention or detection of fraud); and
• To comply with a legal or regulatory obligation.

We can use your personal information in this way because we are required to do so by law.

C. Prevent fraud occurring

Fraud has an impact on all customers as it increases costs for everyone. We use your personal information to check for signs that customers might be dishonest (e.g. if someone has behaved dishonestly in the past it may increase the risk they will do so in future).

We may use your personal information in this way because it is in our interests to detect fraud and in all our customers’ interests to ensure that they are not prejudiced due to increased premiums as a result of a few customers acting dishonestly.

D. Recover debt

If you owe us money we will use your personal information to help us recover it.

We can use your personal information in this way because it is a necessary part of the contract of insurance. We need to ensure that premiums are paid so that the majority of our customers do not suffer (e.g. through increased premiums) due to the actions of a small minority of customers.

E. Where your or another person’s life may be at risk

We will use your personal information to assist where your or another person’s life or health is in danger and obtaining your permission is not possible (e.g. arranging emergency medical treatment in a remote location).

F. To administer and improve our services

To administer our services, we will share information with others (including to people or organisations that may be based overseas):

• In order to enable us to process your claim or administer your insurance policy more cost effectively;
• To help develop our products, services and systems to deliver you a better sales and claims experience in the future; and
• To understand how our prospective customers make decisions about which insurance policy is the optimal policy.

We may also process your personal data to better understand you as a customer, including to determine how best to retain your custom, and to ask you to provide feedback on the service we provide to you.

We can use your personal information in this way because it is in our legitimate interests to provide the services in the most efficient way.  We will always ensure that we keep the amount of your personal information that we collect and the extent of any processing to the absolute minimum to achieve this efficiency.

4. Who do we share your personal information with and why do we do it?

We may share your personal information with third parties and other companies within Our group of companies for the purposes mentioned in section 3 above. A list of U K Insurance Limited group companies can be found at www.u-k-insurance.co.uk/group-companies.html.  Alternatively, you can contact the U K Insurance Limited Data Protection Officer for a list of them. Please see section 10. You should make sure everything you tell us is correct because your records may be checked in the following circumstances:

• When you apply for insurance, financial services, or work;
• By police and other law enforcement agencies.

In particular we share information with:

• Fraud prevention agencies that provide databases and services, such as CIFAS, National Hunter, SIRA and ENI, to prevent or detect fraud.
  • Fraud prevention agencies will process this personal information in order to assist our prevention of fraud and money laundering, and to verify your identity and may also process your personal information in order to prevent fraud and money laundering by other people.
  • Fraud prevention agencies will hold your personal information for up to 1 year, or up to 6 years if you’re considered to pose a fraud or money laundering risk.
  • If we or a fraud prevention agency determine that you pose a fraud or money laundering risk, we may refuse to provide the services and / or financing you have requested.

A record of this risk will be retained by the fraud prevention agencies and may result in others refusing to provide services or financing to you. If you have any questions about this, please contact the appropriate fraud prevention agency.

• Law enforcement or government agencies we and fraud prevention agencies may permit law enforcement or government agencies to access and use your personal information, if they request it.
• Regulatory bodies such as the Financial Conduct Authority, Prudential Regulation Authority or the Information Commissioner’s Office to meet regulatory and legal obligations and requests for information.
• Credit reference agencies are used to help us verify your identity, and to determine the price of your insurance and your payment options when you take out a quote and at renewal of your insurance policy. This leaves a “soft footprint” on your credit file which can only be seen by you and does not affect your credit score.

  If you choose to pay your premium by instalments we will share this information when you first take a policy with us and at each renewal.  We may exchange information with credit reference agencies to reflect your credit application (as payment by instalments means that there will be a credit agreement between us).  We will let you know before we do this. This will be visible to other credit providers and is known as a “hard footprint”.  Failure by you or anyone who pays for your policy to keep up the monthly payments due under your credit agreement will be reflected in your credit score, not theirs.

  The identities of the credit reference agencies and the ways in which they use and share personal information are explained in more detail at www.experian.co.uk/CRAIN. Alternatively, you can call us, and we will send you a copy.

• Your spouse or partner who calls us on your behalf, provided they are named on the policy. Please tell us who they are when you take out your policy. If you would like someone else to deal with your policy on your behalf on a regular basis, please let us know. In some exceptional cases, we may also deal with other people who call on your behalf, but only with your  If at any time you would prefer us to deal only with you, please let us know.
• Joint account holders where insurance products are affiliated to a joint account personal information will be visible to both account holders; this will include details such as your name and address
• Other insurance companies to help settle any insurance claim or to verify that the information you have provided is correct (e.g. we will check the amount of No Claims Discount you have told us with your previous insurer).
• Insurance industry bodies such as The Motor Insurance Database to meet our obligations under the Road Traffic Act.
• Insurance industry databases, such as the Claims and Underwriting Exchange where you make a claim so that insurers can check that your claims history is correct, the Insurance Fraud Register and, for commercial policies, the Employers’ Liability Tracing Office.
• Data verification and information in certain circumstances we share your claims history and some personal information, which you have provided, to Lexis Nexis Risk Solutions (part of the RELX Group of companies), to verify your No Claim Discount, assist in the prediction of risk and to access information about your previous motor insurance policies. Lexis Nexis uses information from other insurers to confirm your No Claim Discount, where available. We also provide regular updates into the Lexis Nexis database. More information can be found at risk.lexisnexis.co.uk/consumer-and-data-access-policies/insurance
• Government bodies, such as the Driver and Vehicle Licensing Agency.
• Driver and Vehicle Licensing Agency (DVLA) data If you choose to provide your Driving Licence Number (DLN) as part of your application for motor insurance the data provided by the DVLA may be used alongside other information you have provided:
  • To provide you with a quote;
  • To administer the policy; and
  • To prevent fraud.

The data will not be used for any other purpose or be made available to anyone else. Searches of the DVLA driver database may be carried out prior to the date of the insurance policy and at any point throughout the duration of your insurance policy including at the mid-term adjustment and renewal stage. Unlike other DLN searches with the DVLA that you may have authorised, this one will not show a footprint against your driving licence.

5. Will we send your personal information overseas?

We may send your personal information overseas to any part of the world. The protections given to your personal information in other parts of the world will often not be as strong as in the UK. Where possible, we will put in place agreements with the people we send your personal information to, to require them to treat your personal information with the same protections that we apply ourselves.  Our agreements may include standard terms provided by the EU called EU Model Clauses or may require the other party to be signed up to government standards that are recognised as providing the right level of protection.  But it is possible that regardless of what is set out in the agreement this would not stop a government in any part of the world from accessing your personal information, as they can often have power to overrule any agreements we make.

In some cases we might need to share information to carry out the services we have promised to carry out, for example if you require urgent assistance abroad. In such an urgent situation we may not always have the time to put in place the type of agreement we would normally want to.

6. How long may we keep your personal information for?

We are only allowed to keep your personal information if we need it for one of the reasons we describe in section 3 above.

As a general rule, we will keep it for 6 years from the end of your relationship with us, as it is likely that we will need the information for regulatory reasons, fraud prevention, or to defend a claim.  For example, should you wish to bring some form of legal action relating to your relationship with us, this would generally need to be done within 6 years from the end of that relationship.  However, there may be exceptions where we need to keep your personal information for longer, such as where a claim has involved a minor. We retain quote information in your account for 15 months.

We will also retain data in an anonymous form for statistical and analytical purposes, for example, to assess risk of flood damage occurring.

7. When can you ask us to stop using your information?

If we rely on your consent to collect and process your personal information, you can ask us to stop using your personal information at any time by withdrawing that consent and we will stop using your personal information for those purposes.  We may rely on your consent to use computers to make decisions about you to improve our services or develop our products (see section 9).

At any time, you can tell us to stop using your personal information to allow computers to make decisions about you or in order to improve our services or develop our products (see section 9).  To find out how to do this, see section 10.

8. What happens if you don’t give us some of your personal information?

Where you do not provide the personal information we need in order to provide the service you are asking for or to fulfil a legal requirement, we will not be able to provide the service that you are asking us to give you.

We will tell you about why we need the information when we ask for it.

9. When do we use computers to make decisions about you?

We will collect information about you and put this into our computer systems. The computer systems will make certain automated decisions about you which will be based on comparing you with other people.  This will have an impact in terms of the level of premium or product that we offer to you.  We may also use automated decision making to conduct an identity verification check.

For example, if you are under 25 years of age, the computer system may determine that you are more likely to have a car accident.  This is because the computer system has been told that more people aged under 25 have car accidents. 

This is important because:

• In providing insurance services it helps us decide what price you should pay for your policy and understand any risks associated with that policy;
• In identity verification it helps us to check that you are who you say you are and to prevent others from imitating you;

We also use computer systems to carry out modelling. Sometimes using your personal information and sometimes using data in anonymised form.  We conduct this modelling for a variety of reasons, for example, for risk assessment purposes to make decisions about you, such as your likelihood to claim.  However, we may also use your personal information in that modelling to make decisions about how we improve and develop our products and services, or our pricing and underwriting, or to better understand how our prospective customers make decisions about which policy is the optimal policy (i.e. we are not making decisions directly about you).

10. How to contact us about this privacy notice

Stella Services and U K Insurance Limited are responsible for responding to your requests to exercise your rights which are set out below.

For U K Insurance Limited, please contact Our Data Rights Team at, Churchill Court, Westmoreland Road, Bromley, BR1 1DP or alternatively by email at Data.Rights.Requests@directlinegroup.co.uk.

For Stella Services, please contact Our Compliance Department at, BizSpace, Cheadle, Cheadle Place, Stockport Rd, Cheadle SK8 2JX. or alternatively by email at compliance@withstella.co.uk

You may contact us at the address above for one or more of the following reasons:

1. To ask us to correct information about you that is wrong or incomplete.
2. To ask us to delete personal information about you (the “Right to Erasure”). We are not required to erase information if we still need it for the purposes for which it was collected or processed, including to maintain records after cancellation or expiry of your policy, or where we have other legal grounds for processing your information.
3. To tell us you no longer agree to, that you object to, or that you wish to restrict us using information about you and ask us to stop.
4. A right of access, namely to ask us to provide you with a copy of all of the personal information that we have about you.
5. A “data portability” right, namely to obtain and reuse the information that you have provided to us for your own purposes across different services. You may ask for this information to be provided directly to you or directly to another organisation. We will provide the information in a machine readable format so that another organisation’s software can understand that information.
6. To ask us to review automated decisions made about you (as explained in section 9).

Sometimes we will not be able to stop using your personal information when you ask us to (e.g. where we need to use it because the law requires us to do so or we need to retain the information for regulatory purposes).

In other cases, if we stop using your personal information, we will not be able to provide services to you, such as administering your insurance policy or servicing your claim.

We will tell you if we are unable to comply with your request, or how your request might impact you, when you contact us.

Complaints

If you have any concerns about the way in which we are using your personal information, please contact Our Compliance Department at \Stella Services, BizSpace, Cheadle, Cheadle Place, Stockport Rd, Cheadle SK8 2JX. or alternatively by email at compliance@withstella.co.uk and we will endeavour to resolve your concern. To contact U K Insurance Limited, please write to Our Data Protection Officer in the first instance at, Churchill Court, Westmoreland Road, Bromley, BR1 1DP or alternatively by email at DataProtection@directlinegroup.co.uk. However, you do also have the right to complain about how we treat your personal information to the Information Commissioner’s Office (“ICO“). The ICO can be contacted at:

ICO website: https://ico.org.uk/global/contact-us/

ICO telephone: 0303 123 1113

ICO textphone: 01625 545860