Privacy and Cookie Policy

1. About Us

Cura Financial Services Limited is committed to protecting the privacy and confidentiality of all individuals and takes its responsibilities regarding the security of data very seriously. We abide by the rules of the General Data Protection Regulation (GDPR) upheld by the Information Commissioner Officer (ICO) and are authorised and regulated by the Financial Conduct Authority (FCA) to advise and arrange protection insurance policies. This includes processing any personal data lawfully, fairly and in a transparent manner.

2. What information do we collect about you if you are interested in our services and why?

As a brokerage and as part of our service we will collect information from you so that we can advise and arrange insurance policies that maybe suitable for you. In the financial services industry we call this factfinding which provides us with all the information that we need from you in order to provide you a with suitable product that meets your circumstances and requirements.

When obtaining information from you we will do this by phone, email or post and will confirm the accuracy of the data collated. It is important that all the data we hold on you is accurate so that we can advise and arrange suitable products to you.

The types of information we may collect from you include some or all the following personal and non-personal data:

• Personal information such as name, date of birth, marital status and children; this is collected, processed and stored in order to assess needs for insurance and make suitable recommendations;
• Financial information such as assets, liabilities and income; this is collected, processed and stored in order to assess needs for insurance and make suitable recommendations;
• Medical information including some details about family medical history; this is collected, processed and stored in order to assess needs for insurance and make suitable recommendations;
• Contact details such as address, telephone number and email address; this is collected, processed and stored in order to keep clients up to date and service their policies;
• Direct debit details; this is collected, processed and stored in order to process payments for insurance contracts and satisfy anti money laundering prevention regulations;
• Non personal data such as IP address, web browser type, operating system and a list of URLs starting with a referring site, your activity on our site, and the site you exit to.

3. Providing data about other people

This privacy policy sets out in detail how your data will be used by us. If you are providing us with another person’s data you should ask them to also read this Privacy Policy. By giving us information about another person you are confirming that they have given you consent to provide the information to us.

4. Information from other sources

We may obtain information from other sources such as public records, if required.  This is to enable us to verify who you are or facts that you have told us are accurate.

5. How will we use this information?

We will only use your data in ways that you would reasonably expect us to. Below summarises how we use your data.

To enable us to provide the services we have agreed and for other related purposes – including updating and enhancing customer records, analysis for management purposes and statutory returns, crime prevention and legal & regulatory compliance – we may obtain, use, process and disclose personal data about you.

We may collect and process the following data about you:

• Information that you provide by filing in forms on one of our websites.
• Information that you provide to us by telephone, e-mail or face to face.

We will use the information you provide to us to research the market on your behalf to find a suitable policy that meets your circumstances and needs. Once we have carried out research, we will provide you with a recommendation or quote. Whilst you consider our recommendation or quote, we will remain in touch to answer any questions you may have.

If you are happy to proceed, we will then use your data to complete an application form which will then be forwarded to the relevant Insurer. We will then liaise with them on your behalf until the policy has been arranged.

We will also use your data to assist with handling a complaint if you are not happy with the service you have received.

As part of our service we like to keep our customers up to date with new products or offers that are available and maybe of interest, including introducing you to other services such as Will Planning. Therefore, we may contact you from time to time through email marketing, phone, text or other types of marketing material. If you wish to opt out of this at any point then please let us know.

In the interest to improve our services, telephone calls may be monitored and/or recorded for training purposes and to assist us handle a complaint. Where we record the call, you will be informed of this.

6. The lawful basis on which we use this information

How we use your information (detailed above) we will do so using the lawful basis legitimate interests. We have decided upon this basis as it allows us to meet with the ICO and FCA rules and is the most suitable lawful basis for processing data with a view to arranging a policy.

7. People who contact us

People who contact us via social media

We use a third-party provider, SmarterQueue to manage some of our social media interactions. If you send us a private or direct message via social media the message may be stored by SmarterQueue or by the relevant social media platform. It will not be shared with any other organisations.

People who contact us via SMS

We use a third-party provider, TextMarketer to send/receive SMS messages. If you send an SMS message it may be stored by TextMarketer. It will then be securely stored by us against your file. It will not be shared with any other organisations.

People who email us

Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with our office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.

People who use our services

Cura Financial Services provide a range of Financial Services to Data Subjects. We process data provided by the data subject and other sources in order to deliver the appropriate products and services to Data Subjects.

We are required to hold the details of the people who have requested the service in order to provide it. However, we only use these details to provide the service the person has requested and for other closely related purposes. For example, we might use information about people who have requested protection advice to carry out a survey to find out if they are happy with the level of service they received. When people do subscribe to our services, they can cancel their subscription at any time and are given an easy way of doing this.

8. Who will it be shared with?

As stated above, if you wish to proceed to take out a policy then we will pass your details on to the Insurer the policy will be arranged with. The information we pass on will be detailed within the application we complete on your behalf.

We may also share this information with third parties such as:

• compliance and other agents relevant to the business activity;
• selected third parties’ services suppliers for the provision of regulatory and compliance services, insurance research tools, IT and backup services and review services (Feefo).

Where required we may forward your details onto regulatory authorities or fraud agencies where we have a legal obligation to do so to comply with our regulatory requirements or where fraud is suspected. We may do this under the lawful basis legal obligation.

9. What we will do to ensure the security of personal information

We will not share any of the information you provide to third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us regardless of whether the information is in electronic or physical format. We use leading technologies and security measures to safeguard your information and keep strict security standards to prevent any unauthorised access to it.

10. How long will we retain your data

All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. Data will therefore be retained for the following periods (or its retention will be determined on the following bases):

• Where no advice has been provided and no policy purchased, we will hold data for no more than 12 months;
• Where a policy has been purchased or advice has been provided (whether cover applied for or not) we will retain this data, to evidence this advice. This will include keeping a copy of your file including your personal data and any call recording, on record for a minimum of six years, in line with our regulatory obligation with the FCA;
• If you contact us, we may keep a copy of that correspondence.

11. What are your rights?

You have the right to:

• Be informed about how we use, share and store your personal information;
• Request access to the personal data we hold on you (also known as a Subject Access Request (SAR)). Where a SAR is requested, we will respond promptly and within one month from the date we receive the request;
• Request your personal data is amended if inaccurate or incomplete;
• Request your personal data is erased where there is no compelling reason for its continued processing and we don’t have a legitimate interest to retain it;
• Request that the processing of your data is restricted;
• The right to object to your personal data being processed;
• Rights in relation to automated decision making and profiling.

Where the processing of your data is based on your consent, you have the right to withdraw this consent at anytime by contacting us by phone or email. We do not use automated decision making or profiling systems.

12. Marketing

Where we need your consent, we will ask for this separately. We do not use pre-ticked boxes or make assumptions that you have given your consent. Your consent must be freely given by positively opting in or making a clear affirmative action that you are giving your consent. We will do our very best to ensure you know exactly what you are consenting to and remind you that you may withdraw your consent at anytime by contacting us by email or phone. Where consent is obtained a record of this will be made confirming what you have consented to, the time and date and how consent was obtained.

Customers: Our customers are important to us however we appreciate that on some occasions you may wish to look elsewhere. If you do, we would like to stay in touch and therefore will ask for your consent in order for us to do so.

Potential Customers: Where you have expressed an interest in a product but have then decided not to proceed, we would like to keep in touch therefore will ask for your consent to do so in case a product maybe of interest to you at a later date.

Non-Customers: We will only send you information about regulated products or services if we have obtained your consent to do so.

13. Information collected via our website

We collect web usage information when you visit our website including information such as the date, time, page viewed or searched relating to your browsing activity. Where you have provided personal data, we may collect web usage information to enable us to build a demographic profile.

We may also use web usage information to create statistical data regarding the use of our website. Where statistical data is produced, we may then use that data to help us assess the effectiveness of marketing campaigns, develop and deliver services and information to improve the overall effectiveness of our website. We will also use IP addresses to analyse trends, track users’ movements and gather broad demographic information for our own internal use.

Within our website you can interact with us, if you so wish. Where you provide your personal data on our website it will be taken as a positive action that you would like us to contact you for the purpose as set out on our website.

14. What is a cookie?

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

How long does my computer store a websites cookies?

When a cookie is stored on your computer, it is given an expiry date. The operator of the website that sent the cookie sets the expiry date of the cookie.

All modern web browsers (Internet Explorer, Edge, Firefox, Chrome, Safari etc) also give you the option to clear cookies from your computer yourself. You must refer to your web browsers user manual for doing this.

How do we use cookies?

We use cookies for:

• Tracking, statistical and functional purposes;
• Storing the information you enter to allow us to provide you with a quotation for the product you requested;
• Remembering some of the user’s details as to save them time if/when they return to the site at a later date or request a quote for a different product.

Can I opt out of receiving cookies from your site?

Yes, you can. There are a number of options available to prevent your web browser receiving cookies. You can set your browser either to reject all cookies, to allow only “trusted” sites to send them, or to only accept them from the site you are currently visiting. You must refer to your web browsers user manual for doing this.

However, please note that by blocking cookies it may impact the functionality of the website.

What cookies do you use?

The table below explains the cookies we use and why. These cookies are used to collect information about how visitors use our website.

Analytical data

When someone visits our website, we use a third-party service called Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

15. Linking to third party websites

We do not take responsibility for the privacy policies or practices of other sites, even where you access them using links from our website. You are advised to read the Privacy Notice of other websites prior to using them.

16. Right to complain

We hope that the service you receive from us is to the high standard you would expect. If at any point you are unhappy with the way we have used your data then please notify: Kathryn Knowles by either email, post or phone below. If you remain concerned about the way we collect or use your personal data you can raise your concern with the Information Commissions Office (ICO) on 0303 123 1113. For further details you may visit the ICO website www.ico.org.uk

When we receive a complaint from a person, we build a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint. We will only use the personal information we collect to process the complaint and to check on the level of service we provide.

We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. We usually have to disclose details of the complaint to our professional Indemnity Insurance Broker and Insurer. We may be required to provide a copy of our file to the Financial Ombudsman Service, should an adjudicator be required to consider the complaint case. We are required to disclose to The Financial Conduct Authority (FCA) high level analytics concerning the number and nature of complaints received. This data does not include names or details that identify the specific data subject.

We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained indefinitely. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.

17. Changes to the information

We regularly review and, where necessary update our Privacy Notice. If we plan to use personal data for a new purpose our Privacy Notice will be updated and you will be notified.

18. How to contact us

If you want to request information about our Privacy Policy, you can email us or write to:

info@curainsurance.co.uk

Cura Financial Services, The Evron Centre, John Street, Filey, North Yorkshire, YO14 9DW