Privacy Policy

Last updated: 11th February 2024

Welcome to Insured Direct, owned and operated by The Investors Group LTD (“us”, “we”, or “our”), based in London, United Kingdom, and operating in Limassol, Cyprus. Our website address is https://insured.direct (the “Service”).

Your privacy is critically important to us. This Privacy Policy document contains types of information that is collected and recorded by Insured Direct and how we use it. This policy is a legally binding agreement between you (the user) and us. By accessing and using our Service, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.

Information Collection and Use

We collect several different types of information for various purposes to provide and improve our Service to you.

Types of Data Collected

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:

Types of Personal Information Collected

We collect both personally identifiable information and non-personally identifiable information that you provide to us or that is collected automatically when you interact with our services. This includes:

  • Personal Identification Information: Full name, date of birth, postal address, email address, and telephone number.
  • Financial Information: Payment details, including credit/debit card numbers, and insurance policy details.
  • Technical Information: IP address, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
  • Usage Data: Information about how you use our website, products, and services.
  • Communication Data: Information contained in or relating to any communication that you send to us or send through our website, including the communication content and metadata.

Methods of Collection

  • Direct Interactions: You may provide us with your personal and financial details by filling in forms on our website (e.g., when you sign up for an account, subscribe to our newsletter, request a quote, or make an insurance claim) or by corresponding with us by phone, email, or otherwise.
  • Automated Technologies or Interactions: As you interact with our website, we automatically collect technical data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies.
  • Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties and public sources, such as analytics providers, advertising networks, search information providers, credit reference agencies, and from publicly available sources such as company and property registries.

Purpose of Collection

  • To Provide and Manage Services: We use your information to perform our contract with you, process insurance claims, provide customer support, and manage our services.
  • To Improve Our Website and Services: Understanding how our users interact with our website and services helps us to develop new features and content that meet your needs.
  • To Personalize Your Experience: We use your information to personalize the website and our communications to you, in accordance with your interests and preferences.
  • To Communicate with You: We use your information to communicate with you about your account, our services, and any changes to our policies or terms.
  • For Security Purposes: We use information to enhance the security of our services, and to detect and prevent fraud.
  • For Marketing Purposes: With your consent, we may use your information to inform you about relevant products, services, and offers that may be of interest to you.

Your personal information is an essential part of our ability to provide high-quality insurance services. We handle your information with the utmost respect and in accordance with this privacy policy.

Use of Information

At Insured Direct, part of The Investors Group LTD, we take your privacy seriously. The information we collect is used in various ways to enhance our services and ensure we deliver the best experience to you. Below are the key purposes for which your personal information is used:

Providing and Managing Services

  • Service Delivery: We use your information to fulfill our obligations under any contracts between you and us, such as processing insurance claims, issuing policy documents, and managing your account.
  • Customer Support: Your information helps us to respond to your customer service requests and support needs more efficiently. Whether you’re inquiring about a policy or need assistance with a claim, we’re here to help.

Improving Our Offerings

  • Website Optimization: By analyzing how you use our website and services, we can improve and optimize our web pages, making them more user-friendly and tailored to your needs.
  • Product Development: Your feedback and usage patterns inform our development process, helping us to innovate and enhance our insurance products and services.

Personalization

  • Customized Experience: We use information about your preferences, interests, and previous interactions with our services to personalize your experience. This includes tailoring content, recommendations, and advertisements to match your interests.

Communication

  • Updates and Information: We use your contact details to send you important updates about your account, policy changes, renewal notices, and other essential information.
  • Marketing Communications: With your consent, we may send you promotional messages and newsletters about new products, special offers, and other information we think you might find interesting. You can opt-out of receiving these communications at any time.

Security and Fraud Prevention

  • Security Measures: To protect your personal information and prevent unauthorized access, use, or disclosure, we implement a variety of security measures, including encryption and access controls.
  • Fraud Detection: We may use your information to detect and prevent fraudulent transactions and other illegal activities to ensure the safety and security of our services.

Legal and Regulatory Obligations

  • Compliance: We may use your information to comply with legal and regulatory obligations, including responding to requests from government or law enforcement authorities or in connection with litigation.

Research and Analysis

  • Market Research: To better understand market trends and customer needs, we may use your information for research and analysis purposes. This helps us to develop more relevant products and marketing campaigns.

Basis for Processing

  • Consent: Where we rely on your consent to process personal information, you have the right to withdraw that consent at any time.
  • Contractual Necessity: We process personal information as necessary to perform our contracts with you (e.g., processing claims).
  • Legitimate Interests: We may process information for our legitimate interests, such as to improve our services, protect against fraud, and communicate with you about our services, provided those interests do not override your rights and interests.

We are committed to using your personal information responsibly and in alignment with your preferences. Our goal is to enhance the services we offer to you while rigorously protecting your privacy.

Information Sharing and Disclosure

At Insured Direct, part of The Investors Group LTD, we respect your privacy and are committed to protecting your personal information. This section explains the circumstances under which your information might be shared with third parties and the measures we take to ensure its protection.

Third-Party Service Providers

  • Operational Functions: We may share your information with third-party service providers who perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. These service providers are bound by confidentiality agreements and are restricted from using personal information for any purposes beyond the provision of these services.

Legal Requirements and Compliance

  • Legal Obligations: We may disclose your information if required by law or in response to valid requests by public authorities (e.g., a court or a government agency).
  • Safety and Security: Your information may be disclosed as necessary to enforce our terms of service, protect our rights or property, ensure the safety of our customers or the public, or protect against legal liability.

Business Transfers

  • Mergers and Acquisitions: In the event that Insured Direct, or substantially all of its assets, is acquired by or merged with another company, your information may be transferred as part of the transaction. You will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

Aggregate and Non-Identifiable Information

  • Anonymized Data: We may share aggregated, non-personally identifiable information with partners or for research purposes. This information does not identify you individually but may include usage, viewing, and technical data collected through our services.

International Data Transfers

  • Cross-Border Data Transfers: Given that we operate in Limassol, Cyprus, and are based in London, United Kingdom, your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Your Consent to Sharing

  • Consent: By using our services, you consent to our sharing of your information as described in this policy. We will always provide you with the option to opt-out of sharing, particularly when it comes to sharing your information with third parties for their direct marketing purposes.

Safeguarding Your Information

  • Protection Measures: We implement a variety of security measures to maintain the safety of your personal information when it is being transferred to or shared with third parties. This includes ensuring that third parties have appropriate security measures in place and adhere to strict data processing agreements.

We are dedicated to maintaining the trust and confidence of our customers by handling personal information with the utmost care and in compliance with this privacy policy and applicable laws and regulations.

Data Retention

At Insured Direct, part of The Investors Group LTD, we are committed to only retaining personal information for as long as necessary to fulfill the purposes for which it was collected, including for the satisfaction of any legal, regulatory, tax, accounting, or reporting requirements. This section outlines our data retention policy and how we determine the appropriate retention period for personal data.

Retention Periods

  • Service Provision: Personal information needed to deliver our services, including to maintain your account and process insurance claims, is retained for the duration of your relationship with us plus a period thereafter as legally required or permitted by law, typically for seven years for compliance with tax and accounting requirements.
  • Legal and Regulatory Obligations: Where required by law or to protect our legal rights, we may retain certain information beyond the period of providing services to you. This includes situations where we need to comply with legal obligations, resolve disputes, or enforce our agreements.
  • Marketing Purposes: For individuals who have consented to receive marketing communications, we retain personal information for a shorter period, typically until you opt-out or withdraw your consent. We periodically review the data and remove those records where consent is withdrawn or no longer necessary for the intended purpose.

Criteria for Determining Retention Periods

We determine the retention period for personal information based on the following criteria:

  • Purpose of Collection: The nature and purpose for which the personal information was collected.
  • Legal Requirements: Any legal or regulatory obligations that require us to retain the information for a certain period of time.
  • Statute of Limitations: The period during which someone can bring a legal claim.
  • Business Requirements: Our business operations and requirements, such as proper account maintenance, facilitating customer relationship management, and implementing service improvements.

Deletion of Personal Information

Once the retention period expires, personal information is securely deleted or anonymized, so it can no longer be associated with you. We also take steps to ensure that third parties with whom we have shared your information delete it or anonymize it in accordance with these guidelines.

Your Rights

You have the right to request deletion of your personal information at any time, except where we are required to retain the information by law or for legitimate business purposes. Please contact our support team at support@insured.direct for requests related to the deletion of your personal data.

Review and Update of Retention Policy

We regularly review our data retention policy in light of legal and regulatory requirements and to ensure best practice. Any changes to our retention periods will be communicated through updates to this privacy policy, available on our website.

Data Protection and Security

At Insured Direct, part of The Investors Group LTD, ensuring the security and confidentiality of your personal information is paramount. We understand the importance of protecting your data from unauthorized access, alteration, disclosure, or destruction. This section outlines the measures we have put in place to safeguard your information and ensure its integrity and confidentiality.

Security Measures

  • Encryption: We employ robust encryption methods to protect your data during transmission and when stored on our systems.
  • Access Controls: Access to your personal information is strictly limited to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
  • Security Training: Our staff receives regular training on data protection and security measures to ensure they are aware of the importance of protecting personal information and the steps they must take to ensure its security.
  • Secure Infrastructure: Our infrastructure is designed to secure your data, utilizing state-of-the-art data centers, firewalls, and security protocols to protect against unauthorized access or cyber threats.
  • Regular Audits: We conduct regular security assessments and audits to identify and mitigate potential vulnerabilities in our systems and processes.
  • Incident Response Plan: In the unlikely event of a data breach, we have an incident response plan in place to promptly address and mitigate the effects of the breach. We will notify you and any applicable regulators of a breach in accordance with legal requirements.

Data Breach Procedures

In case of a data breach, we will take the following steps:

  1. Assessment: Quickly assess the nature and extent of the breach to understand the potential impact on personal data.
  2. Containment: Take immediate steps to limit and contain the breach to prevent any further unauthorized access to or loss of personal data.
  3. Notification: Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms, as required by law. We will also report any significant breaches to the relevant authorities.
  4. Investigation and Remediation: Conduct a thorough investigation to determine the cause of the breach and implement measures to prevent future breaches.

Your Role in Protecting Your Data

While we take every measure to protect your information, there are also steps you can take to protect your data:

  • Strong Passwords: Use strong, unique passwords for your accounts and change them regularly.
  • Phishing Awareness: Be cautious of email scams and phishing attempts. Never click on suspicious links or attachments.
  • Secure Networks: Avoid using unsecured public Wi-Fi for accessing your accounts or sharing personal information.

Updates to Our Security Measures

As technology evolves, so do the threats to data security. We are committed to continuously updating and enhancing our security measures to protect against new threats. Any significant changes to our security practices will be communicated through updates to this privacy policy.

International Data Transfers

At Insured Direct, part of The Investors Group LTD, we recognize that our operations span across borders, including our presence in Limassol, Cyprus, and our headquarters in London, United Kingdom. This global operation necessitates the transfer of personal information across international boundaries. This section outlines how we manage international data transfers to ensure that your personal information remains protected in accordance with the highest standards of privacy and data protection.

Transfer Mechanisms

  • Adequacy Decisions: Where possible, we transfer personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission or relevant authorities.
  • Standard Contractual Clauses: For transfers to countries without an adequacy decision, we rely on Standard Contractual Clauses approved by the European Commission or relevant authorities, ensuring that personal data transferred outside the EEA is protected in accordance with European Union data protection laws.
  • Binding Corporate Rules: In cases where we transfer data between our group companies, we may use Binding Corporate Rules (BCRs) that have been approved by competent data protection authorities, providing a mechanism to ensure that personal data is protected across our global operations.

Safeguards for Data Transfer

  • Data Protection Impact Assessments: Before transferring personal data internationally, we conduct Data Protection Impact Assessments to identify and mitigate risks associated with data transfers.
  • Privacy Shield Framework: Where applicable, we ensure that US-based third parties adhere to the EU-US Privacy Shield Framework, which requires them to provide similar protection to personal data shared between Europe and the US.
  • Encryption and Security: All international data transfers are protected with strong encryption and security measures during transit and at rest, minimizing the risk of unauthorized access or data breaches.

Your Rights and Choices

  • Transparency: We are committed to transparency regarding the international transfer of your personal data. You have the right to be informed about the safeguards we have in place for such transfers.
  • Consent: In some cases, we may seek your consent for the international transfer of your personal data, especially for countries or entities not covered by the aforementioned mechanisms.
  • Access and Control: You retain the right to access, correct, or request deletion of your personal data, regardless of where it is processed globally.

Legal Compliance

  • Regulatory Compliance: We comply with all applicable laws and regulations regarding international data transfers, including GDPR for data transfers from the European Union.
  • Review and Update of Transfer Mechanisms: Our policies and practices related to international data transfers are regularly reviewed and updated to remain compliant with changes in law and to reflect developments in data protection standards.

Contact Information

For any inquiries or concerns regarding our international data transfer practices, please contact our Data Protection Officer at support@insured.direct. We are committed to addressing any questions and facilitating the exercise of your data protection rights.

Your Rights

At Insured Direct, part of The Investors Group LTD, we are committed to ensuring that you have control over your personal information. This section outlines the rights you have over your data under data protection laws, including the General Data Protection Regulation (GDPR) for individuals within the European Union and similar regulations applicable in other jurisdictions.

Right to Access

  • You have the right to request access to the personal information that we hold about you. This allows you to receive a copy of the personal data we have about you and to check that we are lawfully processing it.

Right to Rectification

  • You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete information you believe is incomplete.

Right to Erasure (Right to be Forgotten)

  • In certain circumstances, you have the right to request the deletion or removal of personal data where there is no compelling reason for its continued processing. This includes situations where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed, or you withdraw consent.

Right to Restrict Processing

  • You have the right to request the restriction of processing of your personal data, allowing you to suspend the processing of your personal information in certain cases, such as if you want us to establish its accuracy or the reason for processing it.

Right to Data Portability

  • You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions. This right is applicable to personal data you have provided to us and is processed by automated means based on your consent or in fulfillment of a contractual obligation.

Right to Object

  • You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that it is necessary for the performance of a task carried out in the public interest or in the exercise of any official authority vested in us, or the purposes of the legitimate interests pursued by us or by a third party. If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims.

Right to Withdraw Consent

  • Where the processing of your personal data is based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Right to Complain to a Supervisory Authority

  • If you feel that your rights have been breached, you have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or place of the alleged infringement.

How to Exercise Your Rights

To exercise any of these rights, please contact us using the contact details provided in this policy. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).

Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies to enhance your browsing experience and provide personalized content and advertisements. Cookies are small text files that are stored on your device when you visit a website. They help us analyze website traffic, understand user behavior, and improve our services. Additionally, cookies allow us to recognize your device and remember your preferences for future visits.

We may use both session cookies, which expire when you close your browser, and persistent cookies, which remain on your device for a specified period or until you delete them. These cookies may be set by us or by third-party service providers to whom we have contracted for certain services.

Tracking technologies, such as web beacons, pixels, and tags, may also be used to collect information about your interactions with our website, such as the pages you visit, the links you click, and the content you engage with. This information helps us analyze trends, track user engagement, and improve our website’s functionality and performance.

By using our website, you consent to the use of cookies and tracking technologies as described in this Privacy Policy. You can control cookies through your browser settings and opt-out of certain tracking technologies by adjusting your preferences or installing browser add-ons. However, please note that disabling cookies may impact your experience on our website and limit certain features and functionality.

We may also use cookies and tracking technologies in conjunction with third-party analytics and advertising services, such as Google Analytics and Google Ads, to analyze website traffic, measure advertising effectiveness, and deliver targeted advertisements based on your interests and online activities. For more information about how these third parties collect, use, and share your information, please review their respective privacy policies.

Children’s Privacy

At Insured Direct, part of The Investors Group LTD, we take the privacy of children very seriously. Our website and services are not intended for children under the age of 16, and we do not knowingly collect personal information from children under this age. This section outlines our approach to protecting the privacy of children.

Age Restrictions

  • Intended Audience: Our services are designed for individuals who are 16 years of age or older. We do not target our website or services to children under 16, nor do we knowingly collect personal information from them.
  • Verification Measures: To prevent the unauthorized collection of personal data from children, we may take steps to verify the age of individuals who interact with our services. This may include the use of age verification mechanisms at the point of account creation or service access.

Collection of Information

  • Inadvertent Collection: If we learn that we have collected personal information from a child under the age of 16 without verification of parental consent, we will take steps to remove that information from our servers promptly.
  • Parental Consent: In cases where the collection of personal information from children under the age of 16 is necessary for specific services, we will obtain parental consent in compliance with applicable laws and regulations.

Parental Rights

  • Access and Control: Parents or guardians who believe that their child has provided personal information to our website or services can contact us at support@insured.direct. We provide parents or guardians with the following rights:
    • Request to access the personal information collected from their child.
    • Request the correction or deletion of their child’s personal information.
    • Refuse further collection or use of their child’s personal information.

Education and Awareness

  • Safety Measures: We encourage parents and guardians to take an active role in their children’s online activities and interests. Educating children about safe internet use and monitoring their access to websites and online services is crucial for ensuring their privacy and safety.
  • Resources: We may provide resources or links to external resources aimed at helping parents and guardians understand and manage children’s privacy and online safety.

Changes to Children’s Privacy Policy

  • Updates: We may update our children’s privacy policy as necessary to reflect changes in our practices or legal requirements. Any changes will be communicated through updates to this privacy policy, available on our website.

Contact Information

At Insured Direct, part of The Investors Group LTD, we prioritize your privacy and are committed to maintaining the trust and confidence of our users. If you have any questions, concerns, or comments about our Privacy Policy or the practices described herein, we encourage you to get in touch with us. Below you will find our contact information, including various ways you can reach out to discuss any aspect of our privacy practices or your personal information.

Contact Details

  • Company Name: Insured Direct, The Investors Group LTD
  • Postal Address: 20 Wenlock Road, N1 7GU London, UK
  • Telephone Number: +35796327585
  • Email Address for Support and Inquiries: support@insured.direct

Data Protection Officer

  • DPO Contact Information: For specific questions regarding the processing of your personal data, or to exercise your rights as detailed in Section 8 of this Privacy Policy, please contact our Data Protection Officer (DPO) directly at the email address provided.

Feedback and Complaints

  • Feedback: We welcome your feedback and suggestions about how we can improve our privacy practices and this Privacy Policy.
  • Complaints: If you have any complaints about our privacy practices, we encourage you to contact us directly so we can address your concerns. Additionally, you have the right to lodge a complaint with a supervisory authority competent for your country or region.

Social Media and Online Presence

  • Social Media: For updates and more information about our services, follow us on our social media platforms.
  • Website Contact Form: You can also reach us through the contact form available on our website for any queries or support needs.

Jurisdiction-Specific Requirements

At Insured Direct, part of The Investors Group LTD, we recognize the global nature of our business and the importance of respecting the diverse legal landscapes in which we operate. This section outlines additional disclosures and rights applicable to users based on their jurisdiction, ensuring compliance with local laws and regulations concerning privacy and data protection.

European Union (EU) – General Data Protection Regulation (GDPR)

For users in the European Union, Insured Direct adheres to the General Data Protection Regulation (GDPR), which grants specific rights, including:

  • The right to be informed about the collection and use of their personal data.
  • The right of access to their personal data and how it is processed.
  • The right to rectification of inaccurate personal data.
  • The right to erasure (right to be forgotten) under certain conditions.
  • The right to restrict processing under certain conditions.
  • The right to data portability, allowing users to obtain and reuse their data across different services.
  • The right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling).
  • Rights related to automated decision making, including profiling.

United Kingdom (UK) – UK GDPR

Post-Brexit, the United Kingdom has adapted GDPR into its national law as the UK GDPR. Residents of the UK are afforded the same rights as those under the EU GDPR, with specific considerations for data protection under UK law.

California, United States – California Consumer Privacy Act (CCPA)

For residents of California, the California Consumer Privacy Act (CCPA) provides certain rights, including:

  • The right to know about the personal information a business collects about them and how it is used and shared.
  • The right to delete personal information collected from them (with some exceptions).
  • The right to opt-out of the sale of their personal information.
  • The right to non-discrimination for exercising their CCPA rights.

Other Jurisdictions

  • Specific Rights: Users from other jurisdictions may have specific rights under their local laws regarding privacy and data protection. We are committed to providing the necessary information and facilitating the exercise of these rights.

Compliance and Cooperation

  • Legal Compliance: Insured Direct is committed to complying with all applicable laws and regulations in the jurisdictions where we operate. We work closely with data protection authorities and legal experts to ensure our practices meet or exceed legal requirements.
  • Updates and Modifications: As laws and regulations evolve, we may update this section of our Privacy Policy to reflect changes in our practices or legal obligations. We encourage users to review this section periodically for the latest information on their rights and our compliance efforts.

Contact for Jurisdiction-Specific Inquiries

  • Inquiries and Exercise of Rights: If you have questions about your rights under specific jurisdictional laws or wish to exercise your rights, please contact us using the contact information provided in Section 13 of this Privacy Policy.