About us
We Travel & General Insurance Services Ltd (also referred to as “we”, “us”, or “our”) are a registered company in England – Company no. 02527363. Our registered address is 69 Leadenhall Street, London, EC3A 2BG.
The purpose of this notice
This Notice explains the type of data we collect when providing our products and services, and how we use and share this information and how we keep it secure. It also sets out your rights, including your right to access the data we hold about you, understand how it is processed, and request restrictions on its use. We process your personal data in accordance with:
- The UK’s updated Data Protection Act 2018, which was initially the UK’s enactment of the EU GDPR.
- The UK retained provisions of the EU’s General Data Protection Regulation (‘UK GDPR’) (retained by virtue of the European Union (Withdrawal) Act 2018).
- Regulations based on wider EU legislation such as the Privacy and Electronic Communications Regulations (EC Directive) 2003 (PECR) and future updates.
- Wider guidance from the Information Commissioners Office – ico.org.uk.
What is personal data?
Personal data is information that can identify you as an individual. Examples include your name, address, date of birth, gender and contact details. Some personal data falls within special categories such as information relating to health, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and genetic or biometric data. Data concerning criminal convictions and offences is also processed with enhanced protections and is handled in accordance with the legal requirements that apply to special category data.
Personal data we collect
To arrange and administer your insurance, we need to collect and process your personal data. We also collect your information when you request details about our services, promotions or events. In some cases, we may require personal data about other individuals, for example, additional policyholders. If you provide such information, you must ensure you are authorised to do so. You may give us personal data through online forms, by telephone, in writing or via paper forms that we complete with you. We share personal data within our firm and with our business partners where necessary to place, underwrite and manage insurance policies, assess risk, process claims and administer our business. We also disclose personal data to authorised third parties where required by law or where needed to arrange, underwrite or service your insurance and to handle claims.
Some examples are:
- Insurers;
- Underwriters;
- Claims handling companies;
- Insurance brokers;
- Reinsurers;
- Regulators.
When you access our website, we will collect electronic identifiers such as your IP address. We also use cookies to recognise visitors, enhance functionality and analyse website usage. Please refer to our Cookie Policy for further information. We may record interactions with our customer care, complaints and related services. We also collect personal data through telematics or similar location-based technologies where you have consented to their use. Where data is collected directly from you, we are the Data Controller. Where third parties process data on our behalf and under our instructions, they act a Data Processors. Where other organisations participate in underwriting or administering your insurance, they may process your data alongside us, making us joint Data Controllers. A Data Controller determines the purposes and means of processing personal data. A Data Processor acts on behalf of the Controller.
As a provider of insurance services, we will process the following categories of data:
- Personal data such as an individual’s name, address, date of birth, gender, contact details and details of historic claims
- Special categories of personal data such as health and details on historic claims resulting in injury (physical and physiological)
- Data relating to criminal convictions and offences such as details of driving offences or insurance fraud
If you object to the collection, sharing and use of your personal data we may be unable to provide you with our products and services.
For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place.
If you require more information about our insurance processes or further details on how we collect personal data and with whom we share data with, please contact our data privacy representative by e-mailing dataprotection@travel-general.com.
Why do we need your personal data?
We use your personal data to fulfil our contract with you, including providing quotations, arranging and administering your insurance, handling renewals and processing claims. We also use your data to manage your account, respond to enquiries and complaints, conduct statistical analysis, support financial planning and forecasting and develop or market our products and services. We use special category data and criminal conviction data where necessary for the performance of our contract with you and for reasons of substantial public interest, such as underwriting and claims handling. When you purchase our products, you enter into a contract with us. If you request a quote or ask for information about our services, we rely on our legitimate business interests to provide you with further relevant information. In some circumstances, we may seek your consent – for example, to send marketing communications, share your data, or transfer data outside the European Economic Area. Where consent is required, we will explain what you are agreeing to and you may withdraw your consent at any time by contacting our data privacy representative. We retain personal data for 7 years after the end of a contract, including any special category or criminal conviction data. Claims data is kept for 10 years for non-injury claims, and for as long as necessary where an injury (physical or psychological) has occurred. Data relating to quotes, service enquiries or complaints is retained for 5 years. If we are notified of an active investigation or potential prosecution, we will retain data in line with legal requirements. We retain data where necessary to meet contractual, legal or regulatory obligations, or for our legitimate interests such as statistical analysis, product development and marketing. In certain circumstances, such as legal disputes or potential future claims, we may keep data for longer. Please contact our data privacy representative if you have any questions about how your data is used or retained, or if you wish to object to its use.
Your rights
Individuals have a number of legal rights over their personal data. These include the right to know what data we hold, why we hold it, how it is used, who it is shared with and where it is stored. Individuals also have the right to object to processing, request corrections, obtain copies of their data, restrict its use and request its deletion. These rights are referred to as Individual Rights under the Data Protection Act 2018.
The following list details these rights:
- The right to be informed about the personal data being processed;
- The right of access to your personal data;
- The right to object to the processing of your personal data;
- The right to restrict the processing of your personal data;
- The right to rectification of your personal data;
- The right to erasure of your personal data;
- The right to data portability (to receive an electronic copy of your personal data);
- Rights relating to automated decision-making including profiling.
Individuals may exercise their Individual Rights at any time. We do not charge a fee for handling these requests, unless a request is repetitive, unfounded, or excessive, in which case a reasonable administrative fee may apply. Please note that we may not always be able to fully comply with a request—for example, if you ask us to delete your data, we may still be required to retain certain information for tax, regulatory, crime‑prevention, or statutory purposes. In some cases, substantial public interest or vital interests may override an individual request, and we may be legally obliged to provide access to data for law‑enforcement, legal, or health‑related reasons. Because data flows between multiple organisations in the insurance sector, responding to access requests may require input from other parties, which could affect response times. To exercise your Individual Rights or request further information, please contact our data privacy representative using the details provided in the How to contact us section.
Protecting your data
We will take all appropriate technical and organisational steps to protect the confidentiality, integrity, availability and authenticity of your data, including when sharing your data within our firm and authorised third parties.
Data Privacy Representative
To ensure data privacy and protection has appropriate focus within our organisation we have a Data Privacy Representative. The Data Privacy Representative’s contact details are shown below under the How to contact us section.
Complaints
If you are dissatisfied with any aspect of the way in which we process your personal data, please contact our data privacy representative. You also have the right to complain to the UK’s data protection supervisory authority, the Information Commissioner’s Office (ICO). The ICO may be contacted via its website which is https://ico.org.uk/concerns/, by live chat or by calling their helpline on 0303 123 1113.
How to contact us
If you have any questions regarding this Notice, the use of your data or your Individual Rights please contact our data privacy representative at 69 Leadenhall Street, London, EC3A 2BG or by e-mailing dataprotection@travel-general.com or by telephoning 0207 065 5300.
