Privacy and cookies
This website contains both public and protected pages and links to other websites that provide online services. Any information transmitted to us through public pages is not encrypted and could be intercepted by third parties or electronically delivered to parties other than the addressee. Any such information is sent at your own risk and you should therefore carefully consider its sensitivity prior to transmitting it.
Some pages of the website offer the facility to email us with an enquiry. Email is not a secure medium of communication. For this reason, we request that you do not send private information to us by email. Where we do receive personal data from you by email, we will only respond by email if it is through a secure route.
The protected pages of our websites, which form our online services, are however protected by access via a secure server. Pages utilizing this technology will have URLs that start with HTTPS instead of HTTP. This ensures that all information transmitted between your browser and our server from such pages is encrypted.
In addition, to use the online services, you must have a valid user name and password. Data transmitted via the secure server is stored on databases, which are protected by further security measures (such as firewalls), and may only be accessed by authorized users. We have strict policies on the storing and disclosing of data to prevent unauthorized access.
At the point at which you provide any personal data to us, you should be provided with key details about how your personal data will be used. The controller of your personal data is FPIL.
We will use the personal data provided to us for the purposes of providing the services and products available on the website and for other related activities. For these purposes we will disclose the personal data to other FPIL companies and to our agents and service providers. We will also disclose information where disclosure is required under a legal or regulatory obligation to do so.
Our approach to Privacy
The privacy and security of your personal data is very important to us. We want to assure you that your personal data will be properly managed and protected whilst in our hands.
The data we collect
Personal data you provide to FPIL may include:
- basic personal details such as your name, address, email address, telephone number, date of birth, gender, marital status
- sensitive personal data (referred to in data protection laws as special categories of personal data) such as health information (for example alcohol consumed, recreational drug use, tobacco use, current state of health, existing conditions, family or personal history in relation to some conditions)
We will always be clear to explain why we need this information and the purposes for which we will use it and request your explicit consent.
You do not have to provide us with any personal data, however, if you choose not to provide your data we may be unable to continue with any application you make, or process any claim you make.
We may collect information about other members of your household or family, for example, family members on whose life you take out a life insurance policy.
If you give us information about another person it is your responsibility to ensure and confirm that:
Policy and contract administration
Your personal data may be used for the purposes of policy administration by FPIL, its agents and by re-insurers. It may be disclosed to regulatory bodies for the purposes of monitoring and/or enforcing FPIL’s compliance with any regulatory rules/codes. Your personal data may also be used for research and statistical purposes and crime prevention.
How we use information to improve our products, prices, offers and customer experience for all
We may also use your personal data for research or statistical purposes, including to analyse how people use our websites, view our products, respond to our advertising and to improve our understanding of what customers need.
We may use your personal data for training purposes, to improve our services and their delivery, for example by recording telephone calls.
How we use and share your personal data outside of FPIL
If you request a quote, or purchase a product or service, your personal data may be shared with and processed by our associated companies, introducers, intermediaries, reinsurers and agents, as well as the policy holder (if that is not you) and your broker or financial adviser for the purposes of administration, including third parties providing services to them (as detailed above).
Your personal data may be disclosed when we believe in good faith that the disclosure is:
- required by law;
- to protect the safety of our employees, the public or FPIL property;
- required to comply with a judicial proceeding, court order or legal process; or
- in the event of a merger, asset sale, or other related transaction; or
- for the prevention or detection of crime (including fraud).
We may share your personal data with regulatory bodies in the Isle of Man or, if applicable, overseas, as well as with other insurance companies (directly or via shared databases) to prevent and detect fraud.
Fraud prevention and detection
In order to prevent and detect fraud we may at any time:
- check and/or file your details with fraud prevention agencies and their databases, and if you give us false or inaccurate information and we suspect fraud, we will record this to prevent fraud and money laundering.
We can supply on request further details of the agencies and databases we access or contribute to and how this information may be used. If you require further details contact us at: Data Protection Officer, Friends Provident International Limited, Royal Court, Castletown, Isle of Man, IM9 1RA. Telephone: +44 (0) 1624 821212. Email: DPO@fpiom.com.
We and other organisations may also search these agencies and databases to:
- help make decisions about the provision and administration of your policy
- check your identity to prevent money laundering
- check details of job applicants and employees
This may include any online or digital partners we work with, so we, or our online or digital partners on our behalf, can communicate with you through their platforms.
The legal grounds for processing your personal data
Data protection laws require us to tell you what legal basis we use for processing your personal data. These bases are set out in the applicable data protection law. We generally use the following:
- the processing is necessary to perform a contract with you (e.g. the contract for insurance), or to take steps requested by you before entering into a contract (e.g. processing your application for insurance cover);
- the processing is necessary to meet a legal obligation which applies to us;
- you have given your consent to the processing of your data; or
- the processing is in FPIL's or someone else's legitimate interests, and these interests are not overridden by your interests or rights in the protection of your personal data.
Where we rely on the "legitimate interests" ground, the law requires us to explain to you the interest in question. We consider that we have the following legitimate interests in processing personal data:
- in relation to our website and portal- tailoring and improving services, understanding usage, tracking visits and enhancing the online experience, and the provision of software updates:
- analysing insurance and other markets for portfolio and risk assessment;
- managing complaints;
- marketing activities, tailoring offers and providing service enhancements;
- research and statistical activities.
Sometimes we process data about you which the law considers to fall within the special categories (see section "Personal data" for more details), in which case, we use one of the following grounds:
- you have freely given your informed, specific, consent to the processing; or
- the processing is necessary for the establishment, exercise or defence of legal claims.
If you have given your consent to our processing of your personal data, you have the right to withdraw that consent at any time. You can do this by contacting us (see How to contact us). Please be aware however that withdrawing consent would result in the termination of your contract.
Your personal data may be transferred by any FPIL company to any country, including countries outside of the Isle of Man, the European Economic Area (EEA), and the country in which your data was collected, for processing, storage, administration or any other use stated in this policy. The purposes and processing associated with any such transfer will comply with all applicable data protection regulations, and with our obligation to adequately protect and secure your personal data. Where required under applicable laws we will take measures to ensure that personal data handled in other countries will receive at least the same level of protection as it is given in the Isle of Man, the EEA and the country of data collection.
We generally do this by putting contracts in place with recipients of personal data located outside of the Isle of Man, the EEA, or country of data collection, which require the recipients to provide appropriate protection for your personal data. These contracts are on a standard form which has been approved by data protection regulators as providing an appropriate level of protection for personal data.
We are committed to protecting the confidentiality and security of the information that you provide to us and we put in place appropriate technical, physical and organisational security measures to protect against any unauthorised access or damage to, or disclosure or loss of, your personal data.
Managing your marketing preferences
We will not normally carry out any direct marketing campaigns but if we do, we will always contact you first and give you the opportunity to opt in to direct marketing before any communications of this nature take place.
If we do carry out any direct marketing, we may:
- provide you with updates and offers for FPIL’s products and services via marketing tailored to you, by direct marketing (e.g. phone, e-mail, text, post); and
- use information we hold about you to help us identify, tailor and package our products and services, determine pricing and offer discounts that may be of interest to you.
- share your personal data with third parties who help run our marketing campaigns
We will not use sensitive personal details (such as information relating to your health record or any criminal issues) in order to provide you with marketing, discounts or pricing unless you have given your explicit consent to allow us to use this information for these purposes.
How long do we keep your personal data
We will not retain your personal data for longer than is necessary for the maintenance of your contract, or for legal or regulatory requirements and in any event such retention will be in accordance with our record keeping policy.
Update or correct your personal data
Please let us know if your personal data changes as it is important that the information we hold about you is accurate and up to date.
You can ask us to update or correct your personal data or opt out of FPIL’s use of your personal data for direct marketing purposes by contacting us using any of the following methods:
By Phone: +44 (0) 1624 821212
By email: DPO@fpiom.com
By writing to: Data Protection Officer, Friends Provident International Limited, Royal Court, Castletown, Isle of Man, IM9 1RA
You have several rights in relation to your personal data. In most cases, there are conditions attached to these rights. Please click on each of the headings below to find out more. You can exercise your rights by contacting us (see How to contact us). We may take steps to verify your identity when you contact us with a request to exercise any of your rights.
Accessing your data
You can ask us to:
- confirm whether we are processing your personal data
- provide you with details of the information we hold
You do not have to pay a fee for provision of the information that makes up your personal data unless your request is unfounded or excessive, in which case we will charge a reasonable amount in the circumstances. We will let you know of any charges before completing your request.
We aim to respond to you within 1 month of receiving your request unless it is particularly complicated or you have made several requests, in which case we aim to respond within 3 months. We will let you know if we are going to take longer than 1 month in dealing with your request. If we have a lot of information about you we might ask you if you can tell us what exactly you want to receive. This will help us action your request more quickly.
Correcting your data
You can ask us to correct any data which is inaccurate or incomplete. This is free of charge.
If we have shared the data with anyone else, we will tell them about the correction wherever possible. We aim to deal with requests for correction within 1 month, although it might take us up to 3 months if your request is particularly complicated.
If we can't action a request to correct your data, we will let you know and explain why this is.
Erasing your data
This right is sometimes referred to as "the right to be forgotten". This is not an absolute right but you have the right to have your data erased, free of charge, in certain circumstances.
You can ask for your data to be erased where:
- it is no longer necessary for the purpose for which it was originally collected or processed;
- we are processing your data based on your consent, and you withdraw that consent;
- you object to the processing and we do not have an overriding legitimate interest for continuing;
- your data has been unlawfully processed;
- your data must be erased to comply with a legal obligation;
- the data was processed to offer information society services to a child.
There are some exceptions to this right. If one of these applies, we do not have to delete the data.
If we have shared your data with third parties, we will tell them about the erasure of your data unless this is impossible or would involve disproportionate effort.
Restricting the processing of your data
You can ask us to restrict the processing of your personal data in some circumstances, free of charge. This is not an absolute right. If processing is restricted we can store the data and retain enough information to make sure the restriction is respected, but we cannot further process your data.
You can restrict the processing of your personal data in the following cases:
- if you contest the accuracy of your data, we will restrict processing until we have made sure the data is accurate;
- if you object to our processing and we are considering this objection;
- if the processing is unlawful but you do not want us to erase your data;
- if we no longer need the personal data but you require the data to establish, exercise or defend a legal claim.
If we have disclosed the data to a third party, we will inform them about the restriction unless it is impossible or would require a disproportionate effort. We will tell you if we decide to lift a restriction on processing your data.
Objecting to the processing of your data
Objecting to the processing of your data is free of charge. It is not an absolute right but you can object to our processing of your data where it is:
- based on the legitimate interests ground; or
- for the purposes of scientific/historical research and statistics.
We will stop processing your personal data unless we have compelling legitimate grounds for the processing which override your interests and rights, or unless we are processing the data for the establishment, exercise or defence of legal claims.
You can require us to stop using your data for direct marketing purposes. We will stop as soon as we receive your request. There are no exemptions or reasons for us to refuse.
This allows you to obtain and reuse your personal data for your own purposes across different services. It applies where the following conditions are met:
- you provided the personal data to us yourself;
- we are processing the data either based on your consent or because it is necessary for the performance of a contract; and
- the processing is carried out by automated means.
We will provide your data free of charge in a structured, commonly used and machine readable form. We aim to provide your data within 1 month of receiving your request unless it is particularly complicated or you have made several requests, in which case we aim to respond within 3 months. If we are going to take longer than 1 month we will let you know and explain why we need more time. If we consider that we cannot provide you with your data, we will contact you and explain why this is.
Automated decision making and profiling
You have the right not to be subject to a decision which is based on automated processing and which produces a legal (or similarly significant) effect on you.
We will tell you about any automated decision making that affects you. You have the right to:
- request human intervention;
- express your point of view;
- ask for the decision to be explained; and
- challenge the decision.
These rights are not absolute. They do not apply if the decision is:
- necessary for us to enter into or perform a contract with you;
- authorised by law (e.g. for fraud prevention); or
- based on your explicit consent.
FPIL only carries out automated processing on some policies that require underwriting. Where an automated decision results in an outcome of non-standard rates, human intervention is always undertaken.
What are cookies?
Cookies are small text files that some websites place on your computer or other device when you visit.
Session cookies are automatically deleted at the end of each browsing session (typically when the browser is closed).
Persistent cookies remain until the expiry date and time set by the website (or when manually deleted by the user).
- understand how people use our sites so we can improve them, and
- present the right information to people who have logged into our sites, for instance to manage their policies.
You can set your browser to reject cookies but if you do so you will be unable to use some areas of our website(s).
For information about how to block and delete cookies please visit AboutCookies.org.
How to contact us
Data Protection Officer
Friends Provident International Limited
Isle of Man
Email Address: DPO@fpiom.com
If you are unhappy about how we are processing your personal data or how we have responded to a request or complaint, you have the right to make a complaint to the Isle of Man's data protection regulator. You can find more details about how to contact them on their website https://www.inforights.im/
Alternatively, you may wish to contact the Singapore Personal Data Protection Commission at: Officer-in-charge, Enforcement Personal Data Protection Commission, 460 Alexandra Road, #10-02 PSA Building, Singapore 119963. Telephone: +65 6377 3131, or via their website https://www.pdpc.gov.sg