Our website may contain links to other third party websites. If you follow a link to any of those third party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to such third party websites.
- About us
- Who do we collect personal information about?
- When do we collect personal information?
- What personal information do we collect and use?
- How do we collect your personal information?
- What are the purposes for which your personal information is used?
- Who do we share your personal information with?
- Automated decision making and telematics data
- What marketing activities do we carry out?
- How long do we keep personal information for?
- Your rights
- How we protect your personal information
- Contacting us
Sabre Insurance Company Limited is authorised and regulated by the Financial Conduct Authority and Prudential Regulation Authority.
Registered offices are at Sabre House, 150 South Street, Dorking, Surrey RH4 2YY and the Company registration number is 2387080. VAT registration number is 793 7283 81.
For more information about Sabre and our history, please click here.
We have a data protection officer to oversee our handling of personal information. If you have any questions about how we collect, store or use your personal information, you may contact our data protection officer using the details set out at section 13.
We collect and hold personal information about:
- Individuals who currently have or are covered by a motor insurance policy with Sabre
- Individuals who have held or were covered by a motor insurance policy with Sabre but which is now expired or terminated
- Individuals who have who have requested or obtained a quote from Sabre but have not taken up a policy, whether the enquiry was made directly through Sabre or via a third party, such as a price comparison website
- Individuals to whom any benefit is payable under a live policy or would have been payable to under an expired or terminated policy
- Users of the various Sabre websites, including the Go Girl, Drive Smart and insure2drive websites
- Third party claimants, witnesses to incidents and experts instructed in relation to claims
- Representatives of policyholders, individuals covered by a policy or a third party.
We collect personal information:
- When individuals apply, either online or in person, for or to renew a policy
- When individuals are insured on a policy
- On a claim under a policy or involving a policy
- When we are contacted in writing, by telephone or social media channels
- When Sabre websites or mobile phone applications are used
- When individuals respond to a customer survey, complete a feedback form, or vote in a poll on any of the Sabre websites
- If we are contacted in relation to a complaint
- When we are alerted to Suspected Fraud
- Telematics data, which is covered in detail in Section 8
The personal information that we collect will depend on your relationship with us. We will collect different information depending on whether you are a policyholder, named driver or other covered party or beneficiary under a policy, website user, claimant, witness, expert, representative or other third party.
Please note, in certain circumstances we may request and/or receive “sensitive” or “special categories” of personal information about you. For example we may need access to health records for the purposes of providing you with a policy or processing claims, or details of any unspent criminal convictions for the purposes of preventing, detecting and investigating fraud.
- Information such as your name, address, email address, contact details, date of birth, gender, relationship to the policyholder (where are you not the policyholder)
- Identification information such as driving licence number, national insurance number and passport number
- Information about your job including job title, employment history, education history and professional accreditations
- Information relevant to your insurance policy. This will depend on the nature of the policy but could include details about your property and business activities, for example where your vehicle is stored
- Information relevant to your claim or your involvement in an incident giving rise to a claim or a potential claim
- Information relating to previous policies or claims which you may have been involved in
- Financial information such as your bank details, payment details and information obtained as a result of our credit checks
- Information captured during our telephone calls, including the recording of calls
- Your marketing preferences
- IP addresses
- Data obtained through the use of telematics, please see section 8 for further information
Sensitive Personal Information
- Details of your current or former physical or mental health
- Information relating to your criminal history (including offences, alleged offences and any caution, court sentence or criminal convictions)
- Details of your race and/or ethnicity
- Your political opinions, religious or philosophical beliefs, or trade-union membership
- Data concerning your sex life and/or sexual orientation
We collect personal information from a number of different sources including:
- Directly from you or from someone else on your behalf by telephone, email or via our website
- From other third parties involved in your insurance policy or claim such as your broker or another insurer, claimants, defendants or witnesses
- From other third parties who provide a service in relation to your insurance policy or claim such as loss adjusters, claims handlers, experts (including medical experts), healthcare providers and other service providers
- From medical reports and counsel’s opinions
- From emergency assistance and medical services providers
- From claims service providers
- Via publicly available sources such as internet search engines and social media sites
- From data contributors such as price comparison websites, software houses and intermediaries
- From other companies within the Sabre Group
- From credit reference agencies and fraud prevention agencies
- From risk analysis, fraud prevention, identity verification companies which we may receive from companies such as Lexis Nexis Solutions UK Limited (www.risk.lexisnexis.co.uk/consumer-and-data-access-policies/insurance)
- Via insurance industry fraud prevention and detection databases and sanctions screening tools
- Via call recordings
- From third parties who we buy marketing lists from
- From government agencies such as the Driver and Vehicle Licencing Authority (DVLA) or Her Majesty’s Revenue and Customs (HMRC) and from professional regulators
- From Local authorities
- From brokers and insurance intermediaries
- From other insurers
- From CCTV providers
- Through the use of telematics
We may process your information for a number of different purposes and under data protection laws we need a reason for doing so. We have set out below the reasons why we process your information and the applicable circumstances when we will process your personal information.
Our provision and administering of your insurance contract
We may use your personal information for this purpose when:
- Providing a quote
- Administering and providing your motor insurance policy
- Setting you up as a policyholder
- Providing all related services such as assessing your application and no-claims discount entitlement
- Managing your insurance policy
- Handling, paying or repudiating claims
- Communicating with you and resolving any complaints that you may have
- Prevention and detection of fraud
We also process the information for our own legitimate business purposes
We may use your personal information for this purpose when:
- Maintaining our business records including internal reporting, maintaining accounting records, analysist financial results, internal or external audits, or dealing with the Driving and Vehicle Licensing Agency
- Receiving professional advice
- Developing and improving our products and services
- Providing improved quality, training and security (for example with respect to recorded or monitored phone calls to our contact numbers)
- Investigating or detecting the unauthorised use of our systems and securing our system and ensuring the effective operation of our systems
- Necessary for the purposes of reinsuring
- Communicating with policyholders
- Managing our infrastructure and business operations
- Monitoring usage of Sabre websites
- Tracing or recovering debt
Sometimes we have a legal or regulatory obligation to use your personal information
We may use your personal information for this purpose when:
- Our regulators, the Prudential Regulation Authority (PRA) or the Financial Conduct Authority (FCA), wish us to maintain certain records of any dealings with you
- To enable us to assist you with the renewals process, including sending you a reminder and renewal invitation before your renewal date, which will explain how you can renew your insurance contract with us
Occasionally we need to use your information to establish, exercise or defend our legal rights
We may use your personal information for this purpose when:
- We are faced with any legal claims
- We want to pursue any legal claims ourselves
Sometimes we need to use your personal information for reasons of substantial public interest
We may use your personal information and your sensitive, criminal convictions or special categories of personal data for this purpose when:
- Investigating fraudulent claims
- Carrying out fraud, credit and anti-money laundering checks
Special category and criminal conviction data
Data Protection Legislation allows for the processing of special category and criminal conviction data for an insurance purpose, this includes:
- The processing of such data for advising on , arranging, underwriting or administering of an insurance contract
- Administering a claim under an insurance contract
We may use your personal information for this purpose when:
- Promoting our services
- Providing marketing information to you (including information about other products and services)
- Facilitating surveys and market research
- Selling add-on products on behalf of selected third parties
- We need to process your sensitive or special categories of personal data e.g. information about your health or criminal convictions
From time to time, we may share your personal information [with the other companies in our group] with third parties. We will keep your personal information confidential and only share it with the third parties listed below for the purposes explained in section 6. We have trusted relationships with these carefully selected third parties and all third parties are bound by contract to maintain the security of your personal information and to use it only as permitted by us. If you would like further information regarding the disclosures of your personal information, please see section 13 below for our contact details.
Disclosures within our group
In order to provide our services your personal information is shared with other companies in the Sabre Group. Your personal information might be shared for our general business administration purposes or for the prevention and detection of fraud.
Disclosures to third parties
- Our insurance partners such as brokers, other insurers, reinsurers or other companies who act as insurance distributors
- Other third parties who assist in the administration of insurance policies or such as loss adjusters, first notification of loss providers, claims handlers, accountants, auditors, lawyers and other experts
- Fraud detection agencies and other third parties who operate and maintain fraud detection registers including but not limited to the Claims and Underwriting Exchange, Insurance Fraud Register, Motor Insurance Anti-Fraud and Theft Register, the National SIRA Database and other centralised insurance industry applications/databases investigative firms we ask to look into claims on our behalf in relation to suspected fraud
- Motor Insurance Database managed by the Motor Insurance Bureau
- Our regulators who include Prudential Regulation Authority (PRA) and Financial Compensation Authority (FCA)
- The police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime, including the National Crime Agency (NCA)
- Government agencies such as the DVLA
- Other insurers who provide us with our own insurance
- Industry bodies
- Selected third parties who we sell add-on products on behalf of
- Debt collection agencies or any organisations we instruct to commence legal proceedings against you
- Credit reference agencies and fraud prevention agencies
- Our third party services providers such as IT suppliers, actuaries, auditors, lawyers, marketing agencies, document management providers and tax advisers
- Product and service providers, such as engineers, salvage agents, rehabilitation providers, foreign claims handling agents, uninsured loss provider and providers of add-on products, such as key cover
- Selected third parties in connection with the sale, transfer or disposal of our business
We may also disclose your personal information to other third parties where:
- The disclosure is required by law or by a regulator with authority over us or you, such as where there is a court order, statutory obligation or FCA request; and we believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action (including fraud) or is otherwise in the overriding public interest
What is our approach to sending data outside of the European Economic Area (EEA)?
Personal information that we collect may be shared with an organisation located outside of the EEA. It may also be processed by us or by one of our suppliers outside of the EEA. When these circumstances apply, we will always take measures to ensure your data is protected:
- The country to which the data is being transferred is approved by the European Commission as providing an adequate level of data protection, or in the United States has a EU-US Privacy Shield in place
- The organisation has agreed standard contractual clauses in place approved by the European Commission
- Any requests from organisations such as law enforcement or regulators will be reviewed and validated prior to disclosing data
With the exception of a legal or regulatory requirement, your data will only be transferred outside of the EEA when we are satisfied the country is recognised as having an adequate level of data protection or there is another arrangement in place to offer protection of your data.
If you wish to learn more regarding the safeguards we have put in place, please contact us using the details set out in section 13.
We may use your information to make decisions about you using computerised technology for analysis, assessment, profiling and for marketing purposes. In order to provide you with an efficient service we may use automated decisions when requesting insurance quotes via the internet.
We may also use automated decision making:
- In understanding a potential policyholders ability to meet the cost of insurance premiums or credit
- To ensure accuracy
- To validate or enhance information
- To assess the risk of fraud being committed
- Profiling of information we collect and hold
- To establish and utilise pricing models and risk acceptance criteria, which calculating premium and declining a request for insurance
Use of telematics data
From the date of installation and registration we will use the telematics device to capture data from your vehicle. An electronic data feed will translate the GPS coordinates from the device to provide information, such as road type, road surface and speed limit of the road driven on at any specific time. This will enable us to build a profile of driving behaviour.
We and those acting on our behalf will use the data from the devices to:
- Provide you with data via your Dashboard portal relating to driving behaviour
- Calculate your premiums based upon actual vehicle usage and driving behaviour
- Provide further clarification as to the circumstance of a claim if you make a claim under the Policy
Your information will continue to be used for the purposes outlined above once your Policy ends, until the telematics device is disabled. Data collected by the telematics device may be disclosed to third parties with your permission in the following circumstances:
- If required for installation, servicing or if the device needs to be disabled
- Where there is a requirement by law to disclose such information
We may also use your personal information to provide you with information about our products or services of our partners which may be of interest to you where you have provided your consent for us to do so.
We are committed to only sending you marketing communications that you have clearly expressed an interest in receiving. If you wish to unsubscribe from marketing emails sent by us, you may do so at any time by clicking on the “unsubscribe” link that appears in all emails. Otherwise you can always contact us using the details set out in section 13 to update your contact preferences. In such circumstances, we will continue to send you service related (non-marketing) communications where necessary.
If you would like further information regarding the periods for which your personal information will be stored, please see section 13 below for our contact details.
In most cases your personal data will be retained for fifty years. However, it may sometimes be necessary to retain data for longer, for example where there are legal grounds for doing so, or in the event of a claim or a potential claim under a policy. Where a quote is provided but you decide not to proceed, this data will be retained for five years. Even if we delete your personal information it may persist on backup or archival media for legal, tax or regulatory purposes.
Under the Data Protection Act and GDPR you have certain rights in relation to the personal information that we hold about you. You may exercise these rights at any time by contacting us using the details set out in section 13.
- In some cases we may not be able to comply with your request, for reasons such as our own obligations to comply with other legal or regulatory requirements. However, we will always respond to any request you make and if we can’t comply with your request, we will tell you why.
- In some circumstances exercising some of these rights (including the right to erasure, the right to restriction of processing and the right to withdraw consent) will mean we are unable to continue providing you with cover under the policy and may therefore result in the cancellation of the policy. You will therefore lose the right to bring any claim or receive any benefit under the policy, including in relation to any event that occurred before you exercised your right of erasure, if our ability to handle the claim has been prejudiced. [Your policy terms and conditions set out what will happen in the event your policy is cancelled. For some policies no refunds will be payable on cancellation, for other products a refund may be payable].
Your rights include:
- The right to access your personal information
You are entitled to a copy of the personal information we hold about you and certain details of how we use it. There will not usually be a charge for dealing with these requests, although we reserve the right to make a charge for requests which are manifestly unfounded or excessive or to charge a reasonable fee based on administrative costs for further copies requested. To exercise your right to access your personal information, please contact us.
Your information will usually be provided to you in writing, unless otherwise requested, or where you have made the request by electronic means, in which case the information will be provided to you by electronic means where possible.
- The right to rectification
We take reasonable steps to ensure that the information we hold about you is accurate and complete. However, if you do not believe this is the case, please contact us and you can ask us to update or amend it.
- The right to erasure
In certain circumstances, you have the right to ask us to erase your personal information, for example where the personal information we collected is no longer necessary for the original purpose or where you withdraw your consent. However this will need to be balanced against other factors, for example according to the type of information we hold about you and why we have collected it, there may be some legal and regulatory obligations which mean we cannot comply with your request.
- The right to restriction of processing
In certain circumstances, you are entitled to ask us to stop using your personal information, for example where you think that the personal information we hold about you may be inaccurate or where you think that we no longer need to process your personal information.
- The right to data portability
In certain circumstances, you have the right to ask that we transfer any personal information that you have provided to us to another third party of your choice
- The right to object to marketing
You can ask us to stop sending you marketing messages at any time.
- The right not to be subject to automated decision-making (including profiling)
You have a right not to be subject to a decision that has been based solely on automated means i.e. when your personal information has been inputted into a system or computer and the decision has been calculated using certain automatic processes rather than our employees making those decisions. [Please note that we may use your sensitive, special category or criminal convictions data when processing auto-renewals and this may involve automated decision making to determine what the cost of renewing your policy will be. When you purchase your policy, we will ask you if you would like to opt in to auto-renewal. However, even if you opted in at this point, you have the right to opt out at any point].
- The right to withdraw consent
For certain uses of your personal information, we will ask for your consent. Where we do this, you have the right to withdraw your consent to further use of your personal information.
- The right to lodge a complaint with the ICO
You have a right to complain to the Information Commissioner’s Office (ICO) if you believe that any use of your personal information by us is in breach of applicable data protection laws and regulations.
More information can be found on the Information Commissioner’s Office website: www.ico.org.uk or you can call them on 0303 123 1113.
Making a complaint will not affect any other legal rights or remedies that you have.
We use a range of organisational and technical security measures to protect your information.
Where we have given you (or where you have chosen) a password, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We restrict access to your information as appropriate within Sabre to those who need to know that information for the purposes set out above.
Firewalls are used to block unauthorised traffic to the servers and the actual servers are located in a secure location which can only be accessed by authorised personnel. Our internal procedures cover the storage, access and disclosure of your information.
If you have any questions about how we collect, store or use your personal information, you may contact our data protection officer at:
Data Protection Officer
150 South Street,
Email : DPO@sabre.co.uk