Privacy and data Policy

How we receive and process your information

InsurFolio is the Data Controller for any personal data you provide to us. Information provided to us may be shared as necessary within the group companies and used as detailed within this privacy policy.

We may receive information about you from any of the following sources:

  • directly from you or from someone you have authorised to incept a policy on your behalf or a price comparison website to whom you have submitted your details for a quote when you or your representative obtains a quote, incepting, renewing or amending a policy or making a claim. This information may consist of the following personal information:
    • your name, contact details (including home address, telephone number and e-mail address) and date of birth;
    • all other personal information that is provided to us when completing an application for a quote for any  policy, including (as necessary) any sensitive information (e.g. information about  to your health and/or previous convictions);
    • details of all previous quotes for  policies  requested from us;
    • details of all policies held with us including dates of purchase, lapse and cancellation;
    • details of claims on policies held with us;
    • your payment history relating to policies held with us; and
    • the length of time you have been a customer with us.
  • from third parties such as credit reference or debt collection agencies ( confirm your personal data); and
  • from insurers, witnesses, third parties and solicitors (e.g. details relating to an incident that is the cause of a claim).

Collecting this information is necessary for the purposes of quoting, incepting and renewing a policy.

By providing sensitive information relating to health or convictions you provide your consent to the use of such information by InsurFolio and its insurers for the purposes outlined in this privacy policy. Processing of this sensitive information is necessary for purposes of providing you with a quote and to incept or renew your policy. Failure to provide consent for the use of such sensitive information may result in an inability to provide an insurance quote or to incept or renew your policy.

We will retain this information as required and directed by the Financial Conduct Authority (FCA) and in line with British Insurance Brokers Association guidance  to support our ability to manage your policy, respond to complaints, demonstrate compliance with FCA rules and to support our ability to defend against legal claims.  

What we use your information for

Your personal information may be used by InsurFolio or shared with Cooperation Partners as is necessary for the following purposes: 

  • to assess your application or renewal for an insurance quote;
  • to submit your application to either one insurer or our panel of insurers to enable them to provide you with a quote or multiple quotes as applicable;
  • to assess your financial standing;
  • to confirm your identity;
  • to prevent fraud;
  • to verify the information provided;
  • to administer and maintain your policies;
  • to assist you with claims and enquiries;
  • to maintain your insurance records with insurers;
  • to tell you about other insurance and related products and offers from Insurfolio and selected third parties (subject to your consent, as required – please see below);carry out market research, statistical analysis and customer profiling*; and
  • to facilitate our quality and compliance monitoring.

We may also share your information with law enforcement bodies, reinsurers and regulators such as the FCA, as required or permitted by law. In addition, in the event of a merger, acquisition, or any form of sale of some or all of our assets, to a third party, we may also disclose your personal information to the third parties concerned or their professional advisors.

*InsurFolio, our insurers and fraud prevention partners may use statistical analysis and profiling (for example, analysis of quote or claims history, personal data and preferences), to support our pricing strategy, to deliver offers and products that we believe may be of most interest to you and to support the development of our insurance products. We will always seek to minimise identifiable personal data wherever possible.

Fraud prevention and detection

It is important that the information you provide to us is accurate as, incorrect information could affect the price of your policy and the ability to make a claim. We may cancel your insurance policy if we believe fraudulent details have been provided. In order to prevent or detect fraud we will check your details with various fraud prevention agencies and anti-fraud registers, who may record a search. Searches may also be made against other insurers’ databases. These checks include processing conducted automatically by computers and may affect pricing or our ability to quote for insurance.

Insurers pass information to the Claims Underwriting Exchange register, run by Insurance Database Services Ltd (IDS Ltd). The aim is to help us check information provided and also to prevent fraudulent claims. We may at any time search the register including when we deal with your request for insurance.

If fraud is suspected, information will be shared with those insurers and fraud prevention agencies. We search these registers when we deal with your request for insurance, at renewal or, in the event of an incident or claim. Under the conditions of your policy, you must tell us about any incident (such as an accident or theft) which may or may not give rise to a claim. When you tell us about an incident we will pass information relating to it, to the fraud prevention agencies. All telephone calls relating to applications and claims may be monitored and recorded and the recordings used for fraud prevention and detection, training and quality control purposes. Other users of the fraud prevention agencies such as law enforcement agencies, may use this information in their own decision making processes.

We may also share your information with law enforcement agencies, other organisations and public bodies where we reasonably believe it is necessary for the prevention and detection of fraud, crime or where required to do so under a court order.

Credit reference checks

Soft Search
We will conduct credit reference checks at one or more of the UK’s credit reference agencies (“CRAs”) in certain circumstances. In all cases these checks will be carried out to confirm identity, help prevent fraud and calculate premiums. This is a soft search which is only visible to you (if you request a copy of your credit file at the credit reference agencies) and is not visible to other organisations. This type of credit reference check will not affect your credit file. The search will be visible on your credit report but it won't affect your credit rating as it's not an application for credit. The CRAs may add the details of our searches and information that we and InsurFolio hold about you to their records relating to you.

Quotation Search
In a small number of cases, including in order to obtain premiums from certain insurers, a fuller credit reference check which we call a quotation search may need to be conducted with the CRAs. If this is the case you will be informed. We will conduct that type of search only with your explicit consent. This type of search will leave a footprint on your credit file which is visible to other lenders and companies unrelated to us (for example, other CRA customers). This type of search and the information about you may be used and disclosed by the CRAs to other lenders and companies to enable them to trace your whereabouts, recover debts that you owe and to verify your identity.

The Information Commissioners Office has provided guidance on how Credit Reference Agency checks work and how long information is retained for

Records remain on file at the CRAs for 6 years after they are closed, whether settled by you or defaulted. CRAs may use this information for the purpose of statistical analysis about credit ratings. If you tell us that you have a spouse or financial associate with whom you have a personal relationship that creates a financial association* in a similar way to a married couple (for example if you have been living at the same address at the same time), we may:

i) search, link and/or record information at CRAs about you both,
ii) link any individual identified as your financial associate, in our own records,
iii) take both your and their information into account in future applications by either or both of you, and
iv) continue this linking until one of you notifies us that you are no longer linked.

* An association shows that you have a financial connection with someone else. This can be created by joint judgments, joint accounts, joint credit applications, or from information you have previously provided to Credit Reference Agencies through quotations and applications for credit.

Linked records
When CRAs receive a search from us they will link together your records and records about your spouse or financial associate. Links will remain on your credit file and theirs until such time as you or they successfully files for a disassociation with the CRAs. If your circumstances change and you believe you are no longer financially linked with another person you should contact the CRAs about this.

Contacting Credit reference Agencies
You can contact the CRAs currently operating in the UK (CallCredit, Equifax and Experian) to find out what information they hold about you. The information they hold may not be the same so you may wish to contact more than one. Their details are below. They are entitled charge you a small statutory fee.

CallCredit, 0330 024 7574 or log on to
Equifax, Equifax Ltd Customer Service Centre, PO Box 10036, Leicester , LE3 4FS, 0333 3214043or log on to
Experian, Consumer Help Service, PO Box 8000, Nottingham NG80 7WF or call 0344 481 0800 or log on to
Both types of credit checks as described above may be completed when obtaining a quote for you, whenever you change or renew the policy, to offer payment options and to calculate premiums.

Telephone call recording

Telephone calls with us will be recorded for training and quality purposes. We engage third parties to carry out quality and compliance monitoring on our behalf and customer data including recorded calls is made available to such third parties for this purpose.

Call recordings are retained for 6 months where no policy is purchased and for 3 years where a policy has been set up in line with regulatory guidance.

Disclosing other peoples information to us

You should show this notice to anyone whose personal information you provide to InsurFolio. You must ensure that any such information you supply relating to anyone else is accurate and that you have obtained their consent to the use of their data for the purposes set out above. Where you authorise a third party on the policy, it is our standard practice to speak to either of you, regarding the policy, after completing relevant identity checks.

Cookie policy

Cookies work by putting a small bit of information onto the device you are using to access our website. We use cookies for a number of things. If you would like to read about them in more detail please see our Full Cookie Policy on our website where we have listed which cookies we use, and how to remove them from your device.

Your rights and access to your information

Under the Data Protection Act 1998 you have the right to access or obtain copies of the personal information held about you by us. Should you wish to exercise this right, please make a written request to

Customer Assistance,
30 Stamford Street,
SE1 9LQ.

A response to your request will be provided to you within 40 days of us receiving a valid request. If you wish to exercise this right against our partners you will need to write to them directly.

You have the right to request that we correct any inaccuracies in the personal information held about you. Contact your local branch if your personal information needs updating.

Third party processors and International Transfers

In order to deliver our services to you and, as necessary we will use third party processors (for example for the purposes of data hosting, print production, data transfer, analytics, credit searches and fraud prevention). Such processing is conducted under contract and we ensure that appropriate data protection and information security assurances are provided.

From time to time we may need to process some of your information using third parties located in countries outside of the European Economic Area (EEA). If your information is processed outside of the EEA, we will take all necessary steps to ensure it is adequately protected. This includes ensuring there is an agreement in place with the third parties which provides the same level of protection as required by the data protection regulations in the UK and EEA.

Your browser does not support the canvas element.