Our Direct Line Group website provides a portal, or gateway, to the services offered by members of the Direct Line Group. The Site is owned by Direct Line Group plc a public limited company registered in England and Wales under Company Register Number 02280426 and with its registered office at Churchill Court, Westmoreland Road, Bromley, Kent BR1 1DP
You are not required to provide any personal information on the public areas of this website. By “your information” we mean any information about you, which you or third parties provide to us. However, you may choose to do so by completing the forms on various pages of the site or on our member’s websites. We will only use the information you provide to us in line with the privacy statement on the relevant webpage, application or form.
We are committed to safeguarding the privacy of your information and our principles below explain how your information will be treated by Direct Line Group plc.
Our customer personal data is important to us and we aim to be transparent with our dealing with you. When we collect and use personal data we:
- only do so for where we have lawful grounds and legitimate business reasons
- tell all individuals including customers and employees how we will use their personal data and we will be transparent in our dealings with them
- only use personal data for the reasons we have stated and we will not use it for any other reason unless we obtain permission to do so
- only ask for personal data we need
- update our records when informed of a change to personal details
- store personal information for as long as it is required and in line with our Records Management Policy
- observe the rights granted to individuals under applicable privacy and data protection laws and will ensure that queries relating to privacy issues are promptly and transparently dealt with including:
- Requests to access all records held on them;
- Request to prevent their personal details from being used for marketing purposes without their permission
- train our staff on their privacy obligations
- put in place appropriate physical and technological security measures to protect personal information
- when we outsource any processes we ensure the supplier has appropriate security measures in place and will contractually require them to comply with Data Protection requirements
- ensure that suitable safeguards are in place before personal information is transferred to other countries.