privacy policy

Privacy Policy

GDPR and Our Privacy Notice

Andrew Yule Insurance Privacy Notice (GDPR Version 1)


1. Who we are and our approach to privacy

In this Privacy Notice, ‘we’, ‘us’ and ‘our’ refers to Andrew Yule Insurance

The privacy and security of your personal information is very important to us so we want to assure you that your information will be properly managed and protected whilst in our hands. Please read this notice carefully as it explains how we and other parties we work with, collect and use your personal information. 

You can ask for more information about this privacy notice, our use of your personal information or complain about its use by contacting our Data Protection Manager at Andrew Yule Insurance, 6 Burnside Road, Glasgow, G73 4SA or call 0141 634 6827.


2. What information do we collect and where do we get it from?

The information we collect varies depending on your particular circumstances and requirements and may include:

General information about you/other people to be insured such as name, address, contact details and date of birth
Information about what and/or who you want to insure
Claim, conviction and credit history
Financial details
Sensitive personal information and criminal/motoring convictions
Information about your use of our website such as your IP address


We collect personal information from a number of sources including:

You or someone connected to you as part of a policy, quotation or claim
Insurers, claim assessors, repairers or any other third party involved in the performance of your insurance contract
Publicly available sources of information, such as social media and networking sites
Third party databases available to the insurance industry and databases you allow to share information with us
Price comparison websites, if you have obtained a quotation for a policy with us
Lead generation firms who you approached

If you have provided information about someone else, you will have done so after gaining consent from these individuals to share their personal information. You should share this privacy notice with anyone whose personal information you have given us.

3. Why we need your information

We need the information listed in section 2 to administer and manage all aspects of your quote/policy, including issuing documents, arranging telematics box installation if required, offering premium finance, shopping around at new business, mid-term and renewal including price checking using competitors’ websites, assisting at the point of a claim, maintain a record on our system, liaising with our Regulator, industry ombudsmen or professional indemnity insurer, helping prevent insurance fraud and comply with the law. This processing is necessary for the insurance contract you have or are enquiring about.

We also need the information listed in section 2 for additional reasons, including recovering debt, conducting statistical analysis, offering add-ons and additional products, introducing what may be products of interest from third parties, and gaining consent or explicit consent. This processing is necessary for a legitimate interest we have whether it is for commercial, customer service or regulatory reasons. You can ask for more detail about these legitimate interests by contacting our Data Protection Manager. 

When we collect and process special category data or criminal conviction data we will be doing so because it is necessary for an insurance purpose.

Our service you may involve an automated decision to determine whether we are able to provide a quotation and/or the price. The decisions involve the use of systems, such as price rating and acceptability tools as developed by the insurers we deal with and are dependent on the information that you provide to us. If you object to an automated decision we will be unable to provide you with an insurance quotation or renewal.


4. Who do we share your information with?

We may share your personal information with a number of other parties including:

Insurers, business partners, agents or carefully selected third parties providing a service to us or on our behalf, such as processing our mail, communicating with customers on our behalf via social media, providing IT systems and administrative services, telematics box/data providers, claims handling services, premium finance providers and the development and improvement of our internal databases; Price comparison websites or direct insurers as part of our shopping around service, without authorising them to contact you; Our professional indemnity insurers should there be a claim against us; Organisations that have a specific role laid out in law such as statutory bodies, regulatory authorities and other authorised bodies; Organisations where we have a duty to or are permitted to disclose your personal information by law (e.g. if we received a valid request from the police or other third party organisation in the interest of preventing and detecting crime); Fraud prevention agencies and operators of registers available to the insurance industry to check information and prevent fraud; Credit reference agencies to check your credit history. This check will be recorded on your credit reference file without affecting your ability to apply for credit or other financial products; Third parties we use to recover money you may owe us or to whom we may sell your debt; Another company, if our business or part of it is bought or taken over by that company to ensure your insurance policy can continue to be serviced or as part of preliminary discussions with that company about a possible sale or take over; Other companies when we are trialling their products and services which we consider may improve our services to you or our business processes; Other third parties if you have given us your permission to do so or there is sufficient reason to believe they are acting on your behalf. Unless required by law, we would never share your personal data without the appropriate and necessary care and safeguards being in place.


5. Using our website(s) and email communications

When you visit one of our websites we may collect information from you such as, your email address, IP address and other online identifiers. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit. We use third parties to collate IP addresses to help us understand our Internet traffic data and data regarding your browser type and computer.

We may use cookies and/or pixel tags on some pages of our website. A cookie is a small text file sent to your computer. A pixel tag is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags usually work together with cookies to assist us to provide you with a more tailored service. We may also use cookies and pixel tags in our email communication to personalise the email and track whether the email has been opened and whether the recipient has used any website links contained in the email communication. This allows us to monitor and improve our email communications and website. Useful information about cookies, including how to remove them, can be found at: http://allaboutcookies.org.

Internet browsers normally accept cookies by default, although it is possible to set a browser to reject cookies. We will ask your permission before using any cookie that is not essential to the email or the use of the website. However, refusing to accept cookies may restrict your use of our website and/or delay or affect the way in which our website operates. 

The open nature of the internet is such that data may flow over networks without security measures and may be accessed and used by people other than those for whom the data is intended. Whilst this is outside of our control, we do take the protection of your information very seriously and aim to apply appropriate levels of security at all times.


6. How we deal with others acting on your behalf

To help manage your insurance policy we’ll deal with individuals you nominate and third parties we reasonably believe to be acting on your behalf, provided they’re able to answer our security questions. However, for your protection, we may need to speak to you directly, your legal representative, someone you’ve nominated and given us permission to discuss your personal details, or power of attorney in certain circumstances e.g. to cancel a policy


7. How long will we keep your information?

We will keep your information only for as long as is reasonably necessary for the purposes set out in this privacy notice and to fulfil our legal and regulatory obligations.


8. Use and storage of your information overseas

We do not store your information overseas. Other parties with whom we share your information will store your information in accordance with their privacy notice, and this may include overseas storage where this is permitted and will be subject to rules and safeguard governing such storage.


9. Your rights

You have a number of rights concerning the personal information we use including the right to:

Ask for access to and a copy of your personal information
Ask us to correct or delete the personal information
Ask us to restrict or object to the use of your personal information at any time
Where you have previously given us your permission to use your personal information, withdraw that permission. Where your permission is withdrawn, your previous consent will remain valid in respect of our use of your information prior to the date you withdrew it, or if any marketing material has been sent prior to you advising that you do not wish us to contact you again
Complain to the Information Commissioner’s Office at any time if you object to the way we use your personal information. For more information please go to http://www.ico.org.uk;
Object to an automated decision

To discuss your rights or make a request, please contact the Data Protection Manager. Please note that in some cases even when you make a request concerning your personal information, we may not be required, or may not be able, to honour it as this may result in us not being able to fulfil our legal and regulatory obligations or there is a minimum statutory period of time for which we have to keep your information.  If this is the case then we will let you know our reasons.