Privacy policy and cookies

Updated: January 2024

Who We Are

Total Travel Protection is a trading name of Ancile Insurance Group Ltd which is authorised by the Financial Conduct Authority.

Registered Office: Kao Hockham Building, Edinburgh Way, Harlow, Essex CM20 2NQ. Registered in England, Company No 05429313.

If you would like to find out more about the group, please visit our website at www.ancileinsurance.com.

Ancile Insurance Group Ltd. (We) are committed to protecting your privacy. We comply with the current Data Protection Regulations and aim to maintain consistently high levels of best practice in our processing of personal and/or sensitive personal data.

How We Use the Information You Provide

Any personal information you supply to us via our website or by phone will be treated in accordance with the General Data Protection Regulation and Data Protection Act.

We will be processing your personal data in order to fulfil our contract with you and our legal/compliance obligations.

Administering Your Policy

We collect and process your personal information for the purposes of insurance administration by us or our agents, including the processing of any claims you may make.

Please note if a claim is of a medical nature this could involve the use of your medical information or contacting your doctor. You will be asked to give consent before your doctor is contacted, but you should be aware that refusal could affect the outcome of your claim.

We collect your personal information on our website, or over the phone when you obtain a quotation or purchase a policy from us. In order to provide you with an accurate quotation and to administer your policy we will collect and process the following personal information:

Name, address and contact details, medical history and credit or debit card information.

Please note, we do not store any credit or debit card information on our computer systems or in our call recordings.

Before you provide any data to us, we will endeavour to make it clear why we need it.

In the course of administering your policy we may contact you from time to time by email, this may include, but is not limited to;

Providing instructions on what to do in a medical emergency before you go on your trip

Providing details on how to make a claim when you return from your trip

If you have provided an email address when you purchased a policy you may also be contacted on our behalf by a third party to request feedback on the service we provided. This third party will only send you one email and will not use your data for anything else.

Outsourcing

From time to time, we will use a third-party service company to administer insurance policies, provide company infrastructure or help us with customer service. If a third-party service company is used, they are bound under the same terms and conditions laid out in the privacy policy to protect your data.

IUA Business Solutions (PTY) Ltd – We may use a service company based in South Africa to administer insurance policies and provide customer service.

The company is contractually bound to protect your data with us under an International Data Transfer Agreement (IDTA), which can be viewed on request.

The company is incorporated under the laws of South Africa with company number 1981/006334/07 whose principal place of business is at Cnr. Keynsham and Umhlanga Rocks Drive, Somerset Park, Umhlanga Rocks, 4319

International Medical Group Ltd – For administration of policies, assistance and claims, company registration 04163178 whose principal place of business is at 3rd Floor, Fitzalan House, Fitzalan Court, Cardiff, CF24 0EL.

CustomerKNECT Ltd – For printing and posting of policies, company registration 02289304, whose principal place of business is at 3 Pancras Square, London, United Kingdom, N1C 4AG.

We use other third-party companies who provide the following specific functions, details of whom can be provided to you upon request:

• Marketing emails (unless you have opted out)

• Developers of our IT systems, software and infrastructure

• Provision of IT support with access to shared drives

• Provision of a website chat function for customer support

• Provision of a customer callback option for customer service

• Investor and Partner with access to management information

• Underwriting of all policies (as named on your insurance schedule)


Medical Screening

In order to receive an accurate quotation, it is often necessary to conduct a medical screening questionnaire, either online or by phone. The information you provide is processed to provide a score which affects the price of your insurance.

We will use the information you provide to administer your policy. In the event of a claim this could involve contacting your doctor to verify your medical history.

Please make sure you answer all questions accurately and honestly for yourself and everyone who is to be insured. If you don't, your policy may be cancelled, or treated as if it never existed, and your claims may be rejected or not fully paid.

Instant Online Chat

We use an online instant chat tool in order to provide help and assistance on our website. If you use this tool you will be asked to consent to your data being used for this purpose. If you do use our online chat tool you can exercise your right to access this data or your right to erasure by emailing optout@ancileinsurance.com

Renewal of Cover

If you had purchased an annual insurance policy, in order to offer renewal terms, we will contact you 30 days before your policy is due to expire to notify you that the policy is about to expire and provide you with a new quotation.

For the Investigation of or Prevention of Crime

When required to do so by law we will disclose information to police or other fraud or crime prevention agencies for the purpose of investigating or preventing crime.

Compliance with Regulatory Bodies

When required to do so we will disclose information to regulatory bodies for the purposes of monitoring and/or enforcing our compliance with their regulations. For example, but not limited to, the Financial Conduct Authority or the Information Commissioners Office.

Fulfilling Callback Requests

If you request a callback from our website, you are consenting to our service provider, Optilead, storing and processing your IP Address, Name and Phone Number in order for the call to be connected. This data will be stored securely by them for 30 days and then deleted.

We may also process your data for the following legitimate interests:

Direct Marketing

Direct marketing to customers by email, post, telephone or sms. You can opt out of receiving marketing communications when you purchase your policy and in all subsequent communications.

We have adopted the following procedure when using your data for direct marketing purposes.

When you purchase a product from us you will be placed on our marketing list to receive information about similar products and services from us (this may be by post, sms, email, telephone or social media), unless you opt out.

You will be given the opportunity to opt out of all marketing at the point of purchase, at the bottom of every subsequent electronic communication and when you log in to your account.

When you save a quotation, we will ask you for your consent to send marketing information about similar products from us, via post, sms, email, telephone or social media. If you consent, you will be given the opportunity to opt out at the bottom of every subsequent email and when you log in to your account.

You can also opt-out of marketing by emailing optout@ancileinsurance.com, calling us on 0330 024 9671, we are available Monday to Friday between 9am and 5pm, or writing to us at Data Protection Officer, Ancile Insurance Group Ltd., Kao Hockham Building, Edinburgh Way, Harlow, Essex UK CM20 2NQ.

When you receive a marketing email, we may track which links you click on and the areas of our website that you visit. This will enable us to better understand your needs and ensure any other information we send is better suited to your requirements.

What you can expect to receive:

Monthly email newsletters
We send a monthly email newsletter to customers with travel news for UK based holiday makers, product updates and other relevant news.

Timely reminders and updates
We may also send timely reminders and information by email based on your previous travel dates, purchase date, date of birth or destination of travel.

If you have not purchased a policy within 3 years, or have not respond to any emails (opened or clicked) recently you will be automatically removed from our marketing list.

Website Analysis

We use website usage information and analysis to improve our systems and service.

As with the majority of websites, when you use our site we log your IP address and which pages you have downloaded. This information is used to improve the performance, or identify errors with the functioning of our website. Log files are stored securely and are automatically deleted after 30 days.

We also place cookies on your device to improve your experience and provide anonymous information about how users interact with our site including how they find our site, where they leave our site and which pages are the most popular.

For more information about how we use cookies and how you can manage them. See How We Use Cookies

Research and statistical purposes

We may process your data for research and statistical purposes to help us to improve our products and services.

We analyse statistical information from claims submitted, including date of birth, destination and medical history in order to improve our products and inform our pricing strategy. If you don’t want your data to be used in this way you can exercise your Right to Erasure and request that we delete your data.

We may use anonymised sales and demographic information, such as average age from existing customers to inform our marketing strategy. If you don’t want your data to be used in this way you can exercise your Right to Erasure and request that we delete your data.

Any new information you provide to us may be used to update an existing record we hold for you. If you provide a work email address we will not be responsible for third parties who are authorised to access your work email address having access to any communications we send.

We ask for your home and mobile telephone numbers and email address to enable us to contact you in relation to an enquiry you have made, to contact you about relevant products or services, to contact you if there is a problem with your order, or there is another genuine reason for doing so.

Improving our Analytics and marketing strategy – Pseudonymised Data

We may also share limited personal data in a safely encrypted, pseudonymised format with Google, Microsoft and Meta via our marketing agency for the purpose of improving analytics and our digital marketing and advertising strategy. This data cannot be used for direct marketing or any other purpose and will be automatically deleted by Google and Microsoft after 90 days, and by Meta after 180 days. We consider ‘legitimate interests’ to be our lawful basis for processing the data, however you have the right to object to your data being used in this way and may exercise your right by writing to: Ancile Insurance Group, Kao Hockham Building, Edinburgh Way, Harlow, Essex, CM20 2NQ or email info@ancileinsurance.com.

We Do Not Sell, Trade, or Rent Your Personal Information

We do not sell, trade or rent your personal information to other companies, for any purpose.

In the event that a third party may deliver all or part of the service requested by you, whilst the information you provide will be disclosed to them, it will only be used for the administration of the service provided and to maintain management information for business analysis.

Security and Storage of Your Data

We take every reasonable step to ensure that any information you provide via the forms on our website or by phone is kept secure.

Our web servers comply with the General Data Protection Regulation and Data Protection Act and are located at a secure data centre with access limited to only a few personnel.

Remote access is limited to our IT provider via a secure VPN connection at their office or via a control panel where strict user credentials are required and can only be accessed over https (SSL).

All our staff are fully trained on the General Data Protection Regulation and Data Protection Act and are constantly monitored to ensure that they respect customer privacy and maintain the security of customer data at all times.

All credit and debit card transactions are handled via a payment gateway. No credit card details are stored by us, either on our online systems or call recordings.

Our website is secured using a SSL Certificate, which encrypts all the information you enter before transmission. This means that your credit and personal information will be safe and secure.

Our websites conform to the PCI-DSS standard.

Please note, due to the nature of the internet, we cannot guarantee the security or privacy of emails or that any emails sent will be received by us.

Logging into Your Account

When you save a quotation or purchase a policy you are invited to create an account with us. Your account will be based on your name, date of birth and email address.

To keep your account and personal information secure you are required to create a secure password which must meet the following criteria:

10 characters long, have at least one lowercase letter, one uppercase letter, one digit and one special character (#?!@$%^&*-)

Accessing Your Policy Documents

When you purchase a policy you can log in to your account to download your personal insurance documents. You can also request to have your documents posted to you.

Please note: We are unable to email your policy documents to you due to the sensitive personal information contained.

Data Retention

We are obliged and permitted by law and regulation to retain certain types of data for a minimum period of time. The minimum period of time tends to be for six years, but can be longer if the statute or regulation requires or permits.

After that time we will securely destroy all personal data.

We are happy to delete your personal information sooner than this if requested, for more information see the Right to Erasure section below.


How We Use Cookies

Cookies are small data files sent to your browser from a website. They allow the website to remember information about your visit. Some cookies are necessary for websites to work, and others are non-essential and remember things about you to give you a better experience online. We have placed some necessary cookies on your computer already to help us give you the experience you expect. By continuing to use our website, you’re agreeing to our use of necessary cookies. When you visit our website, you will be given the option to accept all cookies or to customise them to your preference. Alternatively, you can delete or manage them by following the instructions below.

We use cookies to improve your experience in the following ways:

Necessary cookies – make our website function

Without these cookies, our website will not work properly.

Necessary cookies are used to create a secure connection, so that we can provide you with a quote or policy, and to enable you to login and view your quote and policy information. Necessary cookies ensure the site functions as intended. Some necessary cookies are used to monitor the website to make sure it is available and responding quickly.

Statistics – help us improve our website and track advertising

We use Google Analytics to analyse trends of behavior on our website. These cookies collect aggregated information about how visitors use our site.

We use this aggregated information to improve our website - it never identifies individual users.

They give us an overall picture of how people find and use our website by telling us things like, how visitors found our site, the number of visitors to each page and what people do on the page, like which links they click on.

Targeting or advertising cookies – receive relevant advertising

These cookies collect information about your browsing habits (including details of the websites you’ve visited) which is then used to ensure you receive advertising relevant to you.

For instance, these cookies may be used by us (or third parties and advertising networks on our behalf) to serve ads relevant to you across the internet (including on other sites you visit), based on your interaction with our website and your browsing history.

The following third parties may place a cookie on your device for this purpose when you land on our website:

Preference Cookies

Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.

Improve the quality of our email messages

We use cookies to identify whether you have visited our site in response to one of our emails. This enables us to improve our email messages and send you more relevant information. To opt out of email marketing click on the unsubscribe link which appears at the bottom of all of our emails, or email optout@ancileinsurance.com

How to control cookies on your device

When you visit our website, you will be given the option to accept all cookies or to customise them to your preference. Alternatively, you can opt out of the use of your personal information for the purposes of displaying relevant and interest based advertising or delete cookies on your device by visiting:

http://www.youronlinechoices.com/uk/your-ad-choices This website will show you what cookies are active on your device and provides information about what they are doing and enables you to opt out. Find the third parties above in the list of online behavioral advertising companies and select ‘off’.

You can also find out more information about cookies on the website of the Information Commissioner: https://ico.org.uk/for-the-public/online/cookies/

Disclosure of Information to Third Parties

We do not sell, trade or rent your information and will never disclose information about you to third parties, except to fulfil your specific orders for a product, for example a data processing company may need your details in order to administer your policy. Or in the event that third parties deliver the relevant service, for example, if you take out an insurance policy underwritten by a third party, a claims company will need your details in order to process any claims.

Cross-border Transfers of Information

Please note that we provide products and services for customers who may travel outside the European Economic Area (EAA). Therefore, if you travel on such holidays, and it is deemed necessary to provide the cover you have purchased, for example in the event of a medical claim, the information you provide may occasionally be transferred outside the European Economic Area.

It is worth noting however that some non-EEA countries do not afford the same level of data security as the UK. By submitting your details, you consent to this transfer in the event that it is necessary to process your claim. We will always use every reasonable effort to ensure sufficient protections are in place to safeguard your personal information.

We may also be obliged by law to pass on your information to the Police or any other statutory authority.

Your Rights Under the General Data Protection Regulation

Under the General Data Protection Regulation an individual has specific rights with regards to their personal data.

The Right to Be Informed

When we collect any personal data from you we endeavor to inform you why we need the information. This is generally in order to provide you with an accurate quotation or to administer your policy. More information can be found in this privacy statement.

Your Right to Object (Opting Out of Direct Marketing)

When you purchase a product from us we consider it in our legitimate interest to place you on our marketing list to receive information about similar products and services from us (this may be by post, sms, email, telephone or social media), unless you opt out.

You will be given the opportunity to opt out of all marketing at the point of purchase, at the bottom of every subsequent electronic communication and when you log in to your account.

You can also opt-out of marketing by emailing optout@ancileinsurance.com, calling us on 0330 024 9671, we are available Monday to Friday between 9am and 5pm, or writing to us at Data Protection Officer, Ancile Insurance Group Ltd., Kao Hockham Building, Edinburgh Way, Harlow, Essex UK CM20 2NQ.

Withdrawing Consent

If you have consented to receive marketing information from us in the process of saving a quotation, you can withdraw your consent by using the opt out link which is at the bottom of every electronic communication or changing your contact preferences when you log in to your account.

You can also opt-out of marketing by emailing optout@ancileinsurance.com, calling us on 0330 024 9671, we are available Monday to Friday between 9am and 5pm, or writing to us at Data Protection Officer, Ancile Insurance Group Ltd, Kao Hockham Building, Edinburgh Way, Harlow, Essex UK CM20 2NQ.

Amendment and Rectification of Information

Please advise us in writing as to any changes in your circumstances or of any instances where you feel the data we hold may be incorrect. We will amend details as required.

If you wish to amend your data please call us on 0330 024 9671, email info@ancileinsurance.com or write to Ancile Insurance Group Ltd. Kao Hockham Building, Edinburgh Way, Harlow, Essex CM20 2NQ.

Subject Access Requests & Data Portability

You have a statutory right of access to accessible personal and/or sensitive personal data that we hold about you. In order to exercise this right, your application must be in writing for security reasons.

We can supply the data as a hard copy or as a csv file which can be imported into other computer systems.

Call recordings can be supplied as wav or mp3 files, these are common file types which can be listened to in a number of different applications.

Please write to, Ancile Insurance Group Ltd. Kao Hockham Building, Edinburgh Way, Harlow, Essex CM20 2NQ or email info@ancileinsurance.com


Right to Erasure

You have a right to ask us to delete any data we hold about you. Please write to, Ancile Insurance Group Ltd. Kao Hockham Building, Edinburgh Way, Harlow, Essex CM20 2NQ or email info@ancileinsurance.com

Please note, if you have a live policy with us, we will not be able to delete your data unless you cancel the policy first. This is because we require your personal data to administer your policy and process any claims you may make.

Right to Restrict Processing

If you feel that the data we hold for you is incorrect you have a right to ask us to restrict processing until you have supplied the correct data.

Please write to, Ancile Insurance Group Ltd. Kao Hockham Building, Edinburgh Way, Harlow, Essex CM20 2NQ or email info@ancileinsurance.com

Making a Complaint

If you are not happy with the way that we collect, process or store your data you have the right to lodge a complaint.

You can contact our Data Protection Officer at the following address:
Data Protection Officer, Ancile Insurance Group Ltd. Kao Hockham Building, Edinburgh Way, Harlow, Essex CM20 2NQ or email info@ancileinsurance.com

Alternatively if you would like to lodge a complaint with a supervisory body you can contact the Information Commissioners Office.

Visit their website https://ico.org.uk/concerns or call their help line 0303 123 1113

Changes to our Privacy Policy

If we decide to change our Privacy Policy, we will update all relevant documentation and post any changes onto our websites so that you are always aware of what information we collect, how we use it and under what circumstances we disclose it.