Privacy Policy

Effective date
5 March 2025

Introduction
Purpose
What is personal data?
What is the processing of personal data?
What does this Privacy Policy cover?
Who’s data does Onesurance control?
Types of data, purposes of processing and the lawful basis for processing
What personal data does Onesurance collect from third parties?
Ways we will never use personal data
Automated decision making
Data Policy sharing with third parties
Security and Integrity
Storage of personal data
Your rights
How to exercise your rights?
Cookies
Third-party websites and services
Changes to this Privacy Policy

1. Introduction

Onesurance, (“Onesurance”, “we”, “our”, or “us”) operates the Onesurance Website, Onesurance Web Application and Onsurance Mobile App, (collectively referred to as the “Services”). At Onesurance, we take your privacy seriously. By visiting our website, downloading our app, or using any of our Services, you agree to the practices outlined in this Privacy Policy. We encourage you to take a few moments to read through it carefully

2. Purpose

This Privacy Policy outlines how we collect, use, and protect your personal information, as well as your rights regarding your data. By using our Service, you agree to the collection and use of information in accordance with this policy. We are committed to safeguarding your data and will only share your information as described in this Privacy Policy. Unless otherwise specified, terms used in this Privacy Policy align with those defined in our Terms and Conditions, available at www.onesurance.co.uk/legal.

3. What is personal data?

Under European data privacy regulations, personal data is broadly defined to include any information that can directly or indirectly identify an individual. This covers details like name, address, and phone number, but also extends to log data, encrypted information, or electronic identifiers such as IP addresses, if they can be linked to a specific person.

4. What is the processing of personal data?

Under European law, processing of personal data is broadly defined, encompassing nearly any activity involving personal information. This includes collecting, recording, organizing, structuring, storing, modifying, transferring, or deleting data.

5. What does this Privacy Policy cover?

This Privacy Policy applies to personal data where Onesurance serves as the data controller, meaning we determine how and why your personal data is processed.

It does not cover personal data that we process on behalf of our customers. The terms governing that data processing are outlined in our Terms and Conditions and Data Processing Addendum, available at onesurance.co.uk/legal. We highly encourage our customers to review, sign, and return the Data Processing Addendum to ensure full compliance.

6. Who’s data does Onesurance control?

6.1 Onesurance Customers

Onesurance acts as the data controller for personal data provided by users when creating an account and activating their Onesurance profile

6.2 Leads

Onesurance may collect and control personal data from individuals who have shown interest in our services but have not yet become customers. This includes data obtained through forms, sign-ups, or inquiries. We use this information to follow up on potential interest and determine whether they wish to engage with our services further.

6.3 Prospects

Onesurance acts as the data controller for personal data related to individuals who are in the process of considering our services. This may include information collected from marketing activities, events, or interactions where we assess the potential for conversion into a customer. We manage this data to engage with potential customers and provide relevant information or offers based on their interests.

6.4 Visitors to our website and individuals contacting us through web chat, email, or phone support

Onesurance collects personal data from visitors to our website or individuals who reach out through web chat, email, or phone support. This data is used to provide customer support, answer inquiries, and improve user experience on our platform. We also track this data for analytics to enhance the functionality of our website and support services.

6.5 Candidates

Onesurance processes personal data provided by job candidates during the application process. This data may include contact information, resume/CV details, and other relevant materials shared during the recruitment process. We use this information to assess candidates' qualifications and suitability for open positions within Onesurance.

7. Types of data, purposes of processing and the lawful basis for processing

7.1 New Customers

Types of Data:

Personal details (name, contact information, date of birth)
Account details (username, password, preferences)
Insurance policy information (policy details, coverage preferences, and related documentation provided during account setup)
Payment and billing information
Communication preferences

Purpose of Processing:

To register and set up the customer account
To store and manage the customer’s insurance policies
To provide initial policy recommendations and coverage options
To process payments and manage billing for new policies
To send welcome communications and updates regarding their account and policy

Lawful Basis for Processing:

Contractual necessity: Processing is required to establish and manage the customer relationship and provide services related to insurance policies.
Legitimate interests: To process and manage new policies, billing, and customer communications.
Consent: For any marketing or promotional communications that the customer has explicitly agreed to receive.

7.2 Existing Customers

Types of Data:

Account and transaction details
Contact and billing information
Usage and service history
Insurance policy information (policy numbers, coverage details, premiums,claims history)
Communication preferences

Purpose of Processing:

To provide and manage the Onesurance service
To store and manage all insurance policies for users
To process claims and provide policy-related support
To send service-related communications, updates, and policy renewal reminders
To improve the service based on customer usage and feedback

Lawful Basis for Processing:

Contractual necessity: Processing is required to provide the service, manage policies, and fulfill contractual obligations.
Legal obligations: Required to comply with insurance regulations and financial reporting.
Legitimate interests: Processing for customer service, communication, and the ongoing management of policies.

7.3 Leads, Website Visitors

Types of Data:

Contact details (name, email address, phone number)
Interaction data (e.g., forms submitted, inquiries, or sign-ups)
Website usage data (IP address, browsing behavior, pages visited)

Purpose of Processing:

To assess and follow up on potential interest in Onesurance services
To provide information or offers related to our services
To improve the website experience and enhance marketing efforts

Lawful Basis for Processing:

Legitimate interests: To follow up on potential interest and engage individuals who have shown interest in Onesurance.
Consent: For marketing communications or newsletters if opt-in consent is provided.

7.4 Prospects and Referrals

Types of Data:

Contact information (name, email address, phone number)
Referral data (e.g., who referred the prospect)
Interaction data (e.g., sign-up forms, requests for information)

Purpose of Processing:

To assess the potential of converting prospects into customers
To communicate relevant offers and information
To track referrals and reward referrers as per business programs
To understand market interest and improve outreach efforts

Lawful Basis for Processing:

Legitimate interests: Engaging with prospects and referrals to promote our services.
Consent: For any marketing communications or rewards linked to the referral program.

7.5 Candidates

Types of Data:

Personal details (name, contact information, date of birth)
Resume/CV, cover letter, and job application materials
Professional experience, qualifications, and educational background
Interview notes and assessments

Purpose of Processing:

To assess the candidate's suitability for the job position
To communicate about job opportunities and the recruitment process
To store and manage recruitment records for future opportunities
To comply with legal obligations related to recruitment and employment

Lawful Basis for Processing:

Contractual necessity: Processing is necessary for evaluating and progressing the recruitment process.
Legitimate interests: To assess and determine the best candidates for open positions.
Consent: For processing any sensitive data or for retaining candidate details for future roles, if applicable.

8. What personal data does Onesurance collect from third parties?

Types of Data:

Onesurance may receive personal data from third-party sources, including:

Insurance providers: For processing insurance applications, claims, and managing policies.
Publicly available databases: For identity verification or credit checks.
Referral programs: Personal data provided by existing customers referring new users.
Partners or affiliates: Data shared for marketing, promotions, or partnership purposes.

Purpose of Processing:

To verify and authenticate user information
To enhance service offerings and provide relevant policy recommendations
To assess eligibility for certain services

Lawful Basis for Processing:

Contractual necessity: To fulfill the obligations in providing the service or policy.
Legitimate interests: To improve customer experience and offer additional services.

9. Ways we will never use personal data

Onesurance will never use personal data for:

Selling or sharing your personal information to third-party marketers without your consent.
Using your data for purposes outside of those explicitly outlined in this Privacy Policy, unless legally required.
Discriminating against or profiling you in ways that are unfair or harmful.

10. Automated decision making

Onesurance may use automated decision-making processes, such as algorithms or data analysis, to:

Assess eligibility for specific policies or services
Offer personalized recommendations
Streamline the approval or denial of certain requests

Note: You have the right to challenge such decisions and request a review by a human if you believe the automated decision is unfair.

11. Data Policy sharing with third parties

Onesurance may share personal data with third parties for the following purposes:

Service providers: To help with data processing, payment handling, or providing additional customer support.
Insurance providers: For policy management, claims processing, and underwriting.
Legal or regulatory authorities: When required by law or regulation.

We will never sell or trade your data to third parties for marketing without your consent.

12. Security and Integrity

Onesurance takes your data security seriously and implements measures to:

Protect personal data from unauthorized access, disclosure, alteration, or destruction.
Ensure data integrity and reliability through regular audits and updates of security practices.
Use encryption, secure servers, and firewalls to safeguard information.

13. Storage of personal data

Your personal data is stored securely in compliance with data protection regulations and retained for no longer than necessary for the purposes outlined in this policy. Once the data is no longer needed, it will be securely deleted or anonymized.

Data retention periods will vary depending on the nature of the data and its purpose. For instance, some data may need to be stored for legal or regulatory reasons.

14. Your rights

Under data protection laws, you have the following rights regarding your personal data:

Right to access: Request a copy of the personal data we hold about you.
Right to rectification: Request correction of inaccurate or incomplete data.
Right to erasure: Request deletion of your personal data in certain circumstances
Right to restrict processing: Request limitations on how we process your personal data.
Right to data portability: Request a copy of your data in a structured, commonly used format.
Right to object: Object to processing of your personal data under certain conditions.

15. How to exercise your rights?

To exercise your rights, you can:

Contact our Data Protection Officer Mr. Srinivas Gunda (DPO) at gundasr@inetsoftwaresolutions.co.uk.
Submit a request via our website or support team, providing the details of your request (e.g., access to your data, deletion).
Verification process: You may need to verify your identity before we process certain requests to ensure data security.

16. Cookies

Onesurance uses cookies to enhance user experience on our website and service platform. Cookies are small text files that are stored on your device to track your preferences, usage patterns, and improve functionality.

Cookie types used:

Essential cookies: Required for basic website functionality.
Analytical cookies: Help us understand website traffic and improve our services.
Marketing cookies: Used to personalize marketing content and offers

You can control cookie settings through your browser preferences at any time.

17. Third-party websites and services

From time to time, Onesurance's website and services may include links to external websites or services that we do not control. If you choose to visit these sites or engage with their services, please be aware that this Privacy Policy does not cover how those third parties collect or use your personal data. We recommend reviewing the privacy policies of those third-party websites or services to understand their data practices before interacting with them.

18. Changes to this Privacy Policy

Onesurance reserves the right to update or modify this Privacy Policy as necessary. If we make significant changes, we will notify you via email or through the website.

Effective Data:

The date of the most recent update will be clearly indicated at the top of this page.