Privacy Notice

We understand the importance of protecting the personal and sensitive information entrusted to us, and will comply with all applicable data protection laws. We are committed to protecting and keeping your personal information private - whether we receive it from you directly or from third parties - and we will take all reasonable steps to ensure its security.

This Privacy Notice explains when and why we collect personal information about our customers, how we use it, the conditions under which we may share it with others and how we keep it secure. It also explains how you can obtain details of the personal information we hold about you and the choices you have about how we use that information.

Please note that by using and accessing Unum UK’s websites, you are agreeing to the following terms and conditions. Please take a little time to read the following, which sets out how we treat your personal information, such as:

• your name
• email address
• company name, address, phone number
• and other information about yourself or your business  

You should also read this in conjunction with any terms and conditions that apply to any specific products or services on our website.

We’ve aimed to make this clear and easy to understand. If you have any questions, please contact us on 01306 887766.

The personal information we collect about you will depend on the products and services you use and the information we need to provide these. The type of personal information we may collect about you is set out in the Table below.

Your personal information may be used to:

• set up or administer a policy or a claim
• comply with our legal obligations under the law
• maintain business records for analysis and/or audit purposes
• deal with any complaints regarding our products or services
• defend or bring a legal claim
• comply with record retention requirements under the law.

We may receive this personal information from: 

• you (directly or through the devices you use to contact us)
• your broker or GP or other persons acting on your behalf
• research organisations we use or information that is publicly available
• third parties as part of the purchase, sale or merger or proposed purchase, sale or merger of new business.

Where you provide personal information about other people (such as additional scheme members), we expect you to be responsible for ensuring that they know we are using their personal information according to this privacy notice and that you have their consent.

We may ask you or your employer for, or you may voluntarily provide, sensitive personal information such as health information. We may collect this information when you purchase health insurance policies, in which case it will only be used with your consent (unless the law permits us to use such information without your consent or for lawful purposes in line with applicable data protection legislation). 

If you or your employer provide us with details of your health to help us to understand your specific circumstances, we may use it to make appropriate adjustments to the products and services we offer based on the information you provide.

We will make every reasonable effort to ensure email communication is secure. This may include encrypting or password protecting sensitive data. Please note that transmission of data over the internet may still be intercepted and we cannot be held liable for any loss of data transmitted to us electronically.

Please let us know as soon as possible if you become aware of any failure, delay or error in sending or receiving an email. Our ‘email sent’ records will be conclusive evidence that the email has been sent unless there is a clear mistake.

You can unsubscribe from our marketing communications at any time by clicking on the ‘unsubscribe’ link located on the bottom of our emails.

For our Group Income Protection, Life and Critical Illness insurance schemes we do not collect personal contact information and therefore will never send marketing materials to you as a member of such a scheme.

For our Dental insurance, we will collect your personal contact details and verify your marketing preferences. We may market to you by post and telephone. Please see the information below about this. We will only send you marketing messages by email, texts and other electronic means if we have your permission. You may receive marketing:

• Directly from us
• From a third party on our behalf about a product or service that we think may be of interest to you
• From a third party about their products or services that we think may be of interest to you.

If you do not want to receive marketing from us by post or telephone, or if you have changed your mind about receiving marketing by email, texts and other electronic means please let us know by contacting our Unum Contact Team.

Our contact details are here.

Where we ask you for personal information via any of our websites, we will maintain strict security standards and procedures to prevent unauthorised access to your data by anyone - including our staff. We will maintain appropriate technological measures to ensure the information you submit remains secure.

You must not misuse our websites by knowingly introducing viruses, trojans, worms, or any other malware or material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to our websites, our network, servers, computers or databases, including those that host our websites. You must not attack our websites via a denial-of-service attack or a distributed denial-of-service attack.

Doing any of the above is a criminal offence. We will report any such breach to the relevant authorities. You will immediately lose your right to use our site.

We are not liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically-harmful material that may infect your computer equipment, computer programs, data or other material from using our site, or downloading any material from it or from any linked website.

In some cases, we may automatically process Dental claims.  Where a claim does not qualify for automated processing, this will be processed by a member of our team.

Unum does not undertake automated decision making on any other aspects of its insurance business.

Our business is mainly conducted within the United Kingdom. However, sometimes the information that we collect from you may be viewed from or transferred outside the UK/European Economic Area (EEA) to other data controllers, to our Unum Group companies or to approved processors in certain circumstances, for example:

• In the event of a claim being made under a policy and medical reports being required from outside the UK/EEA
• Where our security monitoring identifies malicious code and/or malware in communications and this needs to be investigated by specialist teams used by us.  Whilst this should not involve the processing of personal data, in exceptional circumstances some personal data may be transferred for examination and remediation. 

We ensure that we put in place appropriate safeguards when we allow your information to be viewed, transferred or processed outside the UK/EEA. 

If you would like more information on the arrangements and safeguards in place, please contact our Data Protection Officer at: DataProtectionQueries@unum.co.uk

We will only ask for personal information that we need to set up or administer your policy. If you do not provide certain information, we may not be able to provide our service to you. For example, if you don’t provide the information requested on a claim form, we may not be able to process your claim. If you don’t want to provide certain information but are not sure of the impact that it will have on the service, please get in touch.

You have the following rights under data protection law:

• The right to be informed – you have the right to be provided with clear, transparent and easily understandable information about how we use your personal information.
• The right of access – you have the right to obtain a copy of your personal information.
• The right of rectification – you may ask us to take reasonable measures to correct your information.
• The right of erasure – this is also known as the “right to be forgotten”. This right allows you to request the deletion or removal of your personal information where there is no compelling reason for us to keep it. Please note that this is not an absolute right and Unum will need to retain personal data information where this relates to insurance policies and in particular claims processing.
• The right to restrict processing – you have rights to “block” or suppress further use of your personal information when we are assessing a request for rectification or as an alternative to erasure.  When processing is restricted, we can still store your personal information, but may not use it further.
• The right to data portability – you have the right to obtain and reuse certain personal information for your own purposes across different organisations.  This only applies to your personal information that you have provided to us that we are processing with your consent or to perform a contract to which you are a party that is being processed by automated means.
• The right to object – you have the right to object to certain types of processing on grounds relating to your particular situation, at any time insofar as that processing takes place for the purposes of legitimate interests pursued by Unum or by a third party.  We will be allowed to continue to process the personal information if we can demonstrate “compelling legitimate grounds for the processing which override our interests, rights and freedoms” or we need this for the establishment, exercise or defence of legal claims.  However, if you object to direct marketing (including direct marketing related profiling) we must stop this. 

It is important that the personal information we hold about you is accurate and up to date. Please let us know if your information changes, or the information we hold about you is incorrect. You can ask our Unum Contact Team to update or correct your information where appropriate.

If we have disclosed the personal information in question to another company, we will also let them know about the changes unless it is impossible or difficult to do so.

We will keep your information for as long as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information no longer than 7 years to enable us to meet our legal obligations as outlined in the ‘How we use your information’ section.

Medical data used to assess and process a claim is retained for a period of 7 years following termination/final settlement of the claim. Subject as below, where a group policy extends beyond this time period, any medical data is removed from the policy records after 7 years provided that we may retain depersonalised medical data for our legitimate business purposes. Where a policy has terminated but a live claim is still in force then the medical records will be retained/updated as needed for the purpose of assessing and managing the claim and will then be securely deleted 7 years after the final payment/settlement.

If you require additional information on our data retention policies please contact our Data Protection Officer.

Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user's device.

Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improve the user experience. They can also help to ensure the adverts you see online are more relevant to you and your interests.

The cookies we use do not collect personally identifiable information about you and confirmation is requested at least once every 12 months. The only exceptions are when you:

• apply for a job vacancy on unum.co.uk
• post a comment on one of our blog posts
• sign up to receive updates from us

Where we collect this information, we will only use it to process your request unless we tell you otherwise. We will never sell your data to third parties.

We also track IP addresses of businesses and organisations to help us understand how our website is used.

For more detailed information about what cookies we use and what we use them for, please look at our how we use cookies page.

You may refuse the use of cookies by selecting the appropriate settings in your browser, but this may affect some functionality. 

If you are unhappy with any aspect of the service we provide, please let us know by contacting our Complaints Team.

You have the right to complain to the Information Commissioner's Office whose contact details can be located on their website: www.ico.org.uk/global/contact-us

There will be situations where Unum will share your personal data with third parties who will also use this information as a Data Controller.

This can be done with your explicit consent, for example, to your GP in support of a claim, or to an Occupational Health professional to assist in a return-to-work programme, or it can be for another lawful reason of Unum to support the insurance contract or protect our legitimate business interests. A table illustrating the reasons why we may share your personal data and who the third parties are is available here.

We may change this Privacy Notice from time to time to keep it up to date, or to comply with legal requirements. Any changes we make will be posted on the Privacy Notice section of our website and, where necessary, notified to you.

If you would like to contact Unum’s Data Protection Officer directly in relation to this privacy notice, please use the following details:

The Data Protection Officer

Unum
Milton Court Dorking
Surrey
RH4 3LZ

Telephone: 01306 887766

Please note lines are open between 8.30am and 5.00pm, Monday to Friday.

Email: DataProtectionQueries@unum.co.uk