Welcome > Help >

Contact

Print version

Privacy statement

For the purposes of the Data Protection Act 1998 the data controller for AEGON Scottish Equitable, AEGON Trustee Solutions and AEGON Actuarial Services is Scottish Equitable plc.

We use personal information as part of our business. It forms the basis of our relationship with our customers, our suppliers and our employees. This relationship is particular to those individuals and companies that we deal with. To this end we recognise that that this information should be treated with the respect that those individuals expect .

The data we hold resides on various platforms ranging from paper based though microfiche to computerised in their many forms of capture. Each have their inherent demands on the means of control of data, however, they should all be treated generically.

Statement

This statement details our policy on Data Protection and Privacy.

We collect and use certain types of personal information about people (data subjects) with whom we deal in order to operate. These include current, past and prospective employees, suppliers, policyholders, clients, visitors, and others with whom we communicate. Examples of personal information include names, national insurance numbers, salaries, pension contributions, gender, and age.

Where necessary, we will process ‘sensitive data’ (including any medical information) in accordance with the Data Protection Act (from now referred to as the Act). This may include information relating to physical or mental health or condition and sexual life, and may be used to assess any claims made under the policy (and will therefore be held for the duration of the life of the policy). This information may be passed to reassurers, medical professionals and / or health care management companies (who would be used to arrange medicals).

We have a confidentiality policy in place, which means that medical information is held securely and access is limited to those who need to see it.

The insurance industry maintains a register of claims, for example, made under Group Income Protection and Critical Illness Cover for underwriting, claims handling and fraud prevention purposes. Personal information about individuals for whom claims are made may be disclosed to other insurance companies for these purposes. We will not otherwise pass any personal data to third parties, except where permitted by law or where you have given your prior consent.

In addition, we will disclose information to certain bodies where we have a legal obligation to do so, for example to regulatory bodies or authorities such as the Financial Services Authority or the Revenue. We may also be required to disclose information in order to comply with money laundering laws and for other purposes, for example detecting crime. We will also share permitted relevant information with persons acting as agents on your behalf (for example your Financial Adviser) to allow them to carry out fully their role as your agent.

We regard the lawful and correct treatment of personal information as important to successful operations, and to the maintenance of confidence between it and those with whom it deals. This policy will operate in all our offices both in the UK and overseas.

We will ensure that our staff and those acting on our behalf obtain, use and disclose personal information lawfully and correctly. To this end we fully endorse and adhere to the principles of Data Protection, as set out in the Act.

Specifically, the principles require that personal information shall:

  • Be processed fairly and lawfully and, in particular, shall not be processed unless specific conditions are met
  • Be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes
  • Be adequate, relevant and not excessive in relation to the purpose or purposes for which it is processed
  • Be accurate and, where necessary, kept up-to-date
  • Not be kept for longer than is necessary for that purpose or those purposes
  • Be processed in accordance with the rights of the individual under the Act
  • Have in place appropriate technical and organizational measures against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal information
  • Not be transferred to a country or territory outside the European Economic Area (the countries of the European Union plus Norway, Liechtenstein and Iceland) unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data or unless specific agreement has been sought from the individuals concerned.

We will, through the use of appropriate and consistent management and application of controls:

  • Observe the conditions in the Act regarding the fair collection and use of information
  • Meet its legal obligations to specify the purposes for which personal information is used, this information being set out in our Data Protection Notification particulars which can be found on the Information Commissioner's website at http://www.ico.gov.uk
  • Collect and process appropriate information, only to the extent that it is needed to fulfil our operational needs or to comply with a legal requirement
  • Ensure the quality and accuracy of information
  • Apply checks to determine the length of time information is held
  • Ensure that the rights of people about whom information is held, are able to be fully exercised under the Act
  • Take appropriate technical and organizational security measures to safeguard personal information
  • Ensure that personal information is not transferred outside the European Economic Area without suitable safeguards or agreement from the individual.

top of page

Cookies

A cookie is a piece of data stored on a user's hard drive containing information about the user. These work by setting a cookie on the visitors browser to anonymously track the pages they visit on our site and provide us with statistics.

We also use action tags (sometimes referred to as Web Beacons) to measure usage of the website.

We currently use cookies / tracking on our websites for the following purposes:

  • Anonymously tracking participation in online surveys accessed on or from our website. We’ll set a cookie so that we remember your decision on whether you wish to participate in such a survey. This is used to enhance the user experience, by avoiding having to ask if you wish to participate each time you visit the website. No personal data will be stored or collected.
  • Anonymously tracking usage of the website, either by us or our appointed third party. We use a third party company to place adverts on the world wide web. These adverts link to our website. When someone clicks on one of these adverts and arrives at our website, we will anonymously track which pages they visit on the website. This helps us to develop our website and online advertising to help improve user experience.
    We, and/or the third party may use non-personal information about your visits to the website. This information can include: date/time of online advert shown, the cookie, and the first three octets of the IP address. Neither we nor the third party collect personally identifying information (PII).

More information about cookies, including how to block them and/or delete them, can be found at http://www.aboutcookies.org/.

3rd Parties Use of information

You do have the option to transfer to web sites that have links on our sites. If you choose to go down this route, you will be asked for separate login ID and passwords for these services. We will not hold onto any information to do with that transfer.

Disclosure and Visitor Choice

We do not disclose your personal data to our subsidiaries or other organisations.

Collection of Information

We will collect only sufficient information that is required to service our policies and members of staff. We do not operate a policy of collecting information in case it may be required at a later stage.

Members of staff should contact their Data Protection Coordinators if there is a change to processing of data, and its treatment. By doing this we ensure that data held and processed is regarded as adequate.

Purpose of web sites

The purpose of the website is to provide final information, resources and services for site visitors and policyholders.

Security

We currently operate our security requirements through the Security Policy:

  • Breaches in security - are dealt with by the Security Policy
  • Ensuring that staff treat the data with respect:
    • All members of staff, including temporary members of staff, sign confidentiality agreements
    • Staff are restricted to certain systems to which are required in order to comply with their job function
  • We ensure that personal information is passed to only those people and organisations that are entitled to know. Checks are made to confirm that people are whom they say, and that these organisations or people are allowed to have access to this information. Every business area has their own verification checks that relate to the data held and types of people who may require access.
  • We train our entire staff in Data Protection. This ensures that members of staff know how to treat personal data and the risks involved if data is poorly treated. Every member of staff needs to complete the Data Protection training every two years.

We have implemented security policies, rules and technical measures to protect the personal data that we have under our control from:

  • Unauthorised access
  • Improper use or disclosure
  • Unauthorised modification
  • Unlawful destruction or accidental loss

All our employees and data processors, who have access to, and are associated with the processing of personal data, are obliged to respect the confidentiality of our visitors' personal data.

top of page