Health Cash Plans | My Health Xtras

My Health Xtras - site logo
Menu

Privacy Policy – My Money Xtras

YOUR INFORMATION AND HOW WE USE IT

My Money Xtras Limited (My Money Xtras) arranges insurance products. We are an appointed representative of My Health Xtras Limited (Our Principal).

We are committed to protecting your personal information. We keep your data safe and confidential, we use it only for the purposes we have told you about  and we will never sell it.

We are bound by the General Data Protection Regulations and the Data Protection Act 2018 (‘‘DPA’’) as amended which govern how we may use your personal information and provide you with certain rights in respect of your information.

This Privacy Policy explains what personal details we collect or receive – from you or a third party –  how we may use that information and why and your choices and rights in respect of the personal information you have given us.

It applies where we collect or receive your personal details from websites including sub-domains of mystaffshop.co.uk and any other top level domain that serves the My Staff Shop platform (online services)

WHO CONTROLS YOUR DATA

My Money Xtras Limited is what is known as the “data controller” of the personal information we hold about you. That means we are responsible for deciding how we hold and use personal information about you.

We are a limited company registered in England and Wales number 12072970. Our registered office is at 2 Charlesworth Court, Knights Way, Battlefield Enterprise Park, Shrewsbury, SY1 3AB.

You can contact us:

  • At 2 Charlesworth Court, Knights Way, Battlefield Enterprise Park, Shrewsbury, SY1 3AB
  • By email: customerservices@myhealthxtras.co.uk
  • By telephone : 03300 242 280

THE TYPE OF PERSONAL DATA WE COLLECT AND USE

The exact information we will request from you will depend on what you have asked us to do.

We may collect the following about you:

  • Contact details: your address telephone number and email address.
  • Identification details such as date of birth, address, passport and driving licence details, utility bills.
  • Personal information such as your age, gender, family relationships, health and employment details
  • Financial information such as your income, outgoings, savings and investments
  • Details of our correspondence and discussions;
  • Bank account or payment card details
  • Credit history
  • Information relevant to your insurance policy

In certain circumstances we may request and/or receive “sensitive” personal information about you. For example, we may need information about your health for the purpose of providing you with a policy.

HOW DO WE COLLECT THIS INFORMATION

We might collect your personal data from various sources including:

From you:

We’ll collect your personal information directly from you during our relationship with you.

From other sources

We may also collect information from other sources such as:

  • Your family members: for example:
    • from someone who applies to add you to an insurance policy or makes claims for you under that policy
    • where you may be incapacitated or unable to provide information
    • Where your financial circumstances are connected to a family member seeking financial advice, such as your spouse or partner.
  • Other third parties such as:
    • Banks or building societies
    • Product providers and insurers
    • Other professional firms who act for you
    • Pension trustees
    • Employers
    • Medical professionals and hospitals
    • Group companies who host our online services

Online services

When you use our online services, we may collect details of visits made to our online services including but not limited to the volume of traffic received via cookies.

HOW AND WHY WE USE YOUR INFORMATION : THE LEGAL BASIS AND PURPOSE

We mainly use personal information to provide you with the services you have requested from us but there are other reasons why we use your personal information.

Under data protection laws we are required to have a legal ground to use and process your personal information and to tell you what that is. Where we process information which is sensitive we must have an additional legal ground or apply a specific exemption for insurance purposes (this applies where we need to process your information as an essential part of insurance cover, for example, health data).

Some of the rights you have – see below – depend on the legal ground we have to use your personal information..

To provide our services: performing our contract with you

The primary reason for using your personal information is to provide a product or service for you.

We will use your personal data to:

  • Communicate with you
  • Provide you with advice and/or information
  • Arrange investments, insurance contracts and mortgage contracts on your behalf;
  • Keep records of your transactions
  • Seek advice from third parties such as tax advisers, pension trustees or accountants
  • Obtain ongoing valuations and review your investments
  • Respond to your queries or complaints.
  • Provide you with quotes and payment options.

To improve our services : our own legitimate business interests

We also use your information for our own legitimate business interests including:

  • To improve our services and their delivery, including by recording and monitoring sales presentations and telephone calls.
  • For good governance, accounting and managing our business operations.

Where we do so we ensure that our processing does not interfere with your rights and freedoms and does not cause you harm.

To comply with legal obligations

We also  use or disclose your personal information for the purposes of legal obligations with which we must comply including:

  • Confirming your identity and verifying the source of funds to meet the requirements of anti-money laundering legislation and regulation.
  • Keeping records required by our regulators.
  • The establishment and defence of legal claims: we may use your personal information to establish, exercise or defend our legal rights, for example when we are faced with any legal claims or where we want to pursue any legal claims ourselves.

When you give us your consent

In certain circumstances and to the extent necessary to provide our services, we may need to process information about you which the DPA classes as “special category data”, such as information about your health.

We process special category data when you provide consent or when we need to:

  • Advise, arrange, underwrite or administer an insurance policy;
  • Protect, investigate, and defend legal claims;
  • Process data for reasons of substantial public interest.

If we need consent we will make this clear to you when we ask for the information. If you give us consent you are free to withdraw this at any time by contacting us using the details set out above. If you do withdraw consent we will not be able to process the information you gave us for this purpose.

This does not apply to our use of information where consent is not required.

For more information see below.

PERSONAL INFORMATION WE PROCESS

WHY WE NEED IT

LEGAL GROUNDS FOR PROCESSING

Your contact detailsTo communicate with youIn order to provide you with our financial services.
Identity information such as your name, date of birth, address, passport and driving licence details, utility bills. Information about your financesIn order to verify who you are and the source of your fundsIn order to comply with our legal obligations under anti money laundering legislation and regulation.
Your age, family relationships, health, employment details. Your financial circumstances, income, outgoings, savings and investments.We need this information where we are providing you with advice services in order to assess what products products may be suitable for you and where necessary seek advice or information from other professionals or service providers (such as tax advisers, pension trustees and employers who have details about your membership of group schemes or who are required to verify your personal information such as you income)We also use this information in the event that we need to resolve any complaints you raise. We also use this information to monitor the quality of the advice we offer: we review and assess our dealings with youIn order to provide you with our advisory financial services. To meet our legitimate business interests to resolve complaints about our business. To meet our legitimate business interests to comply with regulatory standards. Where this information includes sensitive personal information about your health or relations health we ask you to consent to the processing unless an exemption for insurance purposes applies.
Information relevant to your insurance policy: your contact details, age,  health and policy terms.We need this information in order to obtain quotations for the cover you require from available insurers. We also use this information in the event that we need to resolve any complaints you raise.In order to provide you with our arranging financial services. To meet our legitimate business interests to resolve complaints about our business. Where this information includes sensitive personal information about your health or relations health we ask you to consent to the processing unless an exemption for insurance purposes applies.
   
Information you provide to us in relation to any query you haveWe will use this information in order to investigate and answer your queryIn order to provide you with our services.
Details about you and other related parties, your product and serviceWe may use your personal information to establish, exercise or defend our legal rights, for example when we are faced with any legal claims or where we want to pursue any legal claims ourselves 

 

WHO HAS ACCESS TO IT

There are circumstances when we need to disclose some information to third parties.

Third Parties

We may need to disclose some information to third parties for the purposes of completing tasks and providing services to you on your behalf, for example:

  • HM Revenue & Customs
  • Pension Trustees
  • Product Providers

We may use providers of identity verification services to comply with anti-money laundering legislation and regulation.

We may also disclose your personal information to regulatory and ombudsman services such as the Information Commissioner’s Office, the Financial Conduct Authority and the Financial Ombudsman Service.

If we sell or buy any business or assets, we may disclose personal information held by us about our customers to the prospective seller or buyer. If we are acquired, or substantially all of our assets are acquired, by a third party (or subject to a reorganisation within our corporate group), personal information held by us about our customers will be one of the transferred assets and no further consent shall be sought in making such a transfer.

Our Principal

We share information with Our Principal.  Our Principal is authorised and regulated by the Financial Conduct Authority (FCA) and is responsible for the quality of the service that we provide to you in relation to your insurance products, where those products are regulated by the FCA.  In the course of doing so, Our Principal will also process your information.

In the course of handling your information Our Principal will:

  • Record and store your Information on Network systems run on secure servers. Your information will be accessed by authorised employees and consultants within, or engaged, by Our Principal as necessary for the purposes of supervision, training, quality audits, customer surveys and complaint handling or otherwise to comply with any other legal or regulatory obligation Our Principal may have
  • Use, and where appropriate transmit, your information to respond to any request from the FCA, the Financial Ombudsman Service, HMRC, the Office of the Information Commissioner or any other regulatory, law enforcement or governmental body
  • Need to access and process your information to deal with enquiries received from insurance providers that relate to the service we have provided to you.

Your Information will be retained by Our Principal either electronically or in paper format for a minimum of six years and possibly for a longer period where this is required to enable Our Principal to fulfil its legal and regulatory obligations.

PROCESSING OUTSIDE THE UK

Our websites are hosted in England. We also use outsourced services in countries outside the EU from time to time in other aspects of our business. Accordingly data obtained within the UK may be “processed” outside the UK and data obtained in any other country may be processed within or outside that country.

However, third-party providers or third parties, such Google, may have their servers located outside the UK in which case your personal data may be transferred outside the UK in compliance with the applicable data protection legislation. For more information, please refer to https://privacy.google.com/businesses/compliance/ in the case of Google, or contact us directly.

If you have any questions regarding the privacy policy, please contact us through the contact page.

HOW LONG DO WE KEEP HOLD OF YOUR INFORMATION

The following criteria are used to determine how long we keep your personal data:

  • Retention in case of queries: we’ll retain your personal information as long as necessary to deal with your queries.
  • Retention in case of claims: we’ll retain your personal data for as long as you are entitled to bring legal claims against us
  • Retention in accordance with legal and regulatory requirements: we’ll retain your personal data based on our legal and regulatory requirements.

WHAT ARE YOUR RIGHTS

You have the following rights (free of charge) under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018:

  • A right of access: you can ask us what personal data that we hold about you at any time;
  • The right to rectification: you can ask us to update and correct any out-of-date or incorrect personal data that we hold about you free of charge;
  • The right to erasure:  you can request deletion or removal of personal data
  • The right to restrict processing: in certain circumstances you can ask us to stop processing your personal data, for example if you think the personal data is inaccurate or that we no longer need your personal data.
  • The right to portability: ask for the data you provided to us to be moved to another organisation

You may object to us processing any information which we carry out for our own legitimate interests or for direct marketing purposes.

All such requests must be referred to the Compliance Officer at My Money Xtras Limited using the contact details above.

COMPLAINTS ABOUT THE USE OF PERSONAL DATA

If you are not satisfied by our actions, you can seek recourse through our internal complaints procedure, the Information Commissioner or the courts.

If you remain dissatisfied, you have the right to refer the matter to the Information Commissioner. The Information Commissioner can be contacted at:

Information Commissioner’s Office

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 01625 545 745

Fax: 01625 524 510

Their website address is https://ico.org.uk/your-data-matters/raising-concerns/