Cornish Mutual is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. To help us improve our service, telephone calls may be recorded and monitored.
Cornish Mutual is committed to keeping safe any personal information you give us. This policy describes why we need to collect your data and how we will use it. It will also tell you who we share your data with and how we use it to improve the service we provide. Please read the following policy to understand how your personal information will be treated. This policy may change from time to time so please check back periodically.
For the purpose of the General Data Protection Regulation (GDPR), the data controller is the Cornish Mutual Assurance Co Limited, CMA House, Newham Road, Truro TR1 2SU.
How do we collect information?
We will obtain personal information from you when you take out an insurance policy with us, enquire about our activities, sign up to receiving updates from us, submit an enquiry via email or our website or otherwise provide us with personal information.
We will collect information about what has happened while you have been a Member with us such as making claims or amendments to your policy. In order to resolve an insurance claim we may collect personal details of relevant third parties, including minors.
In order to allow business development we may also collect personal data about people who are not currently Members with a view to providing a quotation. We will gather this information from the public domain (websites, public lists or advertisements) or by approaching people directly at our events or shows. Following our initial contact if we do not immediately provide you with a quotation we will ask for your consent to store your data for future contact. If at any point you wish to withdraw this specific consent you can contact us on 0345 017 5513 or email@example.com or by writing to CMA House, Newham Road, Truro TR1 2SU.
What information do we collect?
The types of personal information collected might include names, email address, postal address, telephone number, date of birth, information you may provide to us by filling in forms (such as proposal forms or claim forms) or by calling us, photographs, copies of correspondence with you, details of products you buy from us and details of your visits to our website.
We also collect information from a number of different sources for example publicly available sources such as social media, third party databases available to the insurance industry, firms, loss adjuster and/or suppliers appointed in the process of handling a claim.
If you do not provide us with this personal information we will not be able to provide you with an insurance product as it is necessary information for the insurance contract to perform.
Personal Information of Minors
As a general rule, we do not issue insurance contracts for minors (under 18’s) so we do not hold personal information about minors. The only times when we may collect personal information about minors would be for drivers under the age of 18 where the information is needed for the insurance contract to perform, or where this is advised as part of an insurance claim where it is beneficial to the minor for us to collect that information and where we have a legitimate interest in holding that information.
We may also collect information about minors if we run a competition and we keep contact details in order to draw a winner. If we use any photos of a minor we will always gain a responsible adult’s consent. If we hold the data for the competition, as soon as the result is announced we destroy these records, unless we have asked for specific consent to retain the data.
Some of the personal information we ask you for may be sensitive personal information as defined by the GDPR (such as information about your health or criminal convictions). We will not use such sensitive personal data about you or others except for the specific purpose for which you provide it and to provide the services described in your policy documents, such as in claims resolution where it may be necessary to pass this information on to legal advisors or medical experts.
- Why do we collect your personal information?
Collecting your personal information is necessary for the performance of the insurance contract.
We also have a legitimate interest in using your data for some or any of the following:
- To develop our products and services. Your data could be used in analysis of our current products and service to make improvements.
- To develop pricing. Your data could be used in analysis of claims frequency and severity to ensure we are accurately pricing our insurance policies.
- To make contact with you if you are not yet a Member to discuss our products and services.
- To develop our relationship. We may hold data about you from conversations and correspondence in order to better understand your insurance requirements.
Whenever we process data for these purposes we will ensure that we always keep your data secure. You have the right to object to this processing if you wish, and if you wish to do so please contact us. Please bear in mind that if you object this may affect our ability to carry out the tasks above for your benefit.
If you give us information about another person, for example named drivers on your motor insurance policy, other policyholders or employees or if you give authority for someone else to act on your behalf, in doing so you confirm that they have given you permission to be able to process their personal data (including any sensitive personal data) and also that you have told them who we are and what we will use their data for, as set out in this policy.
As a mutual organisation owned by our Members, it is part of good governance that we advise our Members of the items to be discussed at the Annual General Meeting (AGM) and invite Members to attend or vote on resolutions or issues about how the organisation is run. While you are a Member you are therefore unable to opt out of receiving our AGM pack on an annual basis and your contact details will automatically be added to the distribution list for the duration of your Membership. If you provide us with an email address we will send this information to you by email. If you only provide us with a postal address we will use this address for AGM communications.
When you become a Member of Cornish Mutual we will ask for your consent to contact you with news and updates on our products and services by post, telephone, SMS, email or other electronic means. We may also collect data about non-Members for this same purpose.
Members’ information may also be disclosed and used for these purposes after their policy has lapsed.
If Members or non-Members do not object to receiving marketing material at the time the information was collected from them, but subsequently change their mind and no longer wish to receive this they can opt out. Please contact Member Services, Cornish Mutual, CMA House, Newham Road, Truro, TR1 2SU Tel: 0345 017 5513 or email: firstname.lastname@example.org.
- How long do we keep hold of your information?
Current Insurance Policies
We do not currently delete any of our live policy records systematically. This is for the following reasons:
- It is important for us to retain details of your insurance policies and be able to easily identify you so that any enquiries or claims can be efficiently handled.
- In order to continue to provide the best products and services at competitive prices we need to retain certain data for analysis purposes. This may include postcode and date of birth data as well as claims information.
We hold personal data on lapsed policies for 21 years from the date of the lapse. We are obliged by the Employers Liability Tracing Office to retain personal data on any Employers Liability policies for 60 years. This is for the following reasons:
- If there is a future claim made against you we may need to find a record of your insurance policy;
- We have a legitimate business interest in being able to look back at claims experience and any notes made when you were a Member if you are requesting to become a Member again.
We retain personal data on closed property claims for 3 years and liability claims for 21 years because of statutory limitation periods.
If we collect personal data on non-Members we will only retain this information for a period of 2 years unless you give us consent to keep it for longer. You can withdraw this consent at any time by contacting us.
We delete records of telephone calls after 2 years.
- How can I access the information you hold about me?
In the case of personal data, with limited exceptions, you have the right to access and if necessary rectify information held about you.
You have the right to request a copy of all the personal information we hold about you in a Data Subject Access Request.
In specific circumstances, you may make a request to have your personal data erased. There are reasons why such a request may not be actioned, such as:
- You may want to make a future claim, so we need to be able to find your records.
- Insurance companies share data about policies and claims to prevent fraud.
If you would like to access or erase your personal data please contact us at Cornish Mutual on 0345 017 5513 or email@example.com or by writing to CMA House, Newham Road, Truro TR1 2SU.
- Who might we share your information with?
Your information may be passed on to other parties where this is necessary to help deal with your claim or allow you to benefit from additional services such as vehicle breakdown, home emergency, credit hire, vehicle repairs or legal advice.
We may also pass your information on to an independent market research company in order to gain useful feedback to help us to improve our service. They will not use your data to promote the services of other companies or third parties.
For the purposes of administering your insurance policy we may be required to share your information with other underwriters, reinsurers or approved suppliers. We may need to disclose some of your information and that of others named on the policy to credit reference or fraud prevention agencies, regulators or law enforcement agencies.
Your data may be transferred to other countries within the European Economic Area (EEA) for the purposes detailed above and for policy systems administration. Where this happens, we will ensure that anyone to whom we pass your information agrees to treat your information with the same level of protection as if we were dealing with it. We do not currently transfer any of your data to countries outside the EEA, other than for the purposes of the 1953 London Agreement (Green Card) and the 2009 EU Motor Insurance Directive 2009/103/EC if your vehicle is involved in an accident in a country outside the EEA.
Fraud Prevention and Anti-Money Laundering
To prevent and detect fraud we may at any time:
- Share information with other organisations and public bodies including the police although we only do so in compliance with the GDPR.
- Check and/or file details with fraud prevention agencies and databases and if we are given false or inaccurate information and we identify fraud, we will record this. We and other organisations may also use and search these agencies and databases from the UK and other countries to:
- Help make decisions about the provision and administration of insurance, credit and related services for you and members of your household,
- Trace debtors or beneficiaries, recover debt, prevent fraud, and to manage your insurance policies,
- Check your identity to prevent money laundering, unless you provide us with other satisfactory proof of identity.
Law enforcement agencies may also access and use this information.
We and other organisations may also access and use this information to prevent fraud and money laundering, for example when:
- Checking applications for, and managing credit and other facilities and recovering debt,
- Checking insurance proposals and claims,
- Checking details of job applicants and employees.
We, and other organisations that may access and use information recorded by fraud prevention agencies, may do so from other countries.
We can provide the names and addresses of the agencies we use if you would like a copy of your information held by them. Please contact us at CMA House, Newham Road, Truro TR1 2SU or firstname.lastname@example.org or on 0345 017 5513. The agencies may charge a fee.
We will use information about you and that of others named on your policy to ensure compliance with financial sanctions in effect in the UK and internationally. This will include the checking of your information against the HM Treasury list of financial sanctions targets as well as other publically available sanctions lists. Your information and that of others named on the policy may be shared with HM Treasury and other international regulators where appropriate. You may also be contacted in order to provide further details to ensure compliance with Financial Sanctions requirements.
Credit Reference Agencies
We do not carry out credit searches on Members. Some of our suppliers may perform credit searches and this should be detailed in their own Privacy Statements
Motor Insurance Database
Information relating to your policy will be added to the Motor Insurance Database (MID) managed by the Motor Insurers’ Bureau (MIB). The MID and the data stored on it may be used by certain statutory and/or authorised bodies including the Police, the DVLA, the DVANI, the Insurance Fraud Bureau and other bodies permitted by law for purposes not limited to but including:
- Electronic Licensing (Tax Discs),
- Continuous Insurance Enforcement,
- Law enforcement (prevention, detection, apprehension and/or prosecution of offenders),
- The provision of government services and/or other services aimed at reducing the level and incidence of uninsured driving.
If you are involved in a road traffic accident (either in the UK, the EEA or certain other territories), insurers and/or the MIB may search the MID to obtain relevant information.
Persons (including his or her appointed representatives) pursuing a claim in respect of a road traffic accident (including citizens of other countries) may also obtain relevant information which is held on the MID.
It is vital that the MID holds your correct registration number. It is our responsibility to update your policy to the MID. We fully comply with the agreements in place with the MIB to update your details within seven days; however it is important that you check your policy documents ensuring that the registration number is recorded correctly.
If it is incorrectly shown on the MID you are at risk of having your car seized by the Police. You can check that your correct registration number is shown on the MID at www.askMID.com.
If the registration number is not shown correctly on your policy documents, or you cannot find your car on the MID, please contact us immediately.
- Data Security
We are committed to protecting the confidentiality and security of the information that you provide to us and we put in place appropriate technical, physical and organisational security measures to protect against any unauthorised access or damage to, or disclosure or loss of, your information.
For further information visit
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However in a few cases some of our website features may not function as a result.
A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
The below list contains information on the cookies we use on our site and what they are used for.
Name Purpose Expires SESS(Unique Code)
This cookie is used to calculate how much time you have spent on our website.
This cookie is also used to store any preferences you have applied or information you have entered within specific areas on our website, such as account credentials, search queries, content formatting, contact queries, questionnaires, etc.
What do we use the cookie information for?
We use the information we get from cookies to understand how our site is used and to make your journey through our site smoother. We also use them to make sure that you see the information that is relevant to you.
Our website analytics does not use your individual IP address and each session is anonymised so can’t be tracked individually to IP level.
Other websites and information security
If your personal details change, please help us to keep your information up to date by notifying us at the following address: Cornish Mutual, CMA House, Newham Road, Newham, Truro, TR1 2SU, calling 0345 017 5513 or emailing email@example.com.
- Making a complaint
If you think your data has been misused or that we haven’t kept your data secure you should contact us at Cornish Mutual on 0345 017 5513 or firstname.lastname@example.org or by writing to CMA House, Newham Road, Truro TR1 2SU.
If you are unhappy with our response or if you need any advice you should contact the Information Commissioner’s Office (ICO) by calling 0303 123 1113 or writing to:
Information Commissioner's Office
Water Lane, Wilmslow
- Your rights
Any information you share with us is securely stored in our UK based databases or in our processing partners' databases. If you wish to know more about your rights in respect of protection of personal data, you should contact the ICO at the address above.