Alpha This is a new service – your feedback will help us to improve it.

Menu Search


The information on this page is from the privacy notice published by Swinton.

You can use this page to learn about how this organisation uses personal data and find out how to make a request related to the data they hold about you.

Make a request

Organisation information


Swinton is a UK insurance retailer

Registration country

United Kingdom

Registration number


Data Protection Officer

Organisations that use special categories of data, are public bodies, or do large scale processing must appoint a Data Protection Officer.

This organisation does not appear to have a data protection officer.

Data categories collected

Organisations must give details about what categories of data are stored and processed.

  • Bank account details

  • Credit history

  • Criminal recordsSpecial category

  • Date of birth

  • Email address

  • Employment

  • Family

  • Gender

  • HealthSpecial category

  • Identity documents

  • Names

  • Nationality

  • Postal address

  • Social security number

  • Telephone number


They also collect marital status, place of birth, job title, employment history, vehicle and property details, telematics (vehicle tracking) and in some cases, surveillance reports.

Unusual processing purposes

Organisations must provide information about what they do with data. This section highlights less common uses of data.

Third parties

Organisations must give details about other parties that personal data is shared with.

List of third parties

  • Covea Insurance

  • Insurance Participants (a company)

  • law enforcement bodies, reinsurers and regulators such as the Financial Conduct Authority

How specific is this information?

Third parties are listed as groups

Retention rules

Organisations must give details about how long data is kept.


Personal data will be retained for 11 years for the purpose of analysing and assessing risk in relation to insurance claims.

Personal data relating to quotes requested and subsequently not taken up by you will only be processed for marketing purposes for four years.

Call recordings will be retained for three years.


Very clear and intelligible

How specific is this information?

  • Retention rules are given for specific categories of data

  • Specific times are given for how long data is kept

Lawful bases

Organisations must justify collection and use of data under six lawful bases and provide information about their decisions

  • Contract

    - to provide you with insurance quotes, set up and maintain your insurance policy, carry out fraud and credit checks, and handle claims

  • Legitimate interests

    - network and information security,
    - pricing modelling and analytics,
    - defence and prosecution of legal claims,
    - investigation or prosecution of fraud,
    - transfer books of business, sale or reorganisations of the business
    - direct marketing by post and phone


There is very little detail on this.

Security standards

Organisations must ensure that data is stored and processed securely.

This privacy notice does not appear to have this information.

Data processing addendum

Some organisations offer a data processing addendum that gives data adequate protections when it leaves the EEA.

This privacy notice does not appear to have this information.

Automated decision making

Organisations must give details about how data is used to make decisions without human involvement.


This organisation uses automated decision making


When calculating insurance premiums, Insurance Participants (a third party) may compare your personal data against industry averages. Your personal data may also be used to create the industry averages going forward.

- to understand fraud patterns
- special categories of data like medical history and past convictions may be used for profiling
- credit checks

How specific is this information?

The organisation mentions use of automated decision making for specific purposes

Complaint information

Organisations must give details about how to make a complaint with a data protection authority.


This privacy notice contains information about to make a complaint to a data protection regulator


Information Commissioners Office, Wycliffe House, Water Lane,Wilmslow, Cheshire, SK9 5AF

Tel: 0303 123 1113 (local rate) or

01625 545 745 (National rate)


How specific is this information?

This privacy notice contains specific contact details for a data protection regulator

Design recommendations

Organisations are required to provide privacy information in a transparent way. The Article 29 Working Party has provided recommendations on how to do this.


This privacy notice:

  • Has language that is easy to understand

  • Is designed in a way that makes it easy to find information

  • Can be easily found on the organisation's website

Last updated 2018-06-29 at 08:06:08 • Download as JSONAPI documentationView on GitHubView on OpenCorporates