Blagrove Underwriting Agency

Privacy Statement

Blagrove Underwriting Agency Ltd (BUA) Website Mission

The mission of Blagrove Underwriting Agency Ltd is to furnish visitors, suppliers and clients with the most current product and company information and present it in a manner that best benefits their needs. The Blagrove Underwriting Agency Ltd website may be accessed by all Internet users on a 24/7 basis.

Interruptions and Omissions in Service

Whilst we try to ensure that the standard of this website remains high and to maintain the continuity of it, the Internet is not an inherently stable medium, and errors, omissions, interruptions of service and delays may occur at any time. We do not accept any liability arising from any such errors, omissions, interruptions or delays or any ongoing obligation or responsibility to operate this website (or any particular part of it) or to provide the service offered on this website. We may vary the specification of this website from time to time without notice.

Executive Privacy Statement

BUA is committed to making sure you can trust us with your personal information. This Privacy Statement applies to personal information provided to us, both by you or by others on your behalf. It sets out our key principles and provides an overview of how we make sure this happens. Our commitments to you are:

  • We’ll only collect information that is needed to provide our services to you.
  • We’ll make sure that we use and share your personal information fairly and in a way you’d expect.
  • We’ll tell you how we use your information whenever we collect it, so you can make an informed decision.
  • We’ll keep your information up to date when you tell us about changes.
  • We’ll make it easy for you to exercise your rights.
  • We won’t hold your information for any longer than we need.
  • We’ll take appropriate measures to protect your information.

BUA ensures all staff are aware of what they need to do to meet the above commitments through our Group Data Policy and associated training.

This privacy policy is updated from time to time, to reflect any changes in how we use and handle personal information. This privacy policy was last updated April 2024

Who does this privacy policy relate to?

This privacy policy relates to the following types of individuals, where we hold your personal information:

  • Individuals who are customers, including prospective customers who have received an insurance quotation, former customers who have previously held an insurance policy with us, and customer representatives, for example those with power of attorney.
  • Visitors to our websites.
  • Individuals who contact us with a query, concern or complaint.
  • Individuals named on our insurance policies.
  • Individuals who request information from us or permit us to contact them for marketing purposes.

There are types of individuals who this privacy policy does not relate to, for example BUA employees and sub-contractors (including prospective and former employees and sub-contractors), employees of our current, former or prospective business partners and service suppliers, and members of the press.

If you are one of these individuals and would like further information on how we collect, use and store your data, please contact us at:

Who we are?

Blagrove Underwriting Agency is an insurance intermediary. We are classed as a Data Controller which means we are responsible for deciding how your personal data will be processed.

What information we collect and how we use it

We collect your information and use it in different ways depending on your relationship with us and how you have interacted with us. This can include information we share with or receive from other third parties.

We use your information for the following lawful reasons:

To enter into or perform a contract: for example, to provide an insurance quotation, to arrange and administer your insurance including making any changes, renewing your policy, cancelling your policy answering queries and to action your requests.

This information may also include sensitive (special category) data which we can collect on grounds of substantial public interests to provide you with a quotation and/or arrange your insurance. If you give us information about another person in doing so you are confirming that you have their permission to do so and that we may use their personal data in the same way as we will use yours.

To comply with a legal obligation: for example, the rules set by our regulators the Financial Conduct Authority (FCA), and The Financial Ombudsman Service, to fulfil your data rights under data privacy laws, handle complaints about data privacy or our insurance products and services and to comply with other legal requirements.

For yours and our legitimate interests: for example, to detect and prevent fraud, money laundering and other financial crimes, monitor and improve our business and our products and services, demonstrate compliance with applicable laws and regulations, handle legal claims, respond to other types of complaint not previously mentioned, and sending you postal direct marketing communications. Where we rely on this lawful reason, we assess our business needs to ensure they are proportionate and do not affect your rights. In some instances, you also have the right to object to this kind of use. For more information, visit the “Your data rights” section of this policy.

With your consent: when you ask us to provide you with information, when you give us your details, where we have obtained your contact details in the course of a sale.

To protect vital interests: in extreme or unusual circumstances, we may need to use your information to protect your life or the lives of others.

When we collect your personal data

We collect personal data from you when:

  • You request an insurance quotation from us, via one of our third party partners.
  • When you are named on the insurance policy of another individual.
  • You purchase, change or cancel an insurance policy.
  • You renew your insurance policy.
  • You contact us to request information or to make a complaint.
  • When you make a claim.
  • You visit our website.
  • You have given permission to other companies to share your information with us;
  • You have made your information publicly available, and we have a legitimate reason to review it.

We also collect your information from other third-party sources where we have legal grounds to do so. These include anti-fraud and crime-prevention agencies, credit reference and vetting agencies, and other data providers.

What information we use and hold about you

We will process any data which you provide in completing the online registration or application forms and any further forms containing company and personal details which you complete or provide to us when using this website in accordance with UK data protection legislation.

Depending on your relationship with us, we may hold the following types of information about you:

  • Identity and contact data: for example, your name, date of birth, postal address, telephone number and e-mail address.
  • Payment and account data: for example, your bank account details, credit/debit card details.
  • Correspondence data: for example, copies of letters and e-mails we send you or you send to us, and notes or call recordings of any telephone conversations.
  • Internet data: for example, information collected by cookies and other online technologies such as Facebook pixels and Google Analytics, as you use our website or contact us by online methods.
  • Special category data we obtain from other sources: including credit agencies, anti-fraud and other financial crime prevention agencies and other data providers. This can include demographic data and interest-based data.
  • Other special category data such as driving and criminal convictions, and details of medical conditions.
  • Complaint data: for example, what the complaint was, how we investigated it and how we resolved it, including any contact with the Financial Ombudsman Service or other third party adjudicator services.
  • Information disclosed to the insurers of the policy and their assistance and claims handlers.

Some of our processes combine different sets of information we hold. This can include combining different data sets we have about you or combining your information with that of other individuals.

What are cookies and why do we use them?

Cookies are ways of saving a small amount of personal information. We only use them to save your username or password to allow easy access to our website. We advise you not to use cookies if your computer is shared by other people.

Who we share your data with

Where applicable, we share your personal information with the following types of third parties when we have a valid reason to do so:

  • Insurers, underwriters and other companies for the purpose of arranging and administering your insurance and for handling claims.
  • Law enforcement, government bodies, regulatory organisations, courts and public authorities, for example the Financial Conduct Authority (FCA), The Financial Ombudsman Service, The Information Commissioner’s Office (ICO), Police and HMRC.
  • Your broker/intermediary.
  • Personal representatives appointed by you to act on your behalf.
  • A third party where disclosure is required to comply with legal or regulatory requirements.
  • A third party we may choose to sell, transfer, or merge parts of our business or our assets with. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this policy.
  • Other companies within the Group.
  • Other third parties including claims handling and assistance service providers may share personal information that you have disclosed to them, with us for the purposes of administering your policy. If you refuse disclosure of data to a third party which prevents the insurer from providing cover, the insurer may be released from any liability for any claim.

Transferring data internationally

Data protection law places restrictions on transferring personal data outside of the United Kingdom (UK) and the European Economic Area (EEA). The EEA consists of the member countries of the European Union (EU), along with Iceland, Liechtenstein, Norway and Switzerland, and who are all considered to have appropriate data protection laws to safeguard your privacy and protect your rights.

We may need to transfer information to our service suppliers in countries outside the UK and the EEA. If we do, we will ensure that your information is properly protected. If the laws of the country where our supplier is based are not considered equivalent to those in the UK or the EEA, we will ensure that the service supplier enters into a formal legal agreement that reflects the standards required.

Your data rights

Data protection law gives you rights relating to your personal information. This section gives you an overview of these and how they relate to the information you give us.

The UK supervisory authority for data rights, the Information Commissioner’s Office (ICO), has also published detailed information about your rights on their website:

Your right to access

You have a right to request copies of the personal information we hold on you, along with meaningful information on how it is used and who we share it with. We will respond to these requests within 1 month.

This right always applies, but there are some instances where we may not be able to provide you with all the information we hold. If this is the case, we will confirm why we are unable to provide it – unless there is a valid legal reason that means we cannot let you know why.

Your right to rectification

If information we hold is inaccurate or incomplete, and this has an impact on the way we are using your data, you have the right to have any inaccuracies corrected and for any incomplete data to be completed.

If you ask us to rectify your information, we will either confirm to you that this has been done, or if there is a valid reason that this cannot be done, we will let you know why.

Your right to erasure (the right to “be forgotten”)

You have the right to request that your personal information is erased.

If you ask us to erase your information, we will either confirm to you that this has been done, or if we are unable to delete it, let you know why and also inform you how long we will hold it for. For more information, see the “Retention Policy” section of this policy.

Your right to restrict processing

You can ask us to restrict the use of your information.

If you ask us to restrict your information, we will either confirm to you that this has been done, or if we are unable to restrict it, we will inform you why.

Your right to object to processing

You may object to our processing of your personal data pursuant to this privacy policy. Please contact us providing details of your objection.

Your right to object to the use of your information for statistical purposes

You can object to us using your information for statistical purposes in some instances.

If you do so, we will either confirm to you that the processing has stopped, or there is a valid reason for the processing to continue, we will inform you why.

Your right to challenge our legitimate interests

You can challenge the use of your personal data where we use a legitimate business interest as a lawful basis to process your information. You can find more information on when we use this lawful basis in the “lawful ways we use your data” section of this policy.

If you do so, we will either confirm to you that the processing has stopped, or there is a valid reason for the processing to continue, we will inform you why.

Your right to data portability

You have the right to request that your information be compiled into a common, machine readable format and either provided directly to you or sent by us to a third-party you nominate.

If you request this, we will either act upon your instruction and confirm to you that we have done so, or if there is a valid reason that this cannot be done, we will tell you why.

Your right to complain

If you have a complaint about how we use your personal information, please contact us by email at Or by post:

Upper Floor, The Long Barn, Priory Lane, Burford, Oxfordshire, OX18 4SG

01993 670555

If you remain unhappy with our response you may raise a complaint with a supervisory authority responsible for data protection and privacy.

In the UK, the supervisory authority is the Information Commissioner’s Office (ICO), who can be contacted using the following details:

By e-mail:

By telephone: 0303 123 1113

By post: The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.

Exercising your data rights

You can exercise any of your data rights by contacting us

Retention Policy

We will only retain data for as long is necessary for the purposes for which it is being processed and in line with our data retention policy. In most cases this will be a maximum of 10 years from the expiry of an insurance contract.

Information Security

We are committed to protecting the online privacy of visitors to our website. We have implemented security policies, rules and technical measures to protect your personal data from unauthorised access; improper use or disclosure; unauthorised modification; and unlawful destruction or accidental loss

Email Security

If you contact us by email, you should be aware that emails are not secure unless they have been encrypted. We cannot accept any responsibility for the unauthorised access to your data that is beyond our control.

Your Use of Our Website

You may only use this website for lawful purposes when seeking information. You must not under any circumstances seek to undermine the security of the website or any information submitted to or available through it. In particular, but without limitation, you must not seek to access, alter or delete any information to which you do not have authorised access, seek to overload the system via spamming or flooding, take any action or use any device, routine or software to crash, delay, damage or otherwise interfere with the operation of this website or attempt to decipher, disassemble or modify any of the software, coding or information comprised in the website.

Information on Our Website

Whilst we make every effort to ensure that the information on this website is accurate and complete, some of the information is supplied to us by third parties and we are not able to check the accuracy or completeness of that information. We do not accept any liability arising from any inaccuracy or omission in any of the information on our website or any liability in respect of information on our website supplied by you, any other website user or any other person.

Choice of Law and Jurisdiction

The use of this website and any agreements entered into through this website are to be governed by and construed in accordance with English law. The courts of England are to have exclusive jurisdiction to settle any dispute arising out of or in connection with the use of this website or any agreement made through this website.