For the purposes of the General Data Protection Regulations, the data controller is Insurance Fraud Bureau of Linford Wood House, 6-12 Capital Drive, Milton Keynes MK14 6XT ("us","our").
1.1. Information we may collect from you
We may collect and process the following data about you:
Information you give us. You may give us information about you by filling in forms on this website, uploading content to this website and or by corresponding with us by phone, e-mail or otherwise. This includes, but is not limited to, information you provide when you submit a report via Cheatline, register to use this website, participate in discussion boards or other social media functions on this website, complete a survey, and when you report a problem with this website. The information you give us may include your name, address, e-mail address and phone number, employer details.
Information we collect about you. With regard to each of your visits to this website we may automatically collect the following information:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from this website (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. We are also work closely with certain third parties (including, for example, the DVLA, DVLNI, insurers, law enforcement bodies, government departments, local authorities and other public or private bodies) and may receive information about you from them.
2. Purpose and legal basis for processing
If you are an IFR Registered User, your personal data is processed for the purpose of providing you with access to the Insurance Fraud Register ("IFR") under the terms set out in the IFR User Agreement. It is a contractual requirement that you provide your identity and contact details, as failure to do so will result in you not being set up with access as a Approved User. Processing of this limited amount of personal data by the MIB is necessary for the performance of this contract with you.
If your personal data are uploaded to the IFR by an insurer, they are processed on the IFR database for the following purposes:
- the facilitation of the sharing of Fraud related information;
- the prevention and/or detection and/or investigation of crime (including, the crime of insurance fraud);
- the apprehension and/or prosecution of offenders (including, without limitation, in respect of insurance fraud);
- the assessment or collection of any tax or duty or of any imposition of a similar nature;
- the management of the risk of Fraud by Members and the repudiation of insurance application and claims;
- the protection of Insurers and non-fraudulent insurance policy holders;
- the facilitation of the consistent identification, classification, benchmarking, measurement and reporting of fraud across the insurance industry (including to the NFIB) in a non-discriminatory manner only and in accordance with all applicable Legislation.
It is necessary to process your personal data once it is on the IFR in the pursuit of legitimate interests of the Insurance Fraud Bureau and its members, these being to detect and prevent fraud in the Insurance sector.
In circumstances where details of suspected or proven offences ("criminal convictions data") are recorded against your personal data, it is necessary to process those criminal convictions data to prevent fraud.
3. How will we use your personal data?
The information you supply or we collect about you may be used by us and our agents for the purposes of claims administration, crime prevention and prosecution of offenders, research, management information, staff training, providing financial services / guidance, public relations and debt administration and recovery.
We will also use information held about you in the following ways:
Information you give to us. We will use this information:
- To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- To provide you with information about other goods and services we offer that are similar to those that you have already enquired about;
- To notify you about changes to our service;
- To ensure that content from this website is presented in the most effective manner for you and for your computer.
- Information we collect about you. We will use this information:
- To administer this website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To improve this website to ensure that content is presented in the most effective manner for you and for your computer;
- To allow you to participate in interactive features of our service, when you choose to do so;
- As part of our efforts to keep this website safe and secure;
- To make suggestions and recommendations to you and other users of this website about goods or services that may interest you or them.
Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
4. Who else will have access to your
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 ("Group").
We may share your information with selected third parties including:
- the DVLA and DVANI, member insurers, law enforcement bodies, government departments, local authorities and other public or private bodies, where we are obliged or permitted by law to do so.
- This includes disclosure to third party managed databases of insurance claims used to help prevent fraud, and regulatory bodies for the purposes of monitoring and/or enforcing IFB's compliance with any regulatory rules/codes;
- business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- analytics and search engine providers that assist us in the improvement and optimisation of this website;
5. Will we transfer data overseas?
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to this website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
6. Data Retention Period
IFB retains personal data of Registered Users for the duration of the registration period.
Personal data that is uploaded to the IFR is retained for a period of 5 years, then it is automatically deleted.
7. Your rights
This website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You have certain rights with regard to your personal data processed by IFB, and these are described in this paragraph.
Our contact details for exercising any rights are IFR DSARs, IFB, Linford Wood House, 6-12 Capital Drive, Milton Keynes, MK14 6XT, or DSAR@theifr.org.uk. We will usually ask you to provide evidence of your identity, the following are acceptable:
- Utility bill
- Local authority tax bill
- TV License
- Correspondence from HMRC
- Land Registry confirmation
- Vehicle registration document
- Student loan statement
7.1. Right of access to information
You have a right to access your personal data that we hold on our database about you, and this can be done by making a Data Subject Access Request (DSAR).
To exercise this right please contact us with details of the information required.
7.2. Right of rectification
If you believe the data we hold about you is incorrect, you have a right to have this corrected. We would recommend contacting the insurer who added the record and inform them of any inaccuracies.
7.3. Right to erasure
If you feel that you have been inappropriately added to the IFR you may ask the insurer who added the record to justify their action and to remove the entry if it is shown to have been incorrect. Please contact the insurer who notified you in the first instance.
7.4. Right to restrict processing
You have a right to request us to restrict the processing of your personal data held on our database for the period it takes us to rectify any inaccurate data about you. This right can also be used to prevent the IFB from deleting your data at the end of the retention period in the unlikely event that you need it to establish, exercise or defend a legal claim.
9. Data Protection Officer
10. Complaints Process
If you have any complaints about how the IFB handles your personal data, please contact the IFR Data Services Manager, email at firstname.lastname@example.org and we will do our best to assist.
In most instances your complaint will be handled by the insurer who entered your details on to the database, in which case, you will be provided with their relevant contact details.
If, after you have been given a final response, you are still dissatisfied you have a right to lodge a complaint with:
Information Commissioner's Office:
Tel: 0303 123 1113 or 01625 545 745
The ICO currently recommends that you contact them within 3 months of your last contact with us.
11. Cookies Policy
The following explains how the IFR website use non-intrusive cookies. Continued use of the site implies acceptance of these terms.
11.1. What is a cookie
A cookie is a small text file that is stored by your browser (e.g. Internet Explorer or Safari) on your device (e.g. computer or phone). They enable websites to store user information such as preferences and settings. Cookies basically allow websites to remember users and their preferred settings for that particular site, enabling the site to respond accordingly.
The IFR website use the following cookies:
Anonymous analytics cookies can tell us whether or not you have
visited the site before. Every time a user visits our
website, web analytics software provided by a third party generates
Your browser will let us know if you have these cookies or not, if you do not we will generate new ones. This allows us to track individual unique users and how often they are visiting IFR website.
- These cookies cannot be used to identify individuals unless they are signed in to the IFR website. If the user is not signed in then the cookies are used for statistical purposes only. If you are signed in we will know the details supplied for this purpose such as username and email address.
- Registration cookies signal to us whether the user is signed in or not, once registered with the IFR website.
- We use these cookies to determine which account you are signed in with and which services you are allowed access to. It also allows us to link comments and posts with the correct username.
As long as you have not selected 'keep me signed in' the cookies will be deleted when you logout, close your browser or shut down your computer.
11.2. Removing Cookies
Alternatively, you may wish to visit www.aboutcookies.org which contains comprehensive information on browsers (as above), how to delete cookies from your computer and more general information. For information on how to do this on the browser of your mobile phone you will need to refer to your handset manual.
Please be aware that restricting cookies may impact on the functionality of the IFR website.
The IFR website uses a number of suppliers who also set cookies on our behalf in order to deliver the services that they are providing.