Privacy and Data Policy
This website service is hosted for Bank of Scotland plc by Epoq Legal Ltd ("ELL", "we" or "us").
We are committed to ensuring that your privacy is protected. This policy explains how we use the personal information we collect about you, how you can instruct us if you prefer to limit the use of that information and the procedures that we have in place to safeguard your privacy.
How your information will be collected and used
When you register for this service we need to know various details about you or your business. We may check some of the information that you provide to us against third party databases to confirm that it is accurate. Any calls that you make to our customer team may be recorded for the purposes of our business management, training and security.
We (or other companies in the Group to which we belong) will hold and process your personal information on our systems for the purposes of administration, operation of the service, business development and marketing.
We may from time to time aggregate information and statistics for the purposes of monitoring website usage in order to help us develop the website and our service and may provide such aggregate information to third parties. These statistics will not include information that can be used to identify any individual.
From time to time we may provide your information to our customer service agencies for research and analysis purposes so that we can monitor and improve the services we provide. We or our agents and sub-contractors may occasionally contact you by post, email or telephone to ask you for your feedback and comments on our service.
We will only contact you in connection with the service or to tell you about related services that we think may interest you. If you do not wish to receive these communications simply uncheck the tick box when registering on the website or send an email message to firstname.lastname@example.org. However; please note that it may impair our ability to provide you with service updates and other information which may affect your business.
Because of the nature of the internet and our global operations, we may process data in relation to this service in facilities which may from time to time be located outside of the European Economic Area. Any such facilities will at all times be protected by the same data protection standards as are required within the European Economic Area.
We may transfer your information to other countries. If we do this we will ensure that anyone to whom we pass it provides an adequate level of protection.
Information gathering technologies
We reserve the right to use other tracking technologies in the future.
We may automatically collect non-personal information about you such as the type of internet browsers you use or the website from which you linked to our site. You cannot be identified from this information and it is only used to assist us in providing an effective service on this website.
How we protect your information
The security of your personal information is very important to us. All personal information that you supply to us either in respect of yourself or other individuals in connection with the service will be treated in confidence by us and will be held by us for the purpose of providing and administering our products and services. This may involve the collection and processing of sensitive data (as defined in the Data Protection Act 1998) and if you subscribe to the service you will be giving your consent to such information being processed by us, other Member Service providers, and the underwriter of our insurance products.
It may be necessary to pass your personal and sensitive data to other companies for processing on our behalf. Some of these companies may be based outside Europe in countries which may not have the laws to protect your personal data, but in all cases we will ensure that such companies meet the standards of data protection existing within the European Economic Area and specifically that the data is kept securely and only used for the purposes for which it was provided.
The internet is not a secure medium. However, we take security issues very seriously and abide by strict internal standards. Some of the relevant security procedures are described in this policy.
We capture certain information such as your name, postal address, email address, telephone number and your credit card number and expiry date (where applicable) or bank account details (where applicable) over a secure link using recognised industry standard techniques which encrypt the data while travelling over the internet. We do not send full credit card details (where applicable) back to your screen, for fear of these being overlooked or compromised.
We have installed a mechanism which ensures that there is an encrypted private connection between you and us, commonly referred to as SSL, that uses digital server identities to help assure you that the website you access is the Halifax Legal Express website. This is done using a service run by DigiCert Inc., a well known certification system technology provider. When you access certain pages which involve the transmission of confidential information over the internet, your browser will be provided with an electronic certificate confirming that you have accessed our site and these communications between you and us will be encrypted. In addition, similar communications with banks, credit providers and suppliers will be encrypted. You are recommended to use the facilities of your browser to confirm which pages are secured in this way.
Firewalls are used to attempt to block unauthorised traffic to the servers and the actual servers are located in a secure location that can only be accessed by authorised personnel.
We also aim to keep your information confidential. Our internal procedures cover the storage, access and disclosure of your information.
Please ensure that you keep your password confidential and remember to log out when not using the site to prevent unauthorised access.
Fraud prevention, detection and claims history
In order to prevent and detect fraud we may at any time:
- Share information about you with other organisations and public bodies including the police;
- Check and/or file your details with fraud prevention agencies and databases, and if you give us false or inaccurate information and we suspect fraud, we will record this. We and other organisations may also search these agencies and databases to:
- Help make decisions about the provision and administration of insurance, credit and related services for you and members of your household;
- Trace debtors or beneficiaries, recover debt, prevent fraud and to manage your accounts or insurance policies;
- Check your identity to prevent money laundering, unless you furnish us with other satisfactory proof of identity;
- Undertake credit searches and additional fraud searches.
If you would like to receive details of those fraud agencies and databases from whom we obtain, and with whom we record, information about you, please contact us at email@example.com. You have a legal right to these details.
Updating your details
If any of the information that you have provided to us changes, for example, if you change your email address, name or payment details (where applicable), please contact us by sending an email to firstname.lastname@example.org.
If you believe that we are holding inaccurate information about you, please contact email@example.com and we will be happy to correct any errors.
How to contact us