Last updated: October 2021
Protecting your personal information is extremely important to us at Legal & General. It’s especially important for a large financial company like ours, as our customers trust us to look after a huge amount of sensitive information on everything from their business affairs to their medical history.
The way we collect, use, store and share your information is equally important. Our customers expect us to manage their information privately and securely. If we don’t, they’ll lose their trust in us.
This policy tells you how we collect and process your personal information. Please take a few minutes to read it, and show it to anyone else connected to your product or whose data you've shared with us. This policy may be subject to future change.
Unfortunately, sending information via e-mail is not completely secure; anything you send is done so at your own risk. Once received, we will secure your information in accordance with our security procedures and controls.
When we talk about personal information we mean information about an individual that can identify them, like their name, address, e-mail address, telephone number and financial details. It can relate to customers (including prospective customers), their appointed representatives (e.g. powers of attorney), employees, shareholders, business contacts and suppliers. Any reference to “information” or “data” in this policy is a reference to personal information about a living individual.
We may collect and process the following personal information about you:
|Type of data||Description||Examples of how we use it|
|Consent & preferences||
|Open data & public records||
|Documentary data & national identifiers||
We use personal information that we hold about you:
When you apply for a product or to receive a service from us, the application form you fill out or the resulting contract may contain additional conditions relating to the way we use and process your personal information. These will apply in addition to the uses described in this document.
In some cases, we may use software or systems to make automated decisions (including profiling) based on the personal information we have, or collect from others. These may include:
For mortgage purposes the factors may include your creditworthiness, assessment of mortgage affordability, property value and checks against records held by credit referencing and fraud prevention agencies.
Providing our contracts & services to you: We’ll process your personal information to carry out our responsibilities resulting from any agreements you’ve entered into with us and to provide you with the information, products and services you’ve asked from us, which may include online services.
Complying with applicable laws: We may process your personal information to comply with any legal obligation we’re subject to.
Carry out market research and product development, which can include creating customer demographics and/or profiling.
Continue to send marketing information, via post only, to customers who purchased a product before 25th May 2018 and did not opt-out, until such time as they have reviewed their marketing preferences (which can be done at any time).
Send marketing information, via post only, to customers who have a relevant and appropriate relationship with Legal & General.
Develop and test the effectiveness of marketing activities.
Develop, test and manage our brands, products and services.
Study and also manage how our customers use products and services from us and our business partners, including customer surveys.
Manage risk for us and our customers.
This requires us to carry out an assessment of our interests in using your personal data against the interests you have as a citizen and the rights you have under data protection laws.
Consent: We may provide you with marketing information about our services or products where you’ve provided your consent for us to do so.
You may opt out of marketing at any time by e-mailing or telephoning your customer services team, details of which can also be found using the relevant Contact Us section of our website. You can also manage your marketing preferences on our customer self-service systems, My Account.
Where you have consented, we will contact third parties (e.g. pension providers) to obtain information on your behalf.
Alternatively, we may process special category data for reasons of substantial public interest in accordance with applicable law. We will only process data that is needed for specific purposes.
Criminal Conviction Data: Where you have consented, we will process this type of information solely for the purposes of allowing us to underwrite and administer your products and deal with claims.
Please be aware that the personal information you provide to us, and which we collect about you, is required for us to be able to provide our services to you and without it we may not be able to do so.
We’ll keep your personal information in accordance with our internal retention policies. We’ll determine the length of time we keep it for based on the minimum retention periods required by law or regulation. We’ll only keep your personal information after this period if there’s a legitimate and provable business reason to do so.
For pension products, we may retain your personal information indefinitely using the legitimate interests condition in order to support future enquires from you, your family or financial adviser and our regulators.
For certain research and statistical activities, we may indefinitely retain minimised personal information about you, including medical information, to solely to define our actuarial, underwriting and pricing risk strategies. These activities will not be used to make a decision, or take measures, against you.
We’ll only disclose your information to:
Additionally, we may disclose your personal information to third parties:
Additionally, your information, including special category and criminal conviction data, may be disclosed to our reassurer and to any other insurance company to whom you apply for products or services.
If you’ve been introduced to us by another company (e.g. bank, insurer, building society, your employer or their financial adviser), we may share your information with them to enable them to:
Credit Reference Agencies (mortgage customers)
In order to process your mortgage application, we will supply your personal information to credit reference agencies (CRAs) and they will give us information about you, such as about your financial history. We do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity.
A hard footprint will be left on your credit file, which may affect your credit score when an application has been submitted. This may or may not affect your ability to obtain credit from other providers.
Legal & General will also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates.
The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at:
The personal information Legal & General collects from you may be shared with fraud prevention agencies who will use it to prevent fraud and money laundering and to verify your identity. If false or inaccurate information is provided and fraud is identified details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information. We may also share information about you with other organisations and public bodies, including the police and we may check and/or file your details with fraud prevention agencies and databases.
If fraud is detected, you could be refused certain services, finance or employment. Further details of how your information will be used by us and these fraud prevention agencies can be found by accessing these links:
Legal & General and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:
Checking details on applications for credit and credit related or other facilities.
Managing credit and credit related accounts or facilities.
Checking details on proposals and claims for all types of insurance.
Checking details of job applicants and employees.
Checking sources of income and tax details.
Legal & General and other organisations may access and use from other countries the information recorded by fraud prevention agencies. Please contact our Group Financial Crime department if you wish to receive the relevant details of the fraud prevention agencies:
Address: Group Financial Crime, 7th Floor, Brunel House, 2 Fitzalan Road, Cardiff CF24 0EB
Legal & General may also check the details of other parties related to your contract, including verification of identity. This includes beneficiaries, trustees, settlors, third party premium payers, executors or administrators of your estate, parties with power of attorney and any other beneficial owner.
Under the conditions of your product you must tell us about any insurance-related incidents, whether or not they give rise to a claim. When you tell us about an incident we’ll pass information relating to it to a database.
We may search these databases when you apply for insurance, in the event of any incident or claim or at a time of renewal, to validate your claims history or that of any other person or property likely to be involved in the product or claim.
We’ll only transfer your data to a recipient outside the EEA where we’re permitted to do so by law (for instance, (A) where the transfer is based on standard data protection clauses adopted or approved by the European Commission, (B) where the transfer is to a territory that is deemed adequate by the European Commission, or (C) where the recipient is subject to an approved certification mechanism and the personal information is subject to appropriate safeguards, etc).
You have rights under data protection law that relate to the way we process your personal data. More information on these rights can be found on the Information Commissioner’s website. If you wish to exercise any these rights, please get in touch with your customer services team. Alternatively, you can also use the Contact Us section of our website.
1. The right to access the personal data that we hold about you.
2. The right to make us correct any inaccurate personal data we hold about you. For medical data that we have obtained from a health professional, we may need to seek their opinion before releasing the information to you. This is a legal requirement to ensure that the disclosure of the medical data will not seriously harm you or anyone else.
3. The right to make us erase any personal data we hold about you. This right will only apply where for example:
4. The right to restrict our processing of the personal data we hold about you. This right will only apply where for example:
5. The right to object to our processing of personal data we hold about you (including for the purposes of sending marketing materials to you or using your personal information for profiling purposes).
6. The right to receive personal data, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to make us transfer this personal data to another organisation.
7. The right to withdraw your consent, where we’re relying on it to use your personal data (for example, to provide you with marketing information about our services or products).
8. For automated decisions (including profiling), you have right to:
Contacts and complaints
If you have any concerns about the way we process your personal data, or are not happy with the way we’ve handled a request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is:
First Contact Team
Information Commissioner's Office
Legal & General has appointed a Data Protection Officer to provide independent expert advice and monitor compliance with data protection laws:
Name: Liz Gaspar
Email address: Data.Protection@landg.com
Address: 1 Coleman Street, London, EC2R 5AA