Privacy Policy

Our Privacy Policy

Please read our Privacy Policy below.

We take the protection of your personal data and information very seriously. The information below will explain what information we collect from you, what we do with that information, how we keep it secure and the circumstances in which we provide it to our partners and third parties.

By using our website, you are granting us permission to use the data you provide us in the ways set out below.

Data Protection Notice

Business Cover Expert is a trading name of SB Rock LTD, a limited company registered in England and Wales (Registration Number 10185744).

Business Cover Expert is the data controller responsible for your personal data (referred to as "we", "us" or "our" in the privacy policy). If we ask you to provide specific and identifiable information whilst using this website, it will only be used in accordance with this privacy statement. We are committed to ensuring that your privacy is protected. We take appropriate measures to ensure that any data collected or held in accordance with this policy is handled and stored securely. We have an appointed Data Protection Officer (DPO) who is ultimately responsible for ensuring your data is handled in accordance with this policy and the law. Our Data Protection Officer can be contacted via email - We may change this policy from time to time by updating this page and where appropriate, we will notify you via email. You should check this page from time to time to ensure that you are happy with any changes. This policy was last updated on 21st May 2018.

What Service We Provide

By using our website, it will enable you to find and request quotes about the products and services shown on our website. By making an enquiry our service is there to introduce you to a suitable provider of the insurance product you are interested in.

Once your details have been passed to a suitable provider that may contact you via email, telephone or text about the product or service you are interested in. You are under no obligation to purchase the product from the provider. We also recommend that you review the terms and conditions and privacy policy of the suitable provider.

What Data We Collect

We collect various types of data in order to provide the services we offer. This includes the following data types:

  • Identity Data - This may include: Full Name, Title, Marital Status, Date of Birth and Gender
  • Contact Data - This may include: Telephone & Mobile Phone Numbers, Fax Number, Email Address and Address
  • Business - This may include: Cover, Insurance and/or Protection Needs, Business Size, Industry and Services Offered, Business Performance, Business Structure, Partners and Employee Information and Business History.
  • Website Behaviour Data - This may include: Pages Visited, Page Visit Duration, Links Clicked, Form Fields Completed
  • Technical Data - This may include: IP Addresses, Device Information
  • Profile Data - This may include: User Behaviour Patterns and Demographics used to build Lookalike/Similar Audiences

Some of the information we collect above may come from another member of your family or representative you have requested to do so on your behalf. We do not collect any information on anyone under the age of 18.

We will only ever request information that is relevant for the product that you are enquiring about. This may change and If it does we will be clear as to why we are requesting it.

We will also collect data about your visit on our website, the pages you view and how you interact on our site.

Special Category Data

In order to provide our service it is necessary to collect sensitive information (such as health or lifestyle information) which is called special category data. We will also need to share this data with our insurance partners to enable them to generate quotes for you. To gather this information, we will always obtain your consent at the time you provide it to us. Sensitive personal information will always be processed and stored securely. You can withdraw your consent however, this may mean that you can no longer access the service or product the information was gathered for. To withdraw your consent for us to process your special category data please email, call 0800 802 1793 or use our contact us form

How We Collect Your Data

We collect data in a number of different ways;

  1. Direct Communications - this may include phone calls, emails or post.
  2. Automated Communications - this may include our website, forms or landing pages. We may automatically collect some technical data whilst you use our services.
  3. Third Party Communications - this may include third party forms, publicly available sources of information (such as Companies House, Linkedin etc), analytics and feedback services (such as Google Adwords, Bing etc) and advertising platforms (such as Google Adsense).

On What Basis Do We Collect Data

The processing of your personal data is allowed under a number of lawful basis. The data required for the provision of products and services is processed on the basis there is a contract with you to do so. Any relevant marketing activity we undertake is done because as a firm we have a legitimate interest to do so however you have rights, as listed below, which impact how we can use and process your data.

How We Use Your data

We use the information you give in the following ways:

Purpose / Activity Type Of Data Lawful Basis For Processing
  1. To introduce you to FCA regulated advisers who can provide protection products and offer quotations.
  2. Confirming and verifying your identity for security purposes.
  1. Identity
  2. Contact
  3. Health
  4. Business
  1. Performance of a contract with you.

To process and deliver on services:

  1. Protecting and preventing fraud crime and malpractice
  2. Internal record keeping and auditing purposes
  3. Enhancing the security of our network and information systems
  1. Identity
  2. Contact
  3. Health
  4. Business
  1. Performance of a contract with you.

Managing our relationship with you which includes:

  1. Notifying you of changes to our terms or privacy policy
  2. Ask you to review our services or take a survey
  3. To follow up and check you are happy with the product/services in place.
  4. Providing communications which we think will be of interest to you
  1. Identity
  2. Contact
  3. Business
  1. Necessary for our legitimate interests to perform our business services

To deliver relevant website content and advertisements to measure the impact of and improve our services and effectiveness of advertising

  1. Website Behaviour
  2. Technical
  3. Profile
  1. Necessary for our legitimate interests to perform and improve our business services

To make recommendations on other products and offers

  1. Identity
  2. Contact
  3. Health
  4. Business
  1. Necessary for our legitimate interests to perform and improve our business services

You have the right to object to this processing if you wish, please see "Your Rights" section below. Please bear in mind that if you object this may affect our ability to carry out the tasks above for your benefit. We may also process your personal data as part of an acquisition or sale. Should this happen, you will notified about any change to processing or data controller arising as a result of this activity.

Who we share your information with and why

We share your information with trusted third parties who perform tasks for us and help us to provide the services you require these include:

  • Third Parties such as brokers with FCA Authorised Consultant who can provide protection products and offer quotations.
  • Marketing service providers who assist with direct marketing communications, advertising and marketing or website analytical services
  • Old Mutual Wealth companies to enhance the services and products we can offer you;
  • Third parties to verify your identity, in line with money laundering or other requirements (this may involve carrying out checks with credit reference databases);
  • Third parties who perform tasks for us to help us set up or service your plan (these third parties may be based in countries outside the European Economic Area (EEA) but where they are, we will undertake an assessment of safeguards in place);
  • Other organizations, including regulatory bodies, the police and fraud prevention agencies, to prevent and detect fraud;
  • Third parties where required by law, court order or regulation; and
  • Third parties as part of an acquisition or sale.

We use Hotjar in order to better understand our users’ needs and to optimise this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices (in particular device's IP address (captured and stored only in anonymised form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymised user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link.

You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.

We ensure that all the service providers that we partner with will have a legal contract in place. This is to ensure that they treat your personal data in a confidential manner as you would expect and only use your data for the purpose of providing you quotes as you requested.

How We Secure and Store Your Data

We are committed to ensuring that your information is safe and have put in place suitable procedures to safeguard and secure the information we collect. As we process personal data and sensitive data, we have taken adequate measures to ensure the safeguarding of your data as much as possible. We use SSL/TLS encrypted connections when you use our website(s) to enter your information (your web browser will usually show these as secure in the URL bar). We recommend you use an adequate firewall and antivirus software where necessary. If your browser gives you a warning that the connection is unsecure, contact us either by phone or email ( However, no data transmission over the internet can be guaranteed as wholly secure and whilst we will do everything in our power to protect your information we cannot guarantee the security. Your data is encrypted on our server whilst being processed, then sent over an encrypted connection and stored securely on an encrypted platform.

We use third-party web application to identify unusual traffic to our website. This is in order for us to identify that the traffic to our website is behaving as we would be expecting it. The service will pass and store the IP address to advertising services such as Google Adwords and Bing Adwords to prevent our adverts being shown to these particular IP addresses in the future. We may also store IP addresses to stop unwanted traffic to our site if we become aware that traffic to our site is not being used in a way that we would expect.


We would like to contact you via email or text with regards to similar products or services that we think may be suitable for you. If you have requested a quote from us, then we will send such recommendations under the Privacy and Electronic Communication (EC Directive Regulations 2003 (PECR). We will send the communication on the basis of the existing customer exemption (soft opt-in). You are given the opportunity to opt out of marketing communication before becoming a customer, however should you want to opt out you can unsubscribe here Alternatively, you will are also given the opportunity to unsubscribe in every communication that we send to you and if you have opted out we will never send you such messages in the future.

Data Retention

We keep your personal information only as long as is necessary for the purpose for which it was collected and to meet regulatory or legislative requirements.

Personal information will be securely disposed of when it is no longer required, in accordance with our Data Retention and Disposal Schedule. The information that we collect may be stored outside of the European Economic Area (EEA) by third parties (such as Google Analytics), but where they are, we will undertake an assessment of safeguards in place). If we work with third parties in countries outside the EU we ensure these are countries that the European Commission has confirmed have an adequate level of protection for personal information, or the organisation receiving the personal data has provided adequate safeguards. In limited circumstances data may be accessed outside of the EEA ie by employees when they travel. In these circumstances we ensure there are appropriate information security measures in place to safeguard your information.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, we cannot be held responsible for the protection or privacy of any information submit on such websites. Any 3rd party websites are not governed by this privacy policy.

Your Rights

As set out under the General Data Protection Regulations, you have rights under certain circumstances with regards to your data. This includes the rights to:

  1. the purposes of the processing;
  2. The right to be informed - You can request that we provide 'fair processing information', typically through this privacy notice;
  3. The right of access - You may request a copy of the personal information we hold about you using the contact details found on the end of this policy;
  4. The right to rectification - The accuracy of your personal information is important to us. You have the right to ask us to update or correct your personal information;
  5. The right to erasure - You may request the deletion or removal of personal data where there is no compelling reason for its continued processing;
  6. The right to object - You may object to the processing of your data based on legitimate interests;
  7. The right to restrict processing - You have a right to request we 'block' or suppress processing of your personal data;
  8. The right to data portability - You may request to obtain and reuse your data; and
  9. The right not to be subject to automated decision-making including profiling.

To find out more information regarding these rights you can visit the ICO's website and read about Individual Rights:
Should you wish to exercise any of the rights above, please contact us via email (, telephone or post.

In accordance with the law, you will not have to pay a fee to access your personal data or exercise any of the other rights (however, we reserve the right to charge reasonable fee for this if requests are excessive or repetitive).

In order to access your personal data, we may require some specific information to help us confirm your identity and ensure your rights to access such data. This is to ensure your data is not disclosed to a third party who has no rights to receive your data. We will try to response to all information requests within 30 days, however, if you have made multiple requests or particularly complex requests, it may take longer and we will inform you of this and keep you updated.

If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at or by visiting

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible. We will promptly correct any information found to be incorrect.

Use of cookies

We will collect information about your computer including your IP address, operating system and browser type using cookies.

The use of these cookies will help us improve the functionality of this website and provide you will a better experience. Most browsers accept cookies automatically but settings in your browser can be amended to prevent this from happening. If you do adjust your setting to not allow our website cookies, please note that certain features on our website may not function.