PG Mutual

Privacy Notice

General Information

This notice outlines your rights as a member or customer of Pharmaceutical and General Provident Society Ltd trading as “PG Mutual” and P&G Insurance Services Limited, trading as “PG Mutual Services”These entities are collectively referred to as “We”, “Us” and “Our” in this Notice.

This notice tells Our members and customers what to expect when We process your personal information, which will include collecting, using, retaining and disclosing your personal information.

Personal information is information that (on its own or together with other information) identifies you and is about you. This includes what you tell Us about yourself and what We learn by having you as a member or customer.

PG Mutual is an Income Protection plan provider and PG Mutual Services is a member or member benefits provider, both registered at:

11 Parkway Porters Wood
St Albans
AL3 6PA

Our contact details are either by email using either:

  1. the secure contact facility provided on our website www.pgmutual.co.uk
  2. or send an email to: info@pgmutual.co.uk

Our telephone contact details are 0800 146307, or if dialing from overseas 0044 1727 840095.

We have chosen not to appoint a Data Protection Officer. However, should you have any questions relating to your data rights or our data protection policies, please contact Our Membership Services team using the contact information provided in this Privacy Policy.

We are registered with the Information Commissioner’s Office (ICO).

PG Mutual is an incorporated friendly society under the Friendly Societies Act 1992 and registered on the Mutual Services Register.

PG Mutual is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.

Within this notice We describe instances where PG Mutual is the ‘data controller’ (the organisation who decides what personal information is collected and how it is used).

There may be situations where We process data on the instructions of another organisation (known as acting as a ‘data processor’), but in those circumstances Our use of data would be governed by that organisation.

We maintain rigorous security policies and procedures designed to protect your data against loss, misuse, alteration, unauthorised access and theft. While for security and confidentiality purposes We do not publish details about Our security policies, the Board of Directors of PG Mutual have implemented governance arrangements to ensure regular monitoring of security protocols and their effectiveness.

How The Law Protects You.

Your privacy is protected by law, which says that We can use your personal information only if We have a proper reason to do so. This includes sharing it outside of PG Mutual or PG Mutual Services.

The reasons why We may process your personal information are:

  • To fulfil a contract We have with you;
  • When it is in Our legitimate interest;
  • When it is Our legal duty; or
  • When you consent to it.

If you have given Us your consent to use any of your personal information, you can withdraw your consent at any time. To do so, please contact Us using the details set out at the end of this privacy notice.

A legitimate interest is when We have a business or commercial reason to use your information, but this must not be outweighed by your rights or freedoms.

We will not collect or process personal data for a minor without fully complying with the special rules for consent when dealing with minors.

In the rare cases of a minor looking to apply for Income Protection Plus, the consent of an appropriate guardian will first be necessary.

How Long Do We Keep Your Data For?

We are required to keep records of Our business transactions for specified periods and as long as it is in your interests that We do so. We will generally keep your personal data for no less than for the duration of our business relationship.

Your data will be updated and amended if necessary if you specifically notify Us of any changes to your personal details.

What Information Do We Require?

In order for PG Mutual to provide you with a Quick Quotation for Income Protection Plus, We will require you to provide the following personal information:

  • Your Date of Birth;
  • Your gender;
  • Your smoking status;
  • Your occupation;
  • Your required cover or your monthly budget limit for the insurance; and
  • Any discount code you may be entitled to use.

PG Mutual also requests your name, email or telephone number as PG Mutual may wish to contact you to help you with your enquiry as there a wide variety of quotation options to notify you of, and We may also remind you periodically by email, telephone or text not to forget about your quotation. You are of course welcome to withdraw your consent to us using this information at any time.

Further Information Required

If you decide to proceed with becoming a member of PG Mutual, We will require more information from you. This will include:

  • Your name;
  • Your Date of Birth;
  • Your gender;
  • Your contact information;
  • Your occupation and income information*;
  • Information about your medical circumstances and medical history*;
  • Any relevant current or previous insurance information*;
  • Your required cover choices;
  • Any discount code you may be entitled to use; and
  • Your direct debit details*.

*Such information requires special protection by law – We will always explain what information We require and why it is needed when collecting this information. It will always be processed and stored securely.

PG Mutual requires this information for the purpose of processing and assessing your application for Income Protection Plus membership, and to prepare the policy terms for such membership.

Management of your PG Mutual membership

PG Mutual is a ‘mutual insurer’. This means that if you successfully apply for Income Protection Plus cover from PG Mutual, you will automatically become a member of Our Society as well as becoming a policyholder. PG Mutual will therefore need to use the data you provided when applying for Income Protection Plus cover to administer your policy in accordance with your policy terms, and your membership in accordance with the Rules of PG Mutual.

Rules of PG Mutual.

The most common processing purposes will be:

  • Sending you policy documentation;
  • Acting on any enquiries you may have about your policy or your membership;
  • Processing your membership subscriptions;
  • Managing any claims you make for income benefit;
  • Processing any withdrawals from your capital account;
  • Providing you with annual bonus and annual renewal statements; and
  • Notifying you of any General Membership meetings and providing you with relevant background information for those meetings.

In addition to this, PG Mutual may from time-to-time contact you via telephone or email to ask for your feedback on matters relevant to the Board of Directors duty to govern the organisation in the best interests of Our members. PG Mutual therefore believes it is in the legitimate interests of you, our members for the data We hold about you to be used for this purpose. You will be given appropriate opportunity to opt out of such feedback communications if you wish.

Management of PG Mutual income benefit claims

To process, assess and manage any claim you make for income benefit in accordance with your policy terms We will normally require further information, for example:

More information about your occupation, your duties and your income;

  • Medical information about your condition and your capacity;
  • Information relating to any other protection policies you may have relevant to your claim;
  • Information about the medical attendants and any consultations or investigations relating to your claim;
  • Information about your employment and your employer.

As part of Our claim process, some of your data may be shared with third parties such as credit agencies, investigators or medical consultants for the purpose of protecting PG Mutual against financial crime and to ensure We meet our responsibility to all PG Mutual members to administer claims in accordance with our organisations Rules.

Administration for your nominees

As a member of PG Mutual, you are entitled to nominate at least one person who, in the event you die during your membership, may receive a direct payment from PG Mutual once We are in receipt of the Certificate of Death. We will also use your duly registered nominee(s) for the purpose of processing any Enhanced Loyalty Bonus they may be eligible for under your membership terms.

To register your nominee(s), We will require the following information about them:

  • Their full name;
  • Their Date of Birth;
  • Their address; and
  • Their telephone number.

PG Mutual will then hold this data as it will be necessary for Us to be able to fulfil our legal obligation to the nominee(s) under the Friendly Societies Act 1992. You, our member can later revoke or amend a duly registered nomination if you wish.

Who we share your data with and why

Sometimes We may need to use telephone medical interviews with your consent, and with a medical interview service provider for the purpose of either obtaining medical information relevant to an application for Income Protection Plus or a claim for Income Protection Plus benefit.

We may share your data with various regulatory bodies when it is a legal requirement to do so for the purpose of monitoring and enforcing our compliance and legal requirements. This may include sharing data with regulators, law- enforcement or judicial bodies, and third-party credit and financial crime prevention organisations. We may also share aspects of your information with organisations who provide Us with advice or business services such as auditors, consultants, solicitors and/or insurers (to enable Us to run PG Mutual efficiently).

If you were introduced to PG Mutual by your employer and they are paying any of your premium on your behalf, PG Mutual may share some of your data with that employer to confirm your continued participation in the scheme and verify premium levels.

Introduction discounts from Partner Associations

If you were introduced to PG Mutual through a partner association, We may share some of your data to verify your membership of the partner association to confirm your eligibility for any offers you may have claimed, or to prepare invoices where the partner association pays any premium on your behalf.

Website cookies

PG Mutual does use cookies to help Us to manage and monitor our website service. Please consult the Cookies Policy on

Our website for more information about the cookies We use and how We use them.

Product marketing

If you have provided consent to the Data Controller to receive such communications, you may receive information about other products or services available through Us.

You can withdraw your consent at any time and, if you are a member of the Data Controller, you can alter your communication preferences for marketing materials in your Members Area.

Electronic record storage and data processed outside the European Economic Area (“EEA”)

In accordance with best practice standards, We arrange for Our electronic records to be regularly backed-up for service continuity and disaster recovery purposes. These records are backed-up externally to a specialist data storage third party for security and safety.

Please be aware that your information may be stored on a cloud-based system whose services are located within the European Economic Area (EEA). There may be occasions where your data is transmited outside of the EEA, but whenever We transfer your personal data out of the EEA, We ensure a similar degree of protection is afforded to it by ensuring at least one or more of the following is implemented:

  • The country receiving personal data is deemed to provide an adequate level of protection for personal data by the European Commission
  • Specific contracts approved by the European Commission are in place which give personal data the same protection it has in the EU.

Your Data Rights

Under the General Data Protection Regulation, you have various rights regarding the use of your personal data which are as follows:

  • The right to be informed – of any and all maters pertaining to your data.
  • The right of access – to any or all of your data at all times.
  • The right of rectification – of any mistakes or inaccuracies.
  • The right to erasure – of data We hold on you. Please note that this right is not absolute. If you wish for details of when the right to erasure does not apply, please contact our Membership Services Team.
  • The right to restrict the processing of your personal data – if for example you have contested its’ accuracy and while this is being verified by Us.
  • The right to data portability – to have your data transferred to another firm.
  • The right to object – to any aspect of how We use or handle your data.

Our Lawful Basis for Processing your Personal Data

  • Where processing your data is required to prepare, administer, and manage your contractual relationships – product and membership – with (“Contract Purposes”)
  • Where processing your data is required to comply with a legal or regulatory obligation (“Legal Purposes”)
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (“Legitimate Interests Purposes”)

We rarely rely on consent as a legal basis for processing personal data other than in relation to, for example, sending direct marketing communications to you before you have agreed to become a client of PG Mutual (where you have opted-in by way of requesting a quote).

Purpose

Contract Purpose:

  • To operate Our relationship with you including taking steps, at your request, prior to agreeing Our relationship with you
  • To update Our records when you notify Us of any changes
  • To communicate with you in the running of Our relationship with you

Legal Purposes:

  • To provide personal data to others where it is necessary in the running of Our relationship with you and for legal and regulatory purposes and related disclosures (which may mean passing your personal data to other specific third-party companies involved in the servicing of your relationship with Us)
  • When you contact Us regarding exercising your rights under data protection laws
  • We may keep your personal data later Our relationship has ended in accordance with applicable laws and regulatory requirements.
  • For prevention, detection, investigation and reporting of crime, which may include providing your personal data to fraud prevention agencies
  • For information security purposes
  • To contact you about Our relationship with you as a member of PG Mutual
  • To comply with orders of the courts of competent jurisdictions, and for the establishment and defense of legal rights.

LegitimateInterestsPurposes:

  • To ensure good and proper governance, administration, auditing, management of Our business and Our relationship with you
  • To conduct market research, analysis and to compile statistics to improve our services.
  • To conduct marketing communications, subject to applicable laws

Consent Purposes:

We take your consent before you become a client of PG Mutual when you request a quotation from Us through

our quote system. Also for example:

  • For certain direct marketing communications
  • For market research purposes

Explicit Consent:

To collect certain personal, sensitive information such as medical details.

Your data rights, charges and response time

You are not required to pay any charge for exercising your data rights, and We will have one month to respond to your request.

Please note that there are some exceptions allowed by law but Our general policy is not to take advantage of these exceptions unless it considers it necessary to do so.

Complaints or Queries

We aim for the highest standards when collecting, processing, safeguarding and using personal information. If you wish to raise a complaint about how We have handled your personal data, including in relation to any of the rights mentioned above, you can contact our Membership Services team using the contact information provided in this Privacy Policy.

If you are not satisfied with our response, or believe We are processing your data unfairly or unlawfully, you can complain to the Information Commissioner’s Office (ICO). You can find further information about the ICO and their complaints procedure at the following link htps://ico.org.uk/concerns.

Changes to this Policy

We regularly review this Privacy Policy and the last modified date is highlighted below. Any changes to Our Privacy Policy will supersede the previous version of Our Policy and We will take reasonable steps to draw your attention to any changes. We suggest that you regularly read this document to ensure that it continues to meet with your approval.

Download PG Mutual’s Privacy Notice.