1. What are the most important things to know?

This privacy policy outlines how we utilise  the information we process about you and your rights in relation to this data. How we use your information will be different depending on why you have provided your information to us.

Please read this policy - along with any other notice we provide when we’re collecting or processing personal information about you - to make sure you understand how and why we’re using it. It applies to any information you give us when you visit our website, use our services or contact us in any other way, and any information we collect about you from third parties,

Whenever we say ‘you’ and ‘your’, we mean whoever’s using our service.

Whenever we say ‘we’, ‘our’, ‘us’ or ‘Blueberry Life’, we mean Blueberry Life Ltd (trading as Blueberry Life, a company registered in England & Wales with company registration number 11468537).

Our registered address is One Canada Square, London E14 5AA, UK. Blueberry Life Ltd is an appointed representative of Gateway Platform Services Limited for Insurance Distribution activities. Gateway Platform Services Limited is authorised and regulated by the Financial Conduct Authority (No. 790558). FCA ref: 982132

For the purpose of the General Data Protection Regulation (GDPR) 2018, the registered data controller is Blueberry Life Ltd which means we decide how and why we use your personal information within our business.

Our Information Commissioner's Office (ICO) registration number is ZB046691.

If you have any questions or want to exercise your legal rights, please get in touch by:

2. We may amend/change this policy from time to time

When we update our policy, we'll publish the changes on our website. We will inform you of these changes where appropriate. The date at the top of this page tells you when we last changed it, and if you want to see older versions, please just get in touch.

3. Where do we get your data from?

Here are some of the ways we collect information from and about you:

Directly from you:

When you engage our services, provide feedback or request marketing materials, you may provide us with your personal information over the phone, through emails, or through online forms.

Technology Automations:

When you use our website, we may collect information about your personal technology equipment, including your browser type, your operating system, your device type and your IP address. Your interactions and engagement with our website may be recorded. We collect this information for site optimisation and product and service improvements as well as fraud detection and prevention. This will be collated after you accept our cookies – please see our cookie policy for more about that.

Third parties or publicly available sources:

We will sometimes use third parties to process personal information on our behalf. Sources may include:

  • Any other websites we have or services we provide
  • Third parties we work with to provide our services, such as technical support companies and medical testing providers
  • Social media or other media channels you’ve publicly shared on

They will be held to a set of requirements and protocols to protect your data and will only be able to use it as we have authorised.

From other companies:

To provide you with a price; manage your life insurance; or handle any claims we may exchange your information with other companies to:

  • Undertake checks against publicly available information such as the electoral register, County Court Judgments, bankruptcy, sanctions lists, or repossession information
  • Carry out searches against data held by Credit Reference Agencies
  • We may use information about you provided to us by other parties, such as insurance companies or fraud prevention agencies

Third parties may share your data with us where you’ve consented to receive communication from us. We may also use data where we have a legitimate interest to do so.

4. What types of personal information do we collect?

Depending on your relationship with Blueberry Life, we may collect, use, store and transfer different kinds of personal information about you if you ask about or buy the products and services we offer, and if you subscribe to our waitlist, newsletter and/or emails. For example:

Identity Data:

Your first name, last name, date of birth, gender, residency status.

Contact Data:

Your current home address, delivery address, email address, and phone number.

Transaction Data:

Payment information (securely collected and processed by our bank or payment provider), payment transactions made to us for your policy, and details of products and services you've bought or engaged us about.

Technical Data:

Your IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating systems and platforms and other technology on devices you use to access our website.

Profile Data:

Your product and service choices, hobbies & interests, preferences, details about your lifestyle, feedback and responses, all of which we may analyse to help us improve our services, marketing, customer relationships and experiences.

Usage Data:

Your interactions with our website, products, and services.

Marketing & Communication Data:

Your preferences for receiving marketing from us and third parties.

Special Category Data:

Health information including medical conditions, medical test results, and your doctor/hospital details. See below for more detail on collecting your health information.

5. Why do we collect health information?

We collect information regarding your health and lifestyle and obtain medical test result information about you so we can better understand your risk profile in order to personalise the life insurance cover we provide to you. We’ll only use it to deliver our services as part of our contract or as validation of your application responses.

Any information obtained that is not required to perform these tasks will only be stored and utilised to provide you with an overview of your health once you take out the policy.

We don’t collect any other special categories of personal information about you. Nor do we collect any information about criminal convictions and offences.

6. Use of Aggregated Information

Statistics and demographic information may be collected, used, and shared in a variety of ways. The information doesn't identify you in any way, so it isn't considered personal information. So, for example, we may put your usage data together with other people’s to calculate how many people are engaging with our website calculators.

Should we ever use your information in combination with other data in a way which allows you to still be identifiable, we’ll treat the aggregated data set as personal information and use it in line with this policy.

7. We rely on you providing us your personal information

It is your choice as to whether to provide us with your personal information. We will only request this information when a product or service you’ve asked for depends on it.

Unfortunately, if you do not provide us with this information, we may not be able to provide you with a product or service and, in some cases, we may need to cancel the contract you’ve entered into with us.

8. How we use the information

The information we collect about you will be mainly used for the purpose of providing you with life insurance tailored to your risk profile. The other ways in which we will use your information are detailed below.

We will use your information to:

  • Provide you with a personalised life insurance price and assess your eligibility for our product
  • Setup, operate and manage your Blueberry Life policy
  • Take payments for your Blueberry Life insurance policy
  • Notify you of any payment status updates or changes to your policy
  • Understand a bit more about you so that we can create better products for other customers in the future

We may also use your information to:

  • contact your Doctor to make sure that the answers you provided correctly reflect your medical history

Otherwise, we’ll only use your information where we have a legitimate interest to do so.

9. The ways we use your information

We must always have a lawful basis for processing your information and for sensitive information this applies twofold.

Below is a summary of how we plan to use your personal information, and which legal basis we rely on. We may process your information on more than one lawful ground depending on why we’re using it.

Onboarding you as a new customer and providing you with a life insurance policy

  • Identity Data
  • Contact Data
  • Special Category Data

Lawful Basis for Processing:

Identity/Contact Data:

  • Entering into and the performance of a contract
  • Legitimate interest: to correctly understand and price risk

Special Category Data:

  • Substantial public interest - insurance

Administering and managing your insurance policy

  • Identity Data
  • Contact Data
  • Marketing & Communication Data
  • Special Category Data

Lawful Basis for Processing:

Identity/Contact Data/Marketing & Communication Data:

  • Entering into and the performance of a contract
  • Legitimate interest: to correctly understand and price risk

Special Category Data:

  • Establish, exercise or defend our legal rights
  • Substantial public interest - insurance

To let you know about changes to our terms or privacy policy and to ask you to leave a review or take a customer satisfaction survey

  • Identity Data
  • Contact Data
  • Profile Data
  • Marketing & Communication Data

Lawful Basis for Processing:

  • Legitimate interest: to comply with legal obligations
  • Legitimate interest: to maintain up-to-date records
  • Legitimate interest: to better understand how customers utilise our products and services

Managing our business and website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting)

  • Identity Data
  • Contact Data
  • Technical Data
  • Usage Data
  • Special Category Data

Lawful Basis for Processing:

Identity/Contact Data/Technical Data/Usage Data:

  • Legitimate interest: to comply with legal obligations
  • Legitimate interest: to monitor our business performance and maintain appropriate company records
  • Legitimate interest: to develop, manage and improve our products and services
  • Legitimate interest: to develop and refine our pricing models and ensure we are pricing our products accurately
  • Legitimate interest: to prevent fraud and money laundering
  • Consent through cookie policy

Special Category Data:

  • Substantial public interest - insurance

Providing you with relevant website content and ads as well as determining whether the advertisements are effective

  • Identity Data
  • Contact Data
  • Profile Data
  • Technical Data
  • Usage Data
  • Marketing & Communication Data

Lawful Basis for Processing:

  • Legitimate interest: to better understand how customers utilise our products and services
  • Legitimate interest: to develop, manage and improve our products and services
  • Legitimate interest: to grow the business
  • Legitimate interest: to inform and improve our marketing strategy and communication with existing and potential customers
  • Consent through cookie policy

Conduct user research on our product, website, and customer journey flow

  • Identity Data
  • Contact Data
  • Usage Data
  • Marketing & Communication Data

Lawful Basis for Processing:

Analysing data to improve the website, products, marketing, customer experience, and customer relations

  • Technical Data

Lawful Basis for Processing:

  • Legitimate interest: to keep the website up-to-date and relevant to the target audience
  • Legitimate interest: to inform future product innovation, maintenance, & development
  • Legitimate interest: to inform and improve our marketing strategy and communication with existing and potential customers

To suggest and recommend products and services you may be interested in

  • Identity Data
  • Contact Data
  • Profile Data
  • Usage Data
  • Technical Data

Lawful Basis for Processing:

  • Consent through cookie policy
  • Legitimate interest: to inform future product innovation, maintenance & development
  • Legitimate interest: to grow the business

Your personal information will only be used as indicated above, unless we believe it needs to be used for another reason that is still compatible with the original intent. We'll let you know if we need it for an unrelated purpose, and explain the legal basis for doing so.

If required by law, we may process your personal information without your knowledge or consent, but we will still abide by these rules.

10. Amending your marketing preferences

If you have asked us for information or bought something from us and haven't opted out, you may receive marketing communications from us.

Your identity, contact, technical, usage, and profile data are used to determine which products, services, and offers might interest you.

Whenever you wish to opt-out of receiving email marketing from us, you can do so by clicking on the unsubscribe button or the link at the bottom of any marketing email we send. Alternatively you can email us at enquiries@blueberrylife.com.

11. Controlling your cookie preferences in your browser settings

A cookie is a small file of letters and numbers that’s downloaded by a website onto your device when you visit.  It helps us to provide a better website and service and enables our site to function more efficiently by allowing us to differentiate you from other users. Upon visiting our website, we will ask you whether you are accepting or rejecting them.

Most web browsers allow some control of most cookies through the browser settings and if you want to refuse them altogether, you can do this through the browser settings as well. For more about this, please see our cookie policy.

12. Who we might need to share your personal information with

In order to provide you with our services, we share the information you provide with our staff.

Our insurance partners, their administrators, and their reinsurance partners will have access to your data so that they can:

  • Assist in setting up and managing your life insurance policy
  • Check your medical records and disclosed information
  • Provide First Notice of Loss services and assess and pay claims

Additionally, we may need to disclose your information to any one of the following:

  • Third-party service providers we engage to deliver our services. Among these are our medical testing provider, medical report service providers, payment providers, insurance brokers, analytics companies, authorised tech partners, companies that host our dialer system, or those that store your personal information electronically
  • HMRC, regulators (Financial Conduct Authority, Office of Communication, Information Commissioner’s Office), and other authorities based in the UK who need us to report processing activities in certain circumstances
  • Accountants, solicitors, compliance consultants, professional advisors, and similar services based in the UK who need us to report processing activities in certain legal and compliance circumstances
  • Third parties’ we may choose to sell, transfer or merge parts of our business or assets to. Or, that we may look to buy or merge with. If anything like this happens, your personal information will be used in the same way as set out in this policy

Get in touch if you have any concerns about how your personal information will be used.

Other third parties may also receive your information under certain exceptional circumstances. For example, where we believe the disclosure is:

  • Required by law, or to comply with judicial proceedings, court orders or legal or regulatory proceedings
  • Necessary to protect the safety of our employees, our property or the public
  • Necessary to prevent or detect crime, including exchanging information with other companies or organisations to prevent fraud and reduce credit risk

There is a possibility that the data we collect from you may be transferred to and stored somewhere outside of the European Economic Area (“EEA ”). A staff member of ours or a supplier working outside the EEA may be responsible for processing it.

The protection of data outside the EU/EEA may be provided through standard clauses verified by the European Commission and other data security safeguards, or via an adequacy decision guaranteeing an equivalent degree of data protection..

The recipients of your information are required to adhere to all applicable data protection laws, rules, and standards. Each of them signs a contract with us that guarantees the confidentiality, security and proper handling of your information.

Please get in touch with us at enquiries@blueberrylife.com if you want a complete list of where your data is transmitted.

13. Although we safeguard your information, you provide it at your own risk

We've put in place robust protocols and procedures to protect the information we gather online and we continually evaluate them.

By using our website, we make every effort to ensure that the information you provide to us is transmitted securely (always look for the padlock icon and "https" in the URL bar). However, we unfortunately are unable to provide any guarantees regarding the security of information transmitted over the internet which inherently isn’t completely secure; any transmission is therefore done at your own risk. However, once we have your information, we'll follow stringent protocols and implement security measures to try to block unauthorised access.

All the information you give us is stored on secure servers with Amazon Web Services in the UK.

14. How long do we hold onto your personal information

We'll only retain your personal information as long as we require it, after which we will delete it. Unless there is a requirement for us to keep your data for longer, such as if there are any ongoing queries or claims pertaining to your policy, you can generally expect us to preserve your data for a period of 7 years after the cover end date or after the settlement/payment of the claim - whichever is the latter.

If you get a personalised price and decide not to buy life insurance, we won't hold your information for more than 5 years.

We preserve data for this length of time since it's crucial to our ability to carry out fraud detection and prevention operations. This enables us to address any price-related inquiries or concerns and, when appropriate, to conduct research and analysis to help us enhance our products and services (as detailed in the section titled "The ways we use your information").

We will keep emails, chatbot transcripts, and other electronic communications for up to 7 years in accordance with the aforementioned policy, subject to available storage capacity.

Please let us know if you'd like your personal information deleted sooner. We will try our best to abide by your request, but there may be times when we must store data due to regulatory or legal requirements.

15. Your rights under UK GDPR

Under data protection law, you have rights which allow you to remain in control of your data. We want to ensure you understand these rights and how you can exercise them. Your rights are based on the purpose for which we are processing your information.

Your right of access

You have the right to inquire about whether we have any of your personal information on file with us. If we do, you are entitled to a copy of it and notification of the following:

  • Why we've used it
  • Which categories of data we’ve been using
  • Who it has been shared with and how long we intend to keep it

Before giving you a copy, we must confirm your identity. The first copy you request will be free of charge, but if you require additional copies, we may impose an administrative fee to help defray our expenses.

Your right to rectification

You have the right to request that we correct any information you believe to be incorrect. Additionally, you have the right to request that we complete any information you feel is incomplete - although depending on what we’re processing it for, you may be requested to provide additional information.

Your right to erasure

You have the right to ask us to erase your personal information in certain circumstances (this is also known as “your right to be forgotten”). These circumstances include:

  • You revoke your permission for us to use it (and we have no other legal reason to keep using it)
  • You object to our utilising it, and there is no compelling reason for us to continue doing so
  • We've used it unlawfully
  • A legal need to remove it applies to us

Please get in touch with us if you think one of these circumstances applies to you.

Your right to restriction of processing

You have the right to request that we limit or suppress the use of your personal information in certain situations. Restricting processing means we can store your personal information, but we can't use it. You have this right when:

  • You have stated that the data we have on you is inaccurate, but we have not yet been able to confirm this
  • We are considering your objection to us utilising it for our own legitimate interests
  • Although we've used it in an unlawful way, you don't want us to delete it
  • Although we no longer require it, you need it in order to make a legal claim

Your right to data portability

You are allowed to request a copy of your personal data for your own use. This makes it simpler to move, duplicate, or transfer the data securely and safely from one IT environment to another without compromising its usability.

Your right to object

We may use your personal information from time to time to further objectives that benefit you, us, or other businesses we collaborate with. This comprises:

  • When we inform you of products or services that are comparable to those you currently have
  • When we utilise your information to enhance our operations
  • When we get in touch with you to interact, talk, or inform you of changes we're making

You have the right to object if you feel that the way we are using your personal information is improper given how it may affect you or your rights. Unless we have a strong reason to continue, we must stop utilising it for these purposes.

If we are relying on consent or explicit consent as our lawful basis, you can withdraw your consent for processing at any time.

You can object to us using your information for marketing. In order to stop receiving future direct marketing, you can object to it at any time and ask to be added to a marketing suppression list by emailing us. This can also be accomplished by clicking the “unsubscribe” at the bottom of any marketing email.

Your right to be informed

You have the right to be informed regarding the gathering and use of your personal data. Your right to be informed forms part of this policy, which describes why we process your information, how long we keep it, and who we share it with.

Your rights when it comes to automated decision-making and profiling

Any automated decision-making or profiling we do is solely for the purpose of tailoring the information we give you.

You can request that an automated decision is reviewed by a human when it has legal or similar effect.

If you have any concerns or questions about this right, please contact us.

Please be aware that your rights regarding your personal data depend on the legal basis being used. The rights listed above may not be all-encompassing and only be applicable in particular situations. In some cases, we will be unable to comply with your request as a result of our own legal or regulatory requirements but we will always respond to your request and if we cannot comply, we will explain why.

There are no fees associated with exercising your rights and we will reply to you within a month. Send an email to enquiries@blueberrylife.com if you wish to exercise any of these rights.

16. You can complain to the supervisory authority

You have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk), at any time. You can file a complaint with the Information Commissioner's Office here. We'd really appreciate it, though, if you would contact us first to discuss your concerns before contacting them.

If you need to make a complaint, in the first instance, you should contact us in either of the following ways:

Where a complaint arises we will, wherever possible, endeavour to resolve the matter within 2 business days.

If you would like to know more about your rights, you can find out more information on the ICO’s website.