Professional Privacy Policy

Professional Business Privacy Notice 2025

Last updated: November 2025

Protecting your personal information is extremely important to The Idol. It’s especially important for a business like ours, as our customers and professional business clients trust us to look after a huge amount of sensitive information on everything from their business affairs to their medical history.

The way we collect and share your information is equally important. Our professional business clients expect us to manage their information privately and securely. If we don’t, they’ll lose trust in us.

This notice tells you how we collect and process your personal business information. Please take a few minutes to read it and show it to anyone else connected to the business relationship.

WHO ARE WE?

Investment Discounts On Line Limited is part of the Legal & General Group and is the registered data controller of your personal data for the purposes of the Data Protection Act. Trading names of Investment Discounts On Line Limited also known as theidol.com include comparecover.com, protectmypeople.com and annuityready.com.

What does this notice cover?

This privacy notice applies to individuals acting on behalf of corporate clients, suppliers, partners, affiliates, intermediaries, and other professional contacts who engage with us in a business capacity.
It does not apply to retail customers or employees. Separate privacy notices are available for those groups and can be accessed via our website.

What is personal information?

When we talk about personal information, we mean information about an individual that can identify them, like their name, address, e-mail address, telephone number and financial details. It can relate to customers, employees, shareholders, business contact and suppliers. Any reference to “information” or “data” in this notice is a reference to personal information about a living individual.

What information do we hold?

We may collect and process the following personal information about you. In most cases this will be limited to business information that relates to you, how these have an impact on our products and services that may be of interest to you and how we manage our relationship.

Type of data	Description	Examples of how we use it
Contact	Who you are Where you live Where you work How to contact you	Managing and servicing our business relationship Business to business marketing Analysis Enhancing our product and service offering
Personal Details	Age Gender Visual images & personal appearance Financial details Employment details	Managing and servicing our business relationship Business to business marketing Analysis Financial Crime prevention
Transactional	How you may use our products and services Commission payments / reconciliations	Managing and servicing our business relationship Making sure our products and services are fit for purpose Analysis Enhancing our product and service offering
Contractual	Your creditworthiness (if applicable)	Managing and servicing our business relationship
Preferences	Ways you want us to market to you	Business to business marketing Enhancing our product and service offering
Technical	Details on the technology you use	Analysis Making sure our products and services are fit for purpose
Open data & public records	Other information about you that is openly available on the internet (such as Companies House)	Managing and servicing our business relationship Business to business marketing
Documentary data & national identifiers	Company details Details about you that you provide	Managing and servicing our business relationship Compliance with statutory regulations and to prevent financial crime Identification and verification
Background checks	Criminal conviction information Credit reports References	Managing and servicing our business relationship Compliance with statutory regulations and to prevent financial crime

Where do we get our information from?

Information you give us directly (when you fill in forms, contact us by phone or e-mail or request information regarding our propositions and services etc). We may record phone calls for our mutual protection, to meet our regulatory and contractual obligations and to improve our service standards.
Information we collect about you or receive from other sources. This could be information you provide to us electronically (through our website or an online portal, for example), information we get from a third party or from publicly available sources such as regulatory bodies (e.g. FCA, Companies House etc). For more information on how we use cookies, please check our cookie policy which can be found on our website.

How do we use your information?

We use personal information that we hold about you:

To carry out our responsibilities resulting from any business or commercial agreements we may be entering into, or you’ve entered into with us and to provide you with the information, products and services that you’ve asked from us.
To provide you with business-to-business marketing information about services and products we offer across Investment Discounts On Line Limited which may be of interest to you.
To tell you about changes to our services and products.
To comply with any applicable legal or regulatory requirements (including to comply with any applicable regulatory reporting or disclosure requirements).
For carrying out statistical analysis to help us improve our processes, products and services and generate new business (e.g. to develop more engaging communications).
To run our business in an efficient and proper way. This includes testing our systems, managing our financial position, business capability, planning, communications, corporate governance and audit.
For any other purpose that we’ve agreed with you from time to time.

Using your information in accordance with data protection laws

Data protection laws require us to meet certain conditions before we’re allowed to use your personal information in the way we describe in this privacy notice We take these responsibilities extremely seriously. To use your personal information, we’ll rely on the following conditions, depending on the activities we’re carrying out:

Providing our contracts & services to you: We’ll process your personal information to carry out our responsibilities resulting from any commercial agreements or contracts you’ve entered into with us and to provide you with the information, products and services you’ve asked from us, which may include online services. This may include negotiations for entering into contract with us.
Complying with applicable laws: We may process your personal information to comply with any legal obligation we’re subject to.
Legitimate interests: To use your personal data for any purpose described in this privacy notice, we’ll rely on a condition known as “legitimate interests”. It’s in our legitimate interests to collect your personal data as it provides us with the information that we need to provide our services to you more effectively. We may use your information to:

Carry out market research and product development.
We may provide you with business-to-business marketing information about our services or products. You may object to this type of marketing at any time by emailing customerservices@theidol.com or by telephoning our customer service team on 0800 915 7885.
Develop, test and manage our brands, products and services.
Study and manage how our professional business clients use products and services from us and our business partners.
Manage risk for us and our retail customers.

This requires us to carry out an assessment of our interests in using your personal data against the interests you have as a citizen and the rights you have under data protection laws.

The outcome of this assessment will determine whether we can use your personal data in the ways described in this privacy notice. We’ll always act reasonably and give full and proper consideration to your interests in carrying out this assessment.

Consent: We may process your personal information for different purposes where you’ve provided your consent to do so.
Special category (sensitive) data: we may process medical and health, racial and ethnic origin, religion and philosophical beliefs, political opinion information you have provided, and any other sensitive information obtained from a third party (fraud prevention agencies). We will only process data that is needed for specific purposes, such as financial crime prevention or to fulfil your needs at an event. Our lawful basis for processing will be either substantial public interest in accordance with applicable law, or by obtaining your explicit consent.
Criminal Conviction Data: We may process this type of information for the purposes of identifying any criminal activity and/or to meet our legal requirements.

Please be aware that the personal information you provide to us and which we collect about you, is required for us to be able to provide our services to you and without it we may not be able to do so.

Data Category	Purpose of Processing	Lawful Basis
Identity & Contact Data	Managing business relationships, service delivery, B2B marketing	Contract, Legitimate Interests
Personal Details	Relationship management, analysis, financial crime prevention	Legitimate Interests, Legal Obligation
Employment Details	Onboarding, due diligence, relationship management	Contract, Legitimate Interests
Transactional Data	Commission reconciliation, service optimisation, product suitability analysis	Contract, Legitimate Interests
Contractual Data	Creditworthiness assessment, contractual obligations	Contract, Legitimate Interests
Preferences	Marketing communications, service improvement	Consent, Legitimate Interests
Technical Data	Analytics, service optimisation	Legitimate Interests
Open Source Data	Due diligence, relationship management, marketing	Legitimate Interests
Documentary & ID Data	Verification, compliance, onboarding	Legal Obligation, Legitimate Interests
Financial & Compliance Data	Payments, fraud prevention, criminal conviction checks	Legal Obligation, Substantial Public Interest / Consent (for sensitive data)

How long do we keep your information for?

We’ll keep your personal information in accordance with our internal retention policies. We’ll determine the length of time we keep it for based on the minimum retention periods required by law or regulation. We’ll only keep your personal information after this period if there’s a legitimate and provable business reason to do so.

Who do we share your personal information with?

We may disclose your information to:

Customers you may currently or previously had a relationship with.
Other companies within The Idol, third-party suppliers, contractors and service providers for the purposes listed under “How do we use your information?” above.
Our regulators, government (e.g. HMRC) and law enforcement or fraud prevention agencies.

Additionally, we may disclose your personal information to third parties:

If we sell or buy any business or assets, in which case we’ll disclose your personal data to the prospective seller or buyer of such business or assets.
If we, or substantially all our assets, are acquired by a third party, in which case personal data held by us about our professional business clients will be one of the transferred assets.
In order to enforce or apply the terms of any contract we have with you.
If we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or regulatory requirements, or otherwise for the prevention or detection of fraud or crime.
To protect you and Investment Discounts On Line Limited from financial crime, we may be required to verify the identity of new and sometimes existing professional business clients. This may be achieved by using reference agencies to search sources of information relating to you (an identity search). This will not affect your credit rating. If this fails, the business may need to approach you to obtain documentary evidence of identity.
In accordance with business agreements, we may perform credit checks on certain types of professional business clients.

Fraud prevention

The business may need to check your details with fraud prevention agencies (e.g. we have to screen at firm and director level of anyone we make payments to or receive payments from). If false or inaccurate information is provided and fraud is identified details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information. We may also share information about you with other organisations and public bodies, including police and we may check and/or file your details with fraud prevention agencies and databases.

If fraud is detected, you could be refused certain services. Further details of how your information will be used by us and these fraud prevention agencies can be found by accessing these links:

CIFAS – cifas.org.uk/fpn

The Idol and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

Managing credit and credit related accounts or facilities.
Recovering debt.
Checking details on proposals.
Checking details of professional business clients.

Investment Discounts On Line Limited and other organisations may access and use from other countries the information recorded by fraud prevention agencies. Please contact our Customer Service department if you wish to receive the relevant details of the fraud prevention agencies:

Address: theidol.com, Eden Business Park, Penrith, Cumbria, CA11 9FB.

Transferring your data outside the UK

The personal data we collect may be routinely transferred to and stored by third-party service providers and group entities located outside the UK. This includes cloud hosting providers, IT support services, and group operations that help us deliver and manage our services.

We will only transfer your data internationally where permitted by law. This includes:

Transfers based on Standard Contractual Clauses (SCCs) approved by the European Commission or UK ICO.
Transfers to countries deemed adequate by the UK Information Commissioner’s Office.
Transfers to organisations that are certified under an approved mechanism and offer appropriate safeguards.

We apply robust contractual and technical controls to protect your data during and after transfer.

For more information about specific transfer mechanisms or destinations, you can contact our Data Protection Officer at datacontroller@theidol.com.
Please note that while we take all reasonable steps to secure your data, sending information via email is not completely secure. Any transmission is at your own risk.

How do we keep your personal information secure?

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used, altered, disclosed or accessed in an unauthorised way. We limit access to your personal information to those individuals who have a business need to access it. As part of our security measures, we may sometimes require you to give proof of your identity before we disclose personal information to you.

We regularly monitor our systems for possible vulnerabilities and attacks and carry out tests to identify ways to further strengthen our security. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Your rights

As an individual, you have rights over your personal data, even in a business context. More information is available on the Information Commissioner’s website. If you wish to exercise any of these rights, please contact our customer service team at customerservices@theidol.com or call 0800 915 7885.

Your rights include:

Right to be informed – This privacy notice explains how we use your data.
Right of access – You can request a copy of the personal data we hold about you.
Right to rectification – You can ask us to correct inaccurate or incomplete data.
Right to erasure – You can request deletion of your data in certain circumstances.
Right to restrict processing – You can ask us to limit how we use your data.
Right to object – You can object to how we use your data, including for marketing.
Right to data portability – You can ask us to transfer your data to another organisation.
Right to withdraw consent – Where we rely on your consent, you can withdraw it at any time.

Your Right to Complain

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

Website: https://ico.org.uk
Address: First Contact Team, Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF

Contacting Us About Your Personal Data

Legal & General Group has appointed a Data Protection Officer (DPO) to oversee compliance with this privacy notice. theidol.com has appointed a Data Privacy Manager (DPM) to liaise with the Group DPO and manage day-to-day data protection matters.

If you have any questions about this privacy notice or how we handle your personal information, please contact:

Data Privacy Manager
Email: datacontroller@theidol.com
Address: theidol.com, The Edge, Eden Business Park, Penrith, Cumbria, CA11 9FB

If you need to contact Legal & General’s Group DPO directly:

Group Protection Officer
Email: Data.protection@landg.com
Address: 1 Coleman Street, London, EC2R 5AA