Privacy Policy

Introduction

This Privacy Policy explains how Sura Group Limited (the “Company”) collects, uses, stores and shares your personal information when you use our website or interact with us.

This policy applies to all users of our website and customers who purchase our products or services.

Summary

This section provides a high-level overview of how we use your information. It should be read alongside the full policy below.

The Company is the data controller for personal data collected through this website
We collect personal information when you use our website, contact us, or purchase a policy
We use your information to provide our services, improve our website and meet legal obligations
We only share your information where necessary, including with insurers and service providers
We do not sell your personal data
Some data may be processed outside the UK, with appropriate safeguards in place
You have rights over your personal data, including access, correction and deletion

Data Controller

For personal data collected through this website and in connection with our services, the data controller is the Company.

In some circumstances, third parties involved in providing your insurance product (such as insurers or finance providers) may act as independent data controllers in relation to your data. Their use of your data will be governed by their own privacy policies.

How We Collect Your Information

We collect information in the following ways:

When you provide it directly (e.g. completing forms, purchasing a policy, contacting us)
When you use our website (via cookies and similar technologies)
From third parties where necessary (e.g. insurers, finance providers or partners)

Information We Collect

Depending on how you interact with us, we may collect:

Name and contact details (including email, address, phone number)
Vehicle details (e.g. registration, VIN, mileage, purchase price)
Payment and transaction information
IP address and device/browser information
Website usage data (pages viewed, actions taken, time on site)
Marketing preferences

How We Use Your Information

We use your information to:

Provide quotes and process purchases
Administer your policy and fulfil contractual obligations
Communicate with you about your policy or enquiries
Improve our website, products and services
Detect and prevent fraud or misuse
Comply with legal and regulatory obligations
Send marketing communications where you have consented

Legal Basis for Processing

We rely on the following legal bases under UK GDPR:

Contractual necessity – to provide products and services you request
Legitimate interests – to operate and improve our business
Legal obligation – to comply with regulatory requirements
Consent – for marketing communications and non-essential cookies

Sharing Your Information

We may share your information with:

Insurance providers – to arrange and administer your policy
Finance providers (including Premium Credit Limited) – where you choose a monthly payment option
Payment providers – including Opayo and PayPal
Service providers – supporting hosting, communications, analytics and IT systems
Professional advisors – such as legal and accounting services
Regulators or authorities – where required by law

Insurance Providers

To provide your policy, we will share relevant information with insurers or product providers. These organisations act as independent data controllers and will process your data under their own privacy policies.

Website Hosting and Server Logs

We use a third-party hosting provider to host our website. Our website server automatically logs certain information when you access the site, including:

IP address
Pages accessed
Date and time of access
Browser and device information

This information is used for:

Maintaining website functionality
Monitoring performance
Detecting and preventing unauthorised access or cyber threats

We do not use this information to identify individuals unless required for security or legal purposes.

Our website infrastructure is hosted within the United Kingdom.

Key Service Providers

We use trusted third-party providers to support our services, including:

Website hosting providers (UK-based infrastructure)
Payment processors
Email and communication providers (e.g. Google and Customer.io)
Telephony providers
Analytics and tracking tools (e.g. Google Analytics, Facebook and Hotjar)

These providers only process your data where necessary and under appropriate contractual safeguards.

Call Recording

We record telephone calls for:

Training and quality assurance
Regulatory compliance
Resolving customer queries and disputes

Call recordings are securely stored by our telephony provider and retained only for as long as necessary.

Payments

When you make a payment, your payment details are processed securely by third-party payment providers.

We do not store full payment card details on our systems.

Marketing Communications

You will only receive marketing communications from us if you have opted in.

You can unsubscribe at any time by:

Clicking the unsubscribe link in emails
Contacting us directly

Cookies and Similar Technologies

We use cookies and similar technologies, including:

Essential cookies (required for the website to function)
Analytics cookies (e.g. Google Analytics)
Advertising and tracking cookies (e.g. Facebook Pixel)
Behavioural tools (e.g. Hotjar)

Non-essential cookies will only be used where you have provided consent.

For more information, please see our Cookie Policy.

Automated Decision-Making and Profiling

We use automated processes within our website to tailor the user experience based on the information you provide.

This may include:

Adjusting the purchase journey
Displaying relevant products or options
Supporting pricing or eligibility logic

These processes are designed to improve your experience and ensure appropriate products are presented.

How We Store and Protect Your Information

We use appropriate technical and organisational measures to protect your data, including:

Secure servers and encrypted connections (SSL)
Restricted access to personal data
Secure payment processing
Ongoing monitoring of systems and controls

International Transfers

Some of our service providers may process personal data outside the United Kingdom.

Where this occurs, we ensure appropriate safeguards are in place in accordance with UK data protection law.

You can contact us for more information about these safeguards.

How Long We Retain Your Information

We retain personal data only for as long as necessary, including:

Policy and transaction data: typically up to 15 years
Enquiries and correspondence: as required to resolve and for record-keeping
Website data: in line with analytics and cookie retention settings

Retention periods may vary depending on legal and regulatory obligations.

Your Rights

You have the following rights under UK GDPR:

Access your personal data
Correct inaccurate data
Request deletion of your data
Restrict processing
Object to processing
Data portability
Withdraw consent at any time

You also have the right to complain to the Information Commissioner's Office.

Contact Us

If you have any questions about this Privacy Policy or your data, please contact:

Email: [email protected]

Post: Privacy Queries, Sura Group Limited, 1 Neville Group, Leeds, LS1 4DW

Customer reviews

4.9 out of 5 based on 15293 reviews

ALASDAIR MELVILLE

5 out of 5

Extremely quick and easy - great price to cover me in uncertain times and ensure I'm protecting myself and my asset from a shortfall. Really pleased with it, and the terms and conditions are perfectly reasonable, no hidden nasties. Highly recommended.
James Campbell

5 out of 5

VERY EASY AND HASSLE FRE AND GREAT PRICE WITH 5 STAR RATINGS
ailie bryant

5 out of 5

recommeded by a friend, so easy to set up a policy and a great price

> See all our Testimonials

Direct Gap : Rated 4.94 out of 5 based on 15293 testimonials

Monthly Payments Available

Available on Gap Insurance Policies
Pay in 10 monthly instalments

Call our friendly team to find out more on

01422 756100