Privacy Policy

IFIG is committed to respecting the privacy of individuals using this website. We respect your privacy and take this issue seriously.

The General Data Protection Regulation (the “GDPR”) and the Data Protection Act seeks to protect and enhance the rights of data subjects. IFIG is committed to protecting and respecting your privacy. IFIG recognises the importance of the correct and lawful treatment of personal information and will only use personal information as set out in this Privacy Notice.

This Privacy Notice sets out how IFIG collects and uses any information that you give us when you use the IFIG website (“the Website”). The expressions “we”, “us” and “our” refer to IFIG.

This Privacy Notice explains the data we collect about you and how we use your information:

  • When you use our website
  • When you submit an enquiry via our website

The IFIG Board shall oversee compliance with this Privacy Notice.

If you have any questions about this Privacy Notice or how we handle your personal information, please contact the IFIG Administrator via Insurance Fraud Investigators Group, PO Box 8203, Reading, Berkshire, RG30 9LX or

We may change this Privacy Notice at any time by updating this page so you should therefore check the Website from time to time to ensure you are aware of any changes.

It is important that you read this Privacy Notice, together with any IFIG terms and conditions that we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such personal information. This Privacy Notice supplements the other notices and is not intended to override them.

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

Who are we?

IFIG is a company limited by guarantee registered in England & Wales under company number 10870300 with its registered office C/O Topping Partnership, Incom House, Waterside, Trafford Park, Manchester, England, M17 1WD.

IFIG’s core objectives are to support the Insurance industry to:

  • Detect and prevent insurance fraud
  • Raise the profile of insurance fraud as a crime
  • Provide a forum to discuss anti-fraud initiatives and techniques
  • Share relevant intelligence in accordance with the National Intelligence Model and in compliance with the GDPR and the Data Protection Act

The data we collect about you in using this website

Personal data, or personal information, means any information about an individual from which that person can be identified. We collect only that personal data from you that we need to provide you with the services you request and otherwise, to operate our business in the way that you would anticipate.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped as follows:

Contact Data

includes name, email address, telephone number

Technical Data

includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

Usage Data

includes information about your use of our service, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); elements you viewed or words you searched for; page response times; download errors; length of visits; interaction information (such as scrolling, clicks, and mouse-overs).

Communications Data

includes emails, notes of conversations, etc.

When you use our website

When you use our website to browse our services and view the information we make available; some cookies are used by third parties and by us to allow the website to function, to collect useful information about visitors and to help to make your user experience better.

Some of the cookies we use are strictly necessary for our website to function, and we do not ask for your consent to place these on your computer. However, for those cookies that are useful but not strictly necessary, we will always ask for your consent before placing them.

When you submit an enquiry via our website

When you submit an enquiry via our website, we ask you for standard Contact Data. We use this information to respond to your query, including providing you with any requested information about our services. We will do this based on our legitimate interest in providing accurate information as requested.

We do not use the information you provide to make any automated decisions that might affect you.

How we use your personal data when derived from the use of this website

We will use your personal data only when legally permitted. The most common uses of your personal data are to perform the contract between us or to send you information or resources which you’ve requested; where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or where we need to comply with a legal or regulatory obligation.

We have set out below a description of all the ways we may use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Purpose/Activity: To provide our services

Type of data:

(a) Contact

(b) Communications

The lawful basis for processing:

(a) Performance of a contract with you

(b) Necessary for our legitimate interests

Purpose/Activity: To manage our relationship with you

Type of data:

(a) Contact

(b) Communications

The lawful basis for processing:

(a) Necessary for our legitimate interests (to tailor our services appropriately, to keep our records updated and to study how clients use our services)

Purpose/Activity: To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

Type of data:

(a) Contact

(b) Technical

The lawful basis for processing:

(a) Necessary for our legitimate interests (to study how clients use our services, to grow our business and to inform our marketing strategy)

Purpose/Activity:  To use data analytics to improve our website, our services, marketing, customer  / Member relationships and experiences

Type of data:

(a) Usage

(b) Technical

The lawful basis for processing:

(a) Necessary for our legitimate interests (to define types of Members for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

Note that we may process your personal data for more than one legal ground depending on the specific purpose for which we are using your data.

Sharing your personal data

We may have to share your personal data with select third parties, for example:

  • website hosting and content management providers
  • professional advisers and consultants
  • regulators (SRA, FSA, PRA, ICO etc)

We require all third parties to respect the confidentiality and security of your data and to treat it in accordance with the data protection laws. We do not allow our third-party service providers to use your data for their own purposes and only permit them to process your personal data for specified purposes and by our instructions.

Data Sharing for the purpose of the detection and prevention of crime

IFIG provides it’s Members with a secure mechanism in which to share Intelligence and Personal Data / Sensitive Personal Data for the purpose of the detection of fraud / crime.

IFIG is a recognised Anti-Fraud Organisation as defined by the Serious Crime Act 2007

Such Intelligence and Personal Data is shared in a controlled manner and in compliance with:

  • Article 6(1)(f) GDPR
  • Section 10 and Schedule 1, Part 2, Paragraph 14 Data Protection Act (2018)
  • Section 10 and Schedule 1, Part 2, Paragraph 20 Data Protection Act (2018)
  • Section 15 and Schedule 2, Part 1, Paragraph 2 Data Protection Act (2018)
  • Section 15 and Schedule 2, Part 1, Paragraph 5 Data Protection Act (2018)

International transfers

We do not knowingly transfer any personal data outside the European Economic Area (EEA).


We may link to other websites which are not within our control. Once you have left our website, we cannot be responsible for the protection and privacy of any information which you provide. You should exercise caution and look at the privacy statement applicable to the website in question.

Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Also, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

If at any point you suspect or become aware of a security incident please let us know using the contact information provided below.

Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Changes to the privacy notice and your duty to inform us of changes

This version of our privacy policy was last updated on 25 May 2018.

It is vital that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Your rights over your information

By law, you can ask us what information we hold about you, request to have access to it, and you can ask us to correct it if it is inaccurate. In those cases where we process your information for contractual reasons, you can ask us to give you a copy of the information.

If you believe we are not using your information lawfully, you can ask us to stop using it for a period. In some circumstances, you may have the right to ask us to erase your personal data.

To submit a request by email, post or telephone, please use the contact information provided below.

Contacting us

We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details below.

IFIG Administrator
Insurance Fraud Investigators Group
PO Box 8203
RG30 9LX


Your right to complain

If you have a complaint about our use of your information, we would prefer you to raise it with us in the first instance to give us the opportunity to put it right, but you can also contact the Information Commissioner’s Office as below:


Wycliffe House
Water Lane