We are committed to ensuring your privacy is protected. This notice explains how we collect, use, share and store your information.
Please take time to read this document carefully as it contains details of the basis on which we will process (collect, use, share, transfer) and store your information. You should show this notice to all parties related to any service or related insurance arrangement. If you have given us information about someone else, you are deemed to have their permission to do so.
If you have any questions or need further information you can email DPO@jensten.co.uk or write to our Data Protection Officer at Jensten Group Limited, Coversure House, Washingley Road, Huntingdon, Cambridgeshire, PE29 6SR.
We are Chris Knott Insurance Consultants Ltd, company registration number 2811031, ICO ref Z4908414. We operate as an Insurance Intermediary.
We are part of the Jensten Group of companies and will, at all times, treat all personally identifiable information strictly in accordance with The UK General Data Protection Regulations ("UK GDPR"), supported by the Data Protection Act 2018 ("DPA 2018").
For more information on the Jensten Group of companies, please visit jensten.co.uk.
We usually use direct interaction to collect data from and about you through telephone, email, letter, or face-to-face communication. We also use online forms and quotation facilities for certain policy types. These may be websites administered by Jensten Group or by a third-party provider on our behalf.
We may collect, use, process, store and transfer different kinds of personal data about you for the purpose of arranging your contract(s) of insurance, that is necessary under the lawful basis of contract and the provision of services attached to your contract of insurance. We may also use this data to arrange premium finance for you at your request.
We do not collect data that we do not need. The data we could collect is categorised as follows:
Where we need to collect personal data under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case we may have to cancel the insurance that you have in place, and we will notify you if this is the case.
We will ensure data is processed lawfully, fairly and in an open and transparent manner, and ensure appropriate security measures are in place against unauthorised or unlawful processing or accidental loss, destruction or damage using appropriate technical or organisational measures. Examples include restricting access to key people within our organisation for certain aspects of your information, and periodically checking the level of security we apply to prevent unauthorised use, accidental loss, or misuse of your information.
If you are providing personal data on behalf of a third party, you must provide them with a copy of this privacy notice and obtain any consent where we require it for the processing of their data.
In certain circumstances, such as our online Quote & Buy systems, or when a quotation is requested, or changes are made to an existing policy, or at each renewal of an insurance arrangement, any or all of our group companies' assessment may involve an automated decision to determine whether we are able to provide an insurance arrangement. Individuals can object to us using an automated decision (see the individual rights section) however, in those situations, it may prevent us from being able to provide you with insurance.
When processing personal data for profiling purposes, we will ensure appropriate safeguards are in place, ensuring:
For our quotation systems we may use external data from credit agencies, Electoral Roll, etc. to help in decision-making on pricing and risk acceptance. This may be regarded as "profiling" as defined in the legislation.
We have safeguards in place in the event that this has a legal or similarly significant effect on individuals. We do not consider that our processing poses such risks, but you have rights to further information on these processes as explained below.
When marketing to you as an individual (including individual sole traders and partnerships), we may share your personal data with other companies in the Jensten Group so that they can provide you with information about their products and services. We will rely on the lawful basis of either your prior consent or legitimate interest to contact you, such as by phone, email, push notifications, SMS text, or post, to tell you about products or services we have or are developing which we think may be of interest to you.
Within the Jensten Group, we operate under a number of brands and you may receive such communications from the following of our owned brands and trading names:
You have the right at any time to stop us from contacting you for marketing purposes and may opt out at any time by contacting the DPO on the details below with your instructions.
We may also share limited information with specified third parties to gain feedback on our service to you. We do this under the basis of legitimate interest. Should we need to use your information for any other purpose we shall request your consent to do so.
The contractual arrangements we have in place with our suppliers (e.g. insurance companies, our client database software providers, lead generation, and similar providers of services to us, including other third-party companies who use our services) are governed by and shall be deemed to operate strictly in accordance with the terms of such contracts.
Importantly, from your perspective, these contracts set out to define how data will be processed between us, including circumstances when we act as a processor, controller or joint controller, as is required by the UK GDPR.
We will never knowingly transfer, store, or process information about you or an individual, outside the European Economic Area (EEA). In the event that we are compelled to transfer your information outside the EEA (for example, because it is an insurance arrangement with an Insurance Company who is outside the EEA, or part of a larger group of companies who pass information outside the EEA), it shall be in compliance with the conditions for transfer set out in the GDPR, or restricted to a country which is considered to have adequate data protection laws.
All reasonable steps shall typically have been undertaken to ensure the firm to which information is being transferred has suitable standards in place to protect such information.
Unless required to do so by law, or for other similar reasons, other than those outlined (see 'What information we collect and how we use this information'), we will never otherwise share personal information without legal basis or without ensuring the appropriate care and necessary safeguards are in place. We will in any other event ask for your consent to share that information and explain the reasons.
We will only keep and / or maintain information about an individual for as long as is necessary in providing our products and services, or for compliance with a legal or regulatory obligation, including our legitimate interests or the interests of the controller where we are the processor.
This means we will only keep information that is necessary so that we can sufficiently deal with administrative issues, queries, claims and / or for compliance with legal reasons. Usually we will keep information for a minimum retention period of 7 years after cessation of a product or service we have provided. For Employer's Liability and certain other specific classes of business that require it, we will retain data indefinitely.
This Privacy Notice will be updated from time to time and was last updated on 8 October 2025.
It is important that personal data we hold about you is accurate and current. Please ensure that you keep us informed if your personal data changes during your relationship with us.
Under data protection law, you have the following rights:
You have the right to ask us for copies of your personal information that we hold about you.
You have the right to ask us to rectify personal information you think is inaccurate, and to complete information you think is incomplete.
You have the right to ask us to erase your personal information in certain circumstances.
You have the right to ask us to restrict the processing of your personal information in certain circumstances.
You have the right to object to the processing of your personal information in certain circumstances, including automated decision-making and profiling. You may contact us to request manual intervention.
You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not usually required to pay any charge for exercising your rights, but we do reserve the right to make an administrative charge for Subject Access Requests if requests are deemed manifestly unfounded or excessive. If you make a request, we have one month to respond to you, but we are permitted by the UK GDPR to extend this by a further two months if the request is sufficiently complex or if you submit a number of requests.
Please contact us at the details provided below if you wish to make a request.
If you have any cause for concern about our handling of personal information, please contact us using the details below.
Address:
Data Protection Officer
Jensten Group Limited
Coversure House, Vantage Park
Washingley Road, Huntingdon
Cambridgeshire, PE29 6SR
Email: DPO@jensten.co.uk
You can also complain to the Information Commissioner's Office (ICO) if you are unhappy with how we have used your data.
Address:
Wycliffe House
Water Lane, Wilmslow
Cheshire, SK9 5AF
Helpline: 0303 123 1113
Website: ico.org.uk
If you have any questions about how we handle your data, or about any of our insurance services, we're here to help.
