A range of cover options to suit your needs
3-year fixed price with no tie-ins – T&Cs apply
From UK stays to global getaways
Relaxing hotel-based holidays in the sun, with a Saga Host on hand.
Everything's taken care of on a Saga Group Tour, so you can see and do more.
Exciting destinations. Inspiring options. Discover your ideal travel experience.
Access to a range of accounts to suit your savings needs.
Including will writing, probate and lasting power of attorney.
Provided by award-winning mortgage broker Tembo.
Tips, insight and guidance into helping your money work as hard – and stretch as far – as possible.
The UK's bestselling subscription magazine
Discover our daily puzzles
Make buying wine easy this festive season. Great value, expertly selected wines, by the bottle or the case, in association with Virgin Wines.
Welcome to Saga's privacy hub. Protecting your personal information and being clear about how we use your data is important to us.
You can read more about how we handle your data in our privacy policy below. We've also made a short film where we share the main points from our privacy policy. It explains what information we need to know about you, why we need it, what we use it for and how we keep it safe. We hope you find this film helpful.
This privacy policy gives you information about how Saga collects and processes your personal data. It is important you read this document together with any other privacy or fair processing policies we give you on specific occasions where we collect or process your personal data. This privacy policy supplements other notices and privacy policies and is not intended to override them.
The Saga Group consists of the following Saga companies, which are registered as data controllers with the Information Commissioner’s Office (ICO):
Saga Group will include any new Saga entities we launch, focussing on Customer Technology, Financial products, Food & Drink, Gardens, Health, Homes, Learning, Motoring, Travel and Wellbeing.
Saga uses a variety of trading names including:
This privacy policy is issued on behalf of the Saga Group, so when we say “Saga”, “we”, “us” or “our” in this privacy policy, we are referring to the relevant company in the Saga Group responsible for processing your data. When you purchase a product or service with us, we will tell you which Saga company is the data controller of your personal data.
Saga are committed to protecting your privacy. We comply with the principles of the UK General Data Protection Regulation (GDPR) and associated data protection legislation. We aim to maintain best-practice standards in our processing of personal, sensitive data and/or special category personal data.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.
With regards to special categories of data (religious beliefs etc...), we may collect health data but only where relevant to the products and services you are purchasing or enquiring about. We may also collect information about criminal convictions and offences. For example, we may require details of motoring convictions to ensure the insurance price we provide is accurate or we may need medical information for travel insurance purposes or if you ask us to book an easy access room due to a disability. We will not collect or use these types of data without your consent, unless the law requires us to do so or where we believe it is in your best interests. If we do, it will only be when it is necessary as determined by the law and the ICO.
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
We use different methods to collect data from and about you including through:
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
See below for: Purposes For Which We Use Your Data to find out more about the types of lawful basis that we will rely on to process your personal data. We do not sell, trade, or rent your personal information to others.
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
Purpose/Activity | Type of data | Lawful basis for processing including basis of legitimate interest |
---|---|---|
To provide you with a quote (for insurance or travel) and to register you as a new customer |
|
|
To provide goods and/or services that you request. This may be through:
|
|
Performance of a contract with you |
To communicate with you about an enquiry you have made, to notify you if there is a problem with your product or service, to let you know about important functionality changes to the website or if there is another genuine reason for doing so |
|
|
Provide you with emergency support during your travel, holiday or cruise with us |
|
|
To ensure quality assurance and for audit purposes and compliance with regulations |
|
|
To carry out market research, offer renewals and for statistical purposes. |
|
|
To carry out fraud prevention and credit checks. To help us prevent fraud and money laundering, assess your premium at quote and renewal, for credit applications and to assist with identity checks in order to prevent money laundering. A copy of this search will be left on your credit file but will not affect your credit score. To assess financial and insurance risk we make full and open checks on electoral roll registers and public data provided to us by credit reference bureaus and other third parties. For identity checking for money laundering purposes. |
|
|
To prevent and detect crime. To manage risks to our business includes pricing insurance risk. To prevent fraudulent behaviour on our websites |
|
|
To process and deliver your order including:
|
|
|
To manage our relationship with you which will include:
|
|
|
To enable you to partake in a prize draw, competition or complete a survey |
|
|
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, statistical reporting and hosting of data) |
|
|
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you |
|
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences, including customer value and retention |
|
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) |
To make suggestions and recommendations to you about goods or services that may be of interest to you from across the Saga Group. To personalise information sent to you. Both may involve the profiling of data. |
|
|
As previously mentioned, we do not sell, trade or rent your information, and will never disclose information about you (including information obtained from our dealings with you) to third parties, except:
a) where we have a legal interest in a company;
b) to fulfil your specific orders for a product, service or information if it is delivered by a third party. In these instances, while the information you provide will be disclosed to them, it will only be used for the administration of the product, service or information provided. This could include (but is not limited to), verification of any quote given to you, claims processing, underwriting, pricing purposes as appropriate, testing, and to maintain management information for business analysis. For example, if you go on a holiday with us, the hotel needs to know who you are. If you take out an insurance policy provided by a third party, they will need your details in order to administer the policy, verify the quote given to you and process any claims. For further details about how your insurer handles your information, please see their Privacy Policy which can be found on their website. See your policy schedule documentation for your insurer contact details;
c) where third parties administer part or all the product or service. An example of this is where you book a travel product with us under Civil Aviation Authority (CAA) rules we have to place any funds paid to us into a trust administered by PT Trustees limited, details of how they process your information can be found on their website: https://www.pttrustees.com/privacy/
d) for underwriting, pricing, insurance rating analysis and testing purposes, and to maintain management information for business analysis;
e) for tailoring adverts you see when you are online. These might be on the Saga website, social media sites such as Facebook, search results, or other sites that sell advertising space;
f) for marketing purposes, where we have a legal basis for doing so;
g) where we have engaged a third party to carry out market research on our behalf and who may contact you for the purpose of obtaining feedback about the products and services that we offer;
h) where we have your consent to do so;
Where you have a travel booking, in the event of our insolvency we, or any appointed insolvency practitioner, may disclose your personal information to the CAA, and/or ABTA so that they can assess the status of your booking and advise you on the appropriate course of action under any scheme of financial protection.
The CAA’s General Privacy Notice is at https://www.caa.co.uk/Our-work/About-us/General-privacy-notice/.
ABTA’s Privacy Notice is at https://www.abta.com/privacy-notice.
Other companies within our group of companies for the purposes mentioned in Section "Purposes for which we will use your personal data" above. A list of our Group companies can be found in the introduction to this privacy policy.
We must have your consent to discuss your account with a third party, for example a family member. You may give this consent either orally or in writing and you may give it at any time by contacting us.
We may be obliged by law to pass on your information to the police or any other statutory or regulatory authority. In some cases, exemptions may apply under relevant data protection legislation, whereby we can legitimately release personal data e.g. to prevent or detect crime or in connection with legal proceedings.
After you purchase a product or service from us, we may enter into an arrangement for that service to be provided by a new third party. If this happens, the terms and conditions of your contract with us will provide that you consent to the transfer and processing of personal and/or special category personal data to the new provider, subject to the requirements of the GDPR and associated legislation.
If we provide information to a third party (either a provider of a product or service, or an external data processing agency such as a mailing house) or a company in which Saga has a legal interest, we will exercise the strictest contractual controls, requiring them and any of their agents and/or suppliers to:
We will restrict the information disclosed to the absolute minimum necessary.
We work in partnership with the Motor Insurers' Bureau (MIB) and associated not-for-profit companies who provide several services on behalf of the insurance industry. At every stage of your insurance journey, the MIB will be processing your personal information and more details about this can be found via their website: mib.org.uk. Set out below are brief details of the sorts of activity the MIB undertake:
When you are travelling with us please be aware that there may be Saga photographers and/or videographers on board or as part of our escorted tours taking photos and videos of guests and crew to produce photographs, images and media that may be included in Marketing Brochures, on our Social Media platforms and Cruise Videos. They are happy to take reasonable steps to avoid filming or photographing you where you indicate this is your preference, but you may be included unless you tell us otherwise and we are unable to guarantee that you will not be included on an incidental basis. We care about your privacy so if you do not wish for your photograph to be taken at any time, or to be included in any video, please let a member of staff or the photographer know. Whilst we take every precaution to protect your privacy, we are not responsible for passengers who may take your photograph or video you without our knowledge. We ensure that all our customers are notified prior to travelling on our trips if a professional photographer or camera crew is being engaged and you have the right to say no or opt-out of being included in any photos being taken for these purposes, including any subsequent content or images used.
If you have any queries about the use of images after your trip, please write to the Data Protection Officer at Saga Group Plc, 3 Pancras Square, London N1C 4AG or email data.protection@saga.co.uk
We may submit your details to fraud prevention agencies and other organisations to help us prevent fraud and money laundering. We will also conduct a search with a credit reference agency to help us in providing a quote, and to check which payment options we can make available to you. This is referred to as a "soft search", which means a copy of this search will be left on your credit file but will not affect your credit score.
Any searches we make to provide a motor insurance quote whereby you wish to pay in instalments may involve additional credit checks via a credit reference agency, which are sometimes referred to as a "hard search". If you go on to pay by instalments, this check will be noted on your credit file and may be reflected in your credit score. You will be informed prior to this search taking place.
In order to assess financial and insurance risk, we obtain information held on electoral roll registers and publicly available data sources, which is provided to us by credit reference agencies and other third parties. This helps us to assess your premium at quote and renewal, for credit applications and to assist with identity checks in order to prevent money laundering.
If you apply for other financial services and/or products, a check of your details with fraud prevention agencies may be necessary. The precise nature of these processes will be explained when you apply.
Our own security procedures mean that we may occasionally have to request proof of identity or check your presence on the electoral roll.
We provide products and services including holidays and cruises outside the European Economic Area (EEA) and to some countries that are not Whitelisted Countries. Therefore, if you travel on such holidays the information you provide may occasionally be transferred outside the EEA, where from time to time we work with suppliers and service providers that are either based outside of the EEA or have servers based outside of the EEA. Countries outside of the EEA protect information differently, and so where we do transfer your information to suppliers based outside of the EEA, we will take all steps necessary to ensure that it is adequately protected and used in accordance with this Privacy Policy, including but not limited to relying on any appropriate cross-border transfer solutions such as European Commission's Standard Contractual Clauses or International Data Transfer Agreements (IDTAs) approved by the UK Information Commissioner's Office or may require the other party to be signed up to government standards that are recognised as providing the right level of protection.
Where we have obtained your permission, we may contact you by telephone, email or text to tell you about offers, products and services from Saga Group that may be of interest to you. We may obtain your permission when you contact us, for example we may ask for this when you apply for a quote or speak to one of our agents over the phone. For Saga companies other than Titan Travel, this may also be based on your marketing preferences in your MySaga account.
We may also send you communications about offers, products and services by post. For example, if you have previously asked for an insurance quote, we may send you direct mail about our other products from Saga Group which we feel you may be of interest in. We will only ever do this in compliance with our legal obligations which includes where we believe it is in our legitimate interest to do so, and where you have not objected to this.
You may contact us at any time to advise us that you wish to withdraw your permission for telephone, email or text marketing, or that you wish to stop receiving direct mail marketing. You can also update your marketing preferences in MySaga by visiting saga.co.uk or by calling 0800 092 3665 (Saga companies other than Titan Travel) or, for Titan Travel, by calling 0800 988 5811 at any time.
We may use the information you provide to offer you relevant products or services from other parts of Saga. This helps us enhance your overall experience with Saga by tailoring our offerings to better suit your needs and preferences. Additionally, within our marketing, we may include content from selected Saga Group Partners who are other great brands that we think you will be interested in hearing about in the following areas:
We'll never sell your data. You will only ever get promotional emails from us, unless you have specifically signed up to receive communications directly from our partners.
We may process your information to send you communications that are tailored to your interests or to market products which we feel are like those you have shown an interest in previously. This is called “profiling for marketing purposes”. This might be in the form of display advertising you see on websites, social media (for example, using Facebook/Meta Custom Audiences and Google Custom Match), television (SkyAdsmart) or internet search results. We may also use profiling to tailor communications we send to you via post, telephone, email or text. If we run specific marketing campaigns through social media and digital advertising platforms you may see Saga advertising. These campaigns tend to be based on general demographics and interests and sometimes your contact details such as an email address or phone number. We would use this information to tailor the advertising you see. If you do not wish to see this advertising, you will need to adjust your preferences within the relevant social media settings and your cookie browser settings (please see our Cookie Policy for more information regarding how to do this).
We use delivery email services to send our marketing and transactional emails, including Adobe, SmartComm, Sitecore and Numero. For emails delivered by Adobe we use 'tracking pixels' which are similar to cookies to improve the quality of our emails. Tracking pixels are used to help understand how you interact with our emails by collecting information including open rate and click-through rate. If you are unhappy with this but would still like to receive our emails you can block pixels by switching off images in your email settings. You can unsubscribe from our marketing emails at any time by updating your marketing preferences in MySaga by visiting saga.co.uk or by calling 0800 092 3665 (Saga companies other than Titan Travel) or, for Titan Travel, by calling 0800 988 5811.
At any time, you can opt out of receiving marketing information, revise the products you would like to hear about or change the method we use to communicate with you. You can update these preferences by visiting MySaga at www.saga.co.uk or calling us on 0800 092 3665 (Saga companies other than Titan Travel) or, for Titan Travel by calling 0800 988 5811.
We make outbound phone calls for several reasons relating to our many products, including breakdown cover and insurance. Sometimes we will need to call you in relation to an enquiry you may have started on our website. We are fully committed to the regulations set out by Ofcom and follow strict processes to ensure we comply with them.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please write to the Data Protection Officer at Saga Group Plc, Pancras Square, London N1C 4AG or email data.protection@saga.co.uk
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Please advise us in writing of any changes in your circumstances, or if you feel we hold inaccurate information about you so that we can update our records accordingly.
We will hold your personal information in accordance with the principles of the GDPR (and associated legislation) and for as long as reasonably necessary to fulfil the purposes for which it was collected. We may obtain your data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you. We are obliged and permitted by law and regulation to retain certain types of data for a minimum period. The minimum period tends to be for seven years but can be longer (or shorter) if the statute or regulation requires.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Under certain circumstances, you have rights under data protection laws in relation to your personal data.
Access to your information: You have a statutory right of access to personal data that we hold about you. In order to exercise this right, we ask that you apply in writing, either via letter or email. Please refer to the information you wish to see giving dates where possible. Please note that we may ask for further information from you including proof of identity.
We will not administer Subject Access requests made by a third party (such as a relative or friend) unless accompanied by written authority of the individual who is the subject of the request, proof of power of attorney or other legal certification.
You will not have to pay a fee to access your personal information (or to exercise any other rights). However, in exceptional circumstances, we may charge a reasonable fee or refuse to comply with your request.
Request the correction or rectification of the personal data that we hold about you: this enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Rights related to automated decision-making including profiling: We use the information we know about you to make decisions which inform our pricing, fraud prevention and the products and services we can offer. Automated decision making enables us to make efficient and fair decisions, providing a better service for our customers. Whilst you have the right to object to us using your information in this way, this could have an impact on the products or services we may be able to offer you. We use automated decision making in the following areas:
Pricing – we use the information we know and collect about you to inform decisions around product and service charges. For example, if you apply for insurance, we will compare what you tell us with other records to determine how likely you are to make a claim. This will help us decide whether to offer you the product and what price to charge you.
Tailoring our marketing communications – as mentioned previously, we use your personal information to make decisions about what products, services and offers we think you may be interested in. This ensures the communications you receive from us are tailored and relevant to your interests. You can opt out of this at any time by contacting the Data Protection Officer.
The right to erasure: this enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
The right to object to processing: of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Right to restrict the processing of your personal data: this enables you to ask us to suspend the processing of your personal data in the following scenarios:
The right to data portability: you have the right to obtain and reuse the personal data that you have provided to us for your own purposes which includes transferring it to other service providers. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
The right to withdraw consent at any time: where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
What we may need from you: we may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who does not have the right to receive it. Sometimes, we may need to contact you or ask you for further information.
We will try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made several requests. In this case we will notify you and keep you updated.
Limits to your rights: some of your rights in relation to your personal data are not absolute, for example your right to erasure. Where this is the case, we will inform you of the extent we can comply with your requests and detail our reasons why. More information can be found by visiting the ICO’s website https://ico.org.uk/.
For further information regarding your rights, or to make a request; please write to the Data Protection Officer at Saga Group Plc, Pancras Square, London, N1C 4AG or email data.protection@saga.co.uk.
We keep our privacy policy under regular review, and we publish the date this privacy policy was last updated. If we decide to change our privacy policy, we will update all relevant documentation and post any changes on our websites so that you are always aware of what information we collect, how we use it, and under what circumstances we disclose it. We may also notify you by email sent to the email address specified on your account.
We welcome your questions and comments about privacy. Please write to the Data Protection Officer, Saga, 3 Pancras Square, London, N1C 4AG or email data.protection@saga.co.uk
You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you feel your personal information has not been handled correctly. You can do this via ico.org.uk/concerns or by writing to: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
Sensitive personal data / special categories of data | These are types of personal data which are important to protect because processing could threaten peoples’ basic rights. For example, information about somebody’s race could be wrongfully used to discriminate against them. Other special categories of data include religion, trade union membership, genetics, biometrics (where used for ID purposes), health, sex life and sexual orientation. |
Processing | Anything that is done with personal data. Collecting, keeping, and using personal data are all examples of processing. |
Profiling | The processing of personal data in order to try and work out the subject’s situation, characteristics, and/or behaviour. |
European Economic Area (EEA) | A collective of countries which share a single market and regulations which help them trade and interact with one another. This is the group of countries that will be governed by the GDPR, and therefore do not have to implement any further measures or request permission to transfer personal data to each other. They are:
|
Data controller | An entity (for example a person or an organisation), who determines for what purpose and how personal data is going to be processed. |
Data processor | An entity that processes personal data on behalf of a controller. The controller determines the purpose but the processor acts on behalf of the controller. |
Third Party | An entity who is not the data subject, a processor, or a controller. The third party may receive personal data but does not process it. |
Lawful basis - Legitimate Interest | Legitimate Interest refers to our conducting and managing business to enable us to provide customers with the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us. |
Lawful basis - Performance of Contract | Means processing of your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract. |
Lawful basis - Comply with a legal obligation | Means processing of your personal data where it is necessary for compliance with a legal obligation that we are subject to. |
Lawful basis - Vital Interests | Means processing personal data where it is necessary to protect the vital interests of the data subject or another individual |
Whitelisted countries |
Third countries (countries outside of the EEA) who have been granted an 'adequacy decision' by the EU Commission which means their data protection levels have been deemed high enough that countries within the EEA (governed by the GDPR), do not have to implement any further measures or request permission to transfer personal data there The EU Commission has made an adequacy decision about the following countries:
Canada - only covers data subject to Canada's Personal Information Protection and Electronic Documents Act (PIPEDA); |