Who are we?
We may collect information from you about other people, for example, family members who may need to manage a claim. If you give us information about another person it is your responsibility to ensure and confirm that:
What Personal Information do we collect and hold?
The following is a list of the types of data that we may collect and hold about you:
|Personal data type:||Details:|
|Individual||Name, address, email address, telephone numbers and date of birth.|
|Payment||Bank account details and/or payment card details.|
|Risk||Information about you which we need to collect in order to assess your risk and provide an insurance quote.|
|Anti-fraud||Sanctions data, claims experience (including details of previous claims), and information received from a range of anti-fraud databases.|
|Online activity||IP address and other online identifiers.|
|Marketing preferences||Marketing preferences, information relating to competition, prize draw or other promotion entry, or responses to voluntary customer satisfaction surveys.
To improve our marketing communications, we may collect information about interaction with, and responses to, our marketing communications.
You will be the primary source of the information that we hold that forms part of your personal data, and this data would be provided to us via one or more of the following methods:
- Over the telephone
- From price comparison websites
- Through our website or email
- Face to face
We might also collect your personal data from various third party sources, including:
- Insurance Companies
- Government Agencies, such as HMRC
- Fraud Prevention and Sanction Checking Agencies
- In the event of a claim, third parties including the other party to the claim (claimant/defendant), experts (including medical experts), loss adjusters, solicitors, and claims handlers.
How do we use Personal Information?
We use Personal Information for different purposes depending on our relationship with you.
The main purposes are to:
- Provide insurance and other services
- Manage claims
- Communicate with you
- Manage, develop and improve our business, products and services
- Market our services
Are automated decisions made using Personal Information?
Sometimes, as part of our business operations, decisions about you are taken using automated computer software and systems. These decisions do not involve human input, and the software and systems apply pre-defined logic programming and criteria to make a decision and assess how we deal with you in connection with the provision of services.
Who is Personal Information shared with?
We will pass on your personal data to third parties. The following third parties will receive your personal data for the following purpose(s) as part of the processing activities:
|Insurance Companies||For the purposes of providing cover under the contract that you have created with us.|
|Payment Processors / Lenders||For the purposes of processing card payments and Direct Debit payments.|
|Fraud Prevention and Sanction Checking Agencies||For the purposes of fulfilling our legal requirements.|
|Auditing Agencies||For the purposes of auditing our financial statements and regulatory compliance.|
|Service Providers||For the purpose of providing assistance in the event of a claim.|
|Other 3rd Parties||– For the purpose of marketing communication if you have given specific consent.
– For the purpose of displaying relevant online advertisements to you and other customers on social media platforms and third party websites. Information will be provided in an encrypted format and will only be used to identify the appropriate audience for our advertisements.
– For the purpose of managing any reward or loyalty schemes.
– For the purpose of building audiences, optimisation, modelling data and reporting by using tracking pixels on our website.
– For the purpose of feedback tools.
Additional third parties may be provided with your personal data under the following circumstances:
- Where a countries legal system requires us to
- In connection with any legal proceedings or prospective legal proceedings
- To establish, exercise or defend our legal rights
Where do we process Personal Information?
Certain personal information held on our Information Technology systems may be transferred across geographical borders in accordance with applicable law.
By providing us with your information, you consent to the collection, international transfer, storage, and processing of your information. These transfers are governed by European Union (EU) standard contractual clauses or equivalent data transfer agreements to protect the security and confidentiality of personal information.
What is the legal justification for our use of Personal Information?
We only collect, use and store your information where either;
- You have provided us with your consent to process your data
- We have legitimate business reasons
- We need to process your data in order to administer a contract
- The processing of your data is necessary in order to comply with any legal obligations that we may have
How long do we keep hold of Personal Information?
We will not keep your personal data longer than is necessary for the purpose for which it was provided unless we are required by law or have other legitimate reasons to keep it for longer (for example, if necessary for any legal proceedings).
We will normally keep data for no more than 7 years after termination or cancellation of a product, contract or service we provide. In certain cases, we will keep your information for longer, particularly where a product includes liability insurances or types of insurance for which a claim could potentially be made by you or a third party at a future date, even after your contract with us has ended.
What are my data protection rights as a data subject?
You have certain legal rights under UK data protection law and regulations, summarised as follows:
- The right to be informed about our data processing activities, including through Privacy Policies such as this.
- The right of access to the personal information we hold about you.
- The right of rectification. You may ask us to correct any inaccurate or incomplete data within one month.
- The right to erasure and to restrict processing. You have the right to have your personal data erased and to prevent processing except where we have a legal obligation to process your personal information. You should bear in mind that by exercising this right you may hinder or prevent our ability to provide products and services.
- The right to data portability. On your request, we will provide you with your personal data in a structured format.
- The right to object. You have particular rights in relation to automated decision making and profiling to reduce the risk that a potentially damaging decision is taken without human intervention. You can object to your personal data being used for profiling, direct marketing or research purposes.
How can I withdraw my consent to the use of Personal Information?
Please let us know if your information changes as it is important that the information we hold about you is accurate and up to date.
You can ask us to update or correct your personal information or opt out of our use of your information by contacting us using any of the following methods:
|Telephone||01423 535 040|
|Address||4th Floor Clarendon House, Victoria Avenue, Harrogate HG1 1JD|
Who to contact about your Personal Information?
Our Data Protection Officer can be contacted directly by emailing firstname.lastname@example.org, or by writing to The Data Protection Officer, 4Paws, 4th Floor Clarendon House, Victoria Avenue, Harrogate, North Yorkshire, HG1 1JD.
Your right to complain
In the event that you wish to make a complaint about how your personal data is being processed by us, or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority. In the UK this is the Information Commissioner’s Office (ICO).
We ask that you please attempt to resolve any issues with us before contacting the ICO.