Introduction

This is a privacy notice for Velosure which is a trading name of Lawshield UK Ltd.

We understand that your privacy is extremely important to us. As a result we have put in place many measures to ensure that any personal data we obtain from you is processed and maintained in accordance of the General Data Protection Regulation 2016 (GDPR). This statement provides you with details of the type of information we may hold about you, how we obtain and use the information and how we protect your privacy.

We may amend this policy from time to time. If any amendments are made then the updated notice will be published on our website. The privacy policy was last updated on 17.04.2018.

Security of Personal Data

Security of personal data is our priority, we protect this information by maintaining physical, electronic and procedural safeguards that meet or exceed applicable law.

We train our employees’ in the handling of Personal information. When we use other companies to provide services to us, we also require them to protect the confidentiality of the personal information that they receive to a similar or increased level.

Collecting Personal Data

The personal data that we will collect will be, but not limited to, name, address, email address, date of birth, occupation, property details, vehicle registration, driving convictions and bank account details and in certain circumstances medical records if as a result of a Personal Injury claim.

How we use your information

We may use the personal data we hold about you in the following ways:

  • For the purposes of providing insurance, handling claims and any other related purposes. This may include underwriting decisions made via automated means – this is for the performance of the insurance contract between you and us.
  • For offering renewal, research or statistical purposes – this is for our legitimate interests: for us to analyse historic activity, to improve our rating algorithms and to help predict future business impact. To further our commercial interests, to enhance our product offering and to develop new systems and processes.
  • To provide you with information, products or services that you request from us or which we feel may interest you - where you have consented to be contacted for such purposes.
  • To notify you about changes to our service – this is for our legal and regulatory obligations.
  • To safeguard against fraud and money laundering and to meet general legal or regulatory obligations.

Sensitive Data

Sensitive data may be required by us for the specific purposes of underwriting and fraud detection, or as part of the claims handling process. Such information could include but not limited to retrieving of medical records. The provision of such data is conditional for us to be able to provide insurance or manage a claim and, whilst you can withdraw your consent for us to process such data, this may result in us not being able to continue cover, or to process any claims. Where such data is provided to us, it will only be used for the purposes set out above, and will be treated securely and in line with this notice.

Sharing your information

We may disclose your personal information to any of our staff, third parties involved in providing products or services to us, or to service providers who perform services on our behalf where it is reasonable to do so. (If consent is necessary to facilitate this sharing we will ensure it is obtained prior to processing).

These include:-

  • Our group of companies
  • Affinity Partners
  • Third party administrators, insurers
  • Credit agencies
  • Medical Service Providers
  • Fraud detection agencies
  • Loss Adjustors
  • External Law Firms
  • External Auditors
  • Regulatory authorities

We may be legally obliged to disclose your personal information to the extent that we are required to by law in connection with any ongoing prospective legal proceedings in order to establish, exercise or defend our legal rights (including providing information to others for the purpose of fraud prevention and reducing risk).

We may also disclose your personal information:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If the company or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • To protect the rights, property, or safety of our customers or others.
  • International Transfer

    We may transfer your personal data to destinations outside the European Economic Area (“EEA”). Where we transfer your personal data outside of the EEA, we will ensure that it is treated securely, and in accordance with this privacy notice and the Legislation. We only transfer data to countries deemed as having adequate protection by the European Commission.

    Your rights

    Subject Access Request

    You may instruct us to provide you with any personal information we hold about you, via a ‘Subject Access Request’. Upon receipt of such request we will, after confirming identity, provide all relevant data we may hold to you in the most practical format unless otherwise stipulated and reasonably possible within 30 days. We will not charge you to do so, however we may charge you for duplicate copies should this be part of your request.

    Right of Rectification

    Individuals are entitled to have their personal data rectified if inaccurate or incomplete and we will respond to a rectification request within one month if not deemed complex. We will also inform related third parties where possible if the personal data was disclosed to them.

    Right of Erasure

    You have ‘The right to be forgotten’ or right to erasure if there is no compelling reason for possession and continued processing. Specific circumstances stated by the Information Commissioner Office includes:

    Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.

    • When the individual withdraws consent.
    • When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
    • The personal data was unlawfully processed (i.e. otherwise in breach of the GDPR).

    The personal data has to be erased in order to comply with a legal obligation.

    Right of Portability

    You have the right to ask us to transfer your data that you have provided in a structured, commonly used and machine - readable format and also have the right to transmit data to another controller.

    Right to withdraw consent

    You have the right to ask us to not process your data for marketing purposes.

    Right to lodge a complaint

    If you feel we have not dealt with your request satisfactory you do have the ultimate recourse to refer your complaint to the ICO (Information Commissioner Officer). You can find out more details by visiting https://ico.org.uk.

    Marketing

    Where you have provided consent, we may share personal data that you provide to us within our Group of Companies and with other companies that we establish commercial links with. They and we may contact you (by mail, e-mail, telephone, text, or other agreed means) in order to tell you about products, services or offers that we believe will be of interest to you, or to provide you with commercial updates.

    Consent

    Wherever possible, your personal data will not be obtained, held, used or disclosed unless you have given consent. We understand that "consent" means you have been fully informed of the intended processing of your personal data and have signified your acceptance.

    How long we keep your data

    Your data will not be retained for longer than is necessary, and will be managed in accordance with our data retention policy. In most cases the retention period will be for a period of six (6) years following the expiry of the insurance contract, or closure of claim, , unless we are required to retain the data for a longer period due to business, legal or regulatory requirements.

    Cookies

    What are Cookies?

    Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.

    What do we use Cookies for?

    We may use cookies to remember personal settings you have chosen at our website. In no other context do we use cookies to collect information that identifies you personally. Most of the cookies we set are automatically deleted from your computer when you leave our website or shortly afterwards.

    We use anonymous session cookies (short-term cookies that disappear when you close your browser) to help you navigate the website and make the most of the features. If you log into the website, application or a course as a registered user, your session cookie will also contain your user ID so that we can check which services you are allowed to access.

    Our web site may use SessionCam for analysis. SessionCam is a product that has been developed by SessionCam LTD. SessionCam may record mouse clicks, mouse movements, page scrolling and any text keyed into website forms. The information collected does not include bank details or any sensitive personal data. Data collected by SessionCam from Lawshield UK Ltd website is for Lawshield UK Ltd internal use only. The information collected is used to improve our website usability and is stored and used for aggregated and statistical reporting" to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.

    Should users wish to deny the use and saving of cookies from this website onto their computers hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.

    You can find further information on cookies on the link below https://ico.org.uk/for-the-public/online/cookies/

    ICO registration

    We are registered as a data controller with the information Commissioner Office (ICO) and our registration numbers are: - Z5685935.

    Data Protection Queries

    For any Data Protection queries please email dataprotection@lawshield.co.uk. and our Compliance team will respond accordingly.

    If you have any queries, please contact enquiries@velosure.co.uk.