Privacy and Security Statement 31 Jul 2017 1:41 PM

Your Privacy and Security

Introduction

This privacy policy will help you understand how we collect, use and protect your personal data. You should also show this notice to anyone else who may use our services.

 

Who we are

Rentecarlo is a trading name of the data controller EUI Limited (Registered Number 02686904).  EUI Limited is part of Admiral Group plc.

You acknowledge that by providing your personal data to us, you consent to its processing in the manners outlined below. When providing personal data about others, you confirm that you have the consent of these individuals to supply their personal data. We are unable to offer you any product or service unless you provide explicit consent for the collection and use of sensitive personal data as defined in the Data Protection Act 1998.

Data we collect

We collect personal data and sensitive personal data as part of providing services to you. We may also monitor or record calls, emails, SMS messages or other communications in accordance with UK law.

Types of data we may collect

Personal data

Examples of personal data we may collect includes:

  • Name and address, date of birth and gender
  • Telephone numbers and email address
  • Credit/debit card details

Sensitive personal data

Examples of sensitive personal data we may collect includes:

  • Driving licence details and history
  • Credit score and fraud history
  • Claims history
  • Criminal convictions etc.

Call recording and monitoring

We monitor communication on the website and mobile applications via the messaging function for:

  • Business purposes such as quality control and training
  • Processing necessary for entering into or performance of a contract
  • Prevention of unauthorised use of our telecommunication systems and websites
  • Ensuring effective systems operation
  • Meeting any legal obligation
  • Protecting your vital interests
  • Prevention or detection of crime
  • For the legitimate interests of the data controller

When data is collected

We will collect your personal data when:

  • You verify and complete your profile
  • You make a booking request
  • You make customer enquiries
  • You register a claim
  • You respond to communications or surveys
  • We require additional information from you for validation purposes

How your data is used

We will use your data for:

  • Processing your booking requests
  • Administering your account and claims handling
  • Fraud prevention and detection
  • Credit scoring or other automated decision-making systems
  • Administering debt recoveries
  • Verifying your identity when required
  • Undertaking market research, product development and statistical purposes
  • Keeping you informed about promotions and new developments by email, telephone, post, SMS and social media.
  • For assessment and analysis to enable us to review, develop and improve the services which we offer and to enable us to provide you and other customers with relevant information through our marketing programme.
  • We may use your information to make decisions about you using computerised technology to profile you, such as assessing which products might be most suitable for you.

 

Dealing with Other People

With the exception of cancellation (General Condition 4), it is our policy to deal with those named on your policy or any acceptable callers.

An acceptable caller is:

  • a Policyholder
  • Or Named Driver
  • The Owner of the vehicle

 

Claim Process

To ensure an efficient and speedy claim process we will take instruction from anybody named on the policy or any other person you have confirmed as an acceptable caller.

If you give us data about another person, in doing so you confirm that they have given you permission to provide it to us to be able to process their personal data (including any sensitive personal data) and also that you have told them who we are and what they will use their data for, as set out in this policy.

 

Marketing

Admiral Group plc will contact you from time to time by telephone, post, email, social media channels or SMS to keep you informed with news, our range of products or service.

Admiral Group plc may contact you from time to time to ask you to take part in a survey, in order to enable us to review, develop and improve our services. We use Survey Money’s website to host our surveys. In providing its services to us, Survey Monkey act as a data processor. To view Survey Monkey’s privacy statement please click here . At all times, EUI Limited will remain the data controller.

Your survey responses, including any personal data provided will only be used by Admiral Group plc for the purposes stated within this Privacy and Security statement. Personal data can include (but is not restricted to) your name, age, e-mail address. We may collect sensitive personal data, depending on the survey to which you are responding.

Marketing & your preferences

Admiral Group has various offerings and from time to time we would like to keep you informed of news, products or services, including but not limited to other automatic, insurance, legal or financial products, or other carefully selected offers or promotions which we feel may be of interest to you.

If you would like to alter your marketing preferences please email contact@rentecarlo.com write to the Marketing Department, EUI Limited, Ty Admiral, David Street, Cardiff, CF10 .

Our technology

We collect data about you through the use of technology such as cookies and device fingerprinting. Click here to view our full Cookie Policy.

Your cookie preferences

Managing,Disabling And Enabling Cookies

You have the ability to accept or decline cookies from any website by modifying the settings in your browser. If you wish to restrict or block the cookies which are set by our website, you can do this through your browser settings. For information about how to manage and disable cookies you can use the ‘Help’ function within your browser or please visit www.aboutcookies.org or www.allaboutcookies.org. However, please note that by deleting or disabling cookies this could affect the functionality of our website and you may not be able to access certain areas or features of our site.

To opt out of being tracked by Google Analytics across all websites click here.

Who has access to your data

Apart from ourselves, other companies that may have access to your data include:

  • Companies within the Admiral Group (For the purposes of this Privacy Statement, “Admiral Group” means Admiral Group plc and any company or entity in which Admiral Group plc owns more than 15% of the issued share capital. Companies in the Admiral Group shall include, without limitation, EUI Limited, Admiral Insurance Company Ltd, Admiral Insurance (Gibraltar) Ltd, Inspop.com Ltd, Able Insurance Services Ltd and any other company that is incorporated within the Admiral Group at any time in the future). A full list of our companies can be found at http://www.admiralgroup.co.uk/business/our_companies.php
  • In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party
  • Where it is necessary to deliver the products and services bought by you. For example, we may disclose your personal data to a credit card company to validate your credit card details and obtain payment. It may also be necessary for us to pass your personal data to the organisation from whom you have ordered any products or services other than your EUI Limited product, such as a personal accident cover provider, etc. At all times, EUI Limited will remain the data controller unless we inform you otherwise.

Confidentiality and disclosure of your data

We will endeavour to treat your personal data as private and confidential. From time to time we will employ agents and subcontractors to process your personal data on our behalf. The same duty of confidentiality and security will apply to them and all processing will be carried out under our instruction.

We would like to bring to your attention our obligations to disclose data in the following four exceptional cases permitted by law, and the other situations set out below. These are:

  • Where we are legally compelled to do so
  • Where there is a duty to the public to disclose
  • Where disclosure is required to protect our interest
  • Where disclosure is made at your request or with your consent

In the unfortunate event that you have to make a claim then we will need to disclose data with any other party involved in that claim. This may include:

  • Third parties involved with the claim, their insurer, solicitor or representative
  • Medical teams, the police or other investigators

If you make a complaint about the service we have provided, we may be obliged to forward details about your complaint, including your personal data, to the relevant ombudsman. You can be assured that they are similarly obliged to adhere to the Data Protection Act and keep your personal data strictly confidential.

Please note that we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering, as well as data sharing at any time for the purposes of fraud prevention. From June 2015, these checks may also include your DLN/MyLicence.

Using data obtained from your DLN, we may pass details of your ‘No Claims Bonus’ to certain organisations to be recorded on an NCB database. This nay occur if information requires updating or correcting at any stage, and also at the renewal stage of your policy and upon or after cancellation of your policy prior to the expiry date.

Use of your data for fraud prevention & detection and credit checking

Credit Reference

When you apply to us to open an account, we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering. To obtain this information, we will check the following records about you and anyone else who may also be insured and whose personal details have been provided as part of the insurance application.

  • Our own records.
  • Credit Reference Agency (CRA) records. When we search these records CRAs will place a search footprint on your credit file that may be seen by other lenders. They supply us with both public (including the electoral register), and shared credit and fraud prevention information
  • Fraud Prevention Agency (FPA) Records

We make searches about you at credit reference agencies who will supply us with information, including the Electoral Register and credit information. The agencies will record details of the search whether or not your application proceeds. The searches will not be seen or used by lenders to assess your ability to obtain credit. We may use scoring methods to assess this application and to verify your identity.

Credit searches and other information which is provided to us and/or the credit reference agencies, about you and those with whom you are linked financially, may be used by EUI Limited and other companies if you, or other members of your household, apply for other facilities including insurance applications and claims. This information may also be used for debt tracing and the prevention of money laundering as well as the management of your account. Alternatively, we may ask you to provide physical forms of identification.

We may also make periodic searches at CRAs and FPAs to manage your account with us.

Information on applications will be sent to and recorded by CRAs. When you borrow from us, we will give details of your account(s) and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks, and to trace your whereabouts and recover debts that you owe. Records remain on file for six years after they are closed, whether settled by you or defaulted.

If you give us false or inaccurate information and we suspect or identify fraud, we will record it and may also pass this information to FPAs and other organisations involved in the prevention of crime and fraud.

If you borrow from us and do not make payments that you owe us, we will trace your whereabouts and recover debts.

Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law or where permitted under the terms of the Data Protection Act 1998.

When you make a claim

If necessary we may also have to investigate your claims and conviction history in the course of administering the claim. You can be assured that we will keep such investigations strictly confidential.

In the case of motor insurance, insurers pass information to the Claims Underwriting and Exchange Register, run by Insurance Database Services (IDS) and the Motor Insurance Anti-Fraud and Theft Register, run by the Association of British Insurers (ABI). This helps insurers check information and prevent fraudulent claims. When we deal with your request for Insurance we may search these registers.

Under the conditions of your policy, you must tell us about any incident (such as an accident or theft) which may give rise to a claim. When you tell us about an incident we will pass information to the Registers.

Information relating to your insurance policy will be added to the Motor Insurance Database (“MID”) managed by the Motor Insurers’ Bureau (“MIB”). MID and the data stored on it may be used by certain statutory and/or authorised bodies including the Police, the DVLA, the DVANI, the Insurance Fraud Bureau and other bodies permitted by law for purposes not limited to but including:

  • electronic licensing
  • continuous insurance enforcement; Law enforcement (prevention, detection, apprehension and or prosecution of offenders)
  • the provision of government services and or other services aimed at reducing the level and incidence of uninsured driving

If you are involved in a road traffic accident (either in the UK, the EEA or certain other territories), insurers and or the MIB may search the MID to obtain relevant information.

Persons (including his or her appointed representatives) pursuing a claim in respect of a road traffic accident (including citizens of other countries) may also obtain relevant information which is held on the MID.

It is vital that the MID holds your correct registration number. If it is incorrectly shown on the MID you are at risk of having your vehicle seized by the Police. You can check that your correct registration number details are shown on the MID at www.askmid.com.

Financial Sanctions

We will use information about you and that of others named on the policy to ensure compliance with financial sanctions in effect in the UK and internationally. This will include the checking of your information against the HM Treasury list of financial sanctions targets as well as other publicly available sanctions lists. Your information and that of others named on policy may be shared with HM Treasury and other international regulators where appropriate. You may also be contacted in order to provide further details in order to ensure compliance with Financial Sanctions requirements.

Fraud prevention and detection notice

In order to prevent and detect fraud insurers may, at any time, share information about you with our other group companies.

If false or inaccurate information is provided and fraud is identified details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information.

We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

  • checking details on applications for credit and credit related or other facilities
  • managing credit and credit related accounts or facilities
  • recovering debt
  • checking details on proposals and claims for all types of Insurance
  • checking details of job applicants and employees

MyLicence

As part of our fraud prevention and detection measures, we may undertake searches against your (or any person included on the proposal) DLN against details held by the DVLA to confirm your licence status, entitlement and restriction information and endorsement/conviction data. This helps insurers check information to prevent fraud and reduce incidences of negligent misrepresentation and non-disclosure. A search of the DLN with the DVLA should not show a footprint against your (or another relevant person included on the proposal) driving licence.

We may exchange your details such as NCB and DLN and Claims records with insurance industry databases for the purpose of validation and financial crime prevention.

We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.

Information security

Please be aware that communications over the Internet, such as emails or webmails, are not secure unless they have been encrypted.

Your communications may route through a number of countries before being delivered – this is the nature of the Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

Request your data

You have the right to access the data we hold about you under Section 7 of the Data Protection Act 1998.

How to make a Subject Access Request

Please email quality@admiralgroup.co.uk or write to:

Head of Central Quality

Subject Access Request

Ty Admiral

David Street
Cardiff
CF10 2AA

Please provide:

  1. Your name, address, account/policy/claim number and what information you would like.
  2. Identification documents; one which shows your name and signature (e.g. a copy of your passport) and one which shows your name and address (e.g. a copy of a recent bill or bank statement or other official document). We will accept just one identification document if it shows your name, address and signature such as a copy of your driving licence. (This is to take reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.)
  3. A cheque or postal order made payable to “EUI Limited.” for £10.00 (In accordance with the Data Protection Act 1998, we are entitled to charge a fee of £10.00 to cover the administration costs.)

Please note that if your SAR involves personal data of other people or you are making a request on behalf of another (such as a parent on behalf of their child), we may need identification from these individuals, as well as a signed letter of authority from them confirming that they are happy for you to act on their behalf and for us to release their data to you.

Once we have received your written request, identification documents and fee we will have 40 calendar days to fulfil your request.

Changes to this policy

This privacy policy was last updated on 31/07/2017. We reserve the right to make changes to this policy and you will be prompted of any changed when you next visit our website.

From time to time we may need to change the way we use your personal data. Where we believe you may not reasonably expect such a change we will write to you. When we do so, you will have 60 days to object to the change but if we do not hear from you within that time you consent to that change.