Privacy and Security Statement 27 Apr 2017 8:26 AM

Introduction

This privacy policy will help you understand how Rentecarlo collect, use and protect your personal data. You should also show this notice to anyone else who may use our services.

For the purposes of the Data Protection Act 1998, the data controller for personal data provided through the website is Rentecarlo (UK) Limited.  Once you are a member or an applicant for membership, your information may be provided directly to our insurance provider and the Data Controller for such data will be EUI Limited (part of the Admiral Group plc).

For more detailed information about how EUI Ltd use your information you can view the online Privacy Policy by visiting www.admiral.com.

You acknowledge that by providing your personal data to us, you consent to its processing in the manners outlined below. When providing personal data about others, you confirm that you have the consent of these individuals to supply their personal data. We are unable to offer you any product or service unless you provide explicit consent for the collection and use of sensitive personal data as defined in the Data Protection Act 1998.

Data we collect

We collect personal data and sensitive personal data as part of providing services to you. We may also monitor or record calls, emails, SMS messages or other communications in accordance with UK law.

 

Personal data

Examples of personal data we may collect includes:

  • Name and address, date of birth and gender
  • Telephone numbers and email address
  • Credit/debit card details

 

Sensitive personal data

Examples of sensitive personal data we may collect includes:

  • Driving licence details and history
  • Credit score and fraud history  
  • Claims history
  • Criminal convictions etc.

 

Call recording and monitoring

We monitor communication on the website and mobile applications via the messaging function for:

  • Business purposes such as quality control and training
  • Processing necessary for entering into or performance of a contract
  • Prevention of unauthorised use of our telecommunication systems and websites
  • Ensuring effective systems operation
  • Meeting any legal obligation
  • Protecting your vital interests
  • Prevention or detection of crime

 

When data is collected

We will collect your personal data when:

  • You verify and complete your profile
  • You make a booking request
  • You make customer enquiries
  • You register a claim
  • You respond to communications or surveys
  • We require additional information from you for validation purposes

 

How your data is used

We will use your data for:

  • Processing your booking requests
  • Administering your claims handling
  • Fraud prevention and detection
  • Credit scoring or other automated decision-making systems
  • Administering debt recoveries
  • Verifying your identity when required
  • Undertaking market research, product development and statistical purposes
  • For assessment and analysis to enable us to review, develop and improve the services which we offer and to enable us to provide you and other customers with relevant information through our marketing programme.

 

Dealing with Other People

With the exception of cancellation (General Condition 4), it is our policy to deal with those named on your policy or any acceptable callers.

An acceptable caller is:

  • a Policyholder
  • Or Named Driver

If you would like someone else to deal with your policy on your behalf on a regular basis please let us know.

 

Claim Process

To ensure an efficient and speedy claim process we will take instruction from anybody named on the policy or any other person you have confirmed as an acceptable caller. All claims are administered by EUI Ltd.

If you give EUI Ltd data about another person, in doing so you confirm that they have given you permission to provide it to EUI Ltd to be able to process their personal data (including any sensitive personal data) and also that you have told them who Admiral Group are and what they will use their data for, as set out in this policy.

 

Who has access to your data

Apart from ourselves, other companies that may have access to your data include:

  • Companies within the Admiral Group (For the purposes of this Privacy Statement, “Admiral Group” means Admiral Group plc and any company or entity in which Admiral Group plc owns more than 15% of the issued share capital. Companies in the Admiral Group shall include, without limitation, EUI Limited, Admiral Insurance Company Ltd, Admiral Insurance (Gibraltar) Ltd, Inspop.com Ltd, Able Insurance Services Ltd and any other company that is incorporated within the Admiral Group at any time in the future). A full list of our companies can be found at http://www.admiralgroup.co.uk/business/our_companies.php
  • In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party
  • Where it is necessary to deliver the products and services bought by you. For example, we may disclose your personal data to a credit card company to validate your credit card details and obtain payment. It may also be necessary for us to pass your personal data to the organisation from whom you have ordered any products or services other than your EUI Limited insurance product, such as a travel insurance or a personal accident cover provider, etc. At all times, EUI Limited will remain the data controller unless we inform you otherwise.

 

Confidentiality and disclosure of your data

We will endeavour to treat your personal data as private and confidential. From time to time we will employ agents and subcontractors to process your personal data on our behalf. The same duty of confidentiality and security will apply to them and all processing will be carried out under our instruction.

We would like to bring to your attention our obligations to disclose data in the following four exceptional cases permitted by law, and the other situations set out below. These are:

  • Where we are legally compelled to do so
  • Where there is a duty to the public to disclose
  • Where disclosure is required to protect our interest
  • Where disclosure is made at your request or with your consent

In the unfortunate event that you have to make a claim then we will need to disclose data with any other party involved in that claim. This may include:

  • Third parties involved with the claim, their insurer, solicitor or representative
  • Medical teams, the police or other investigators

If you make a complaint about the service we have provided, we may be obliged to forward details about your complaint, including your personal data, to the relevant ombudsman. You can be assured that they are similarly obliged to adhere to the Data Protection Act and keep your personal data strictly confidential.

 

Credit Reference

When you apply to us to open an account, we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering. To obtain this information, we will check the following records about you and anyone else who may also be insured and whose personal details have been provided as part of the insurance application.

  •    Our own records.
  •    Credit Reference Agency (CRA) records. When we search these records CRAs will place a search footprint on your credit file that may be seen by other lenders. They supply us with both public (including the electoral register), and shared credit and fraud prevention information
  •    Fraud Prevention Agency (FPA) Records

We make searches about you at credit reference agencies who will supply us with information, including the Electoral Register and credit information. The agencies will record details of the search whether or not your application proceeds. The searches will not be seen or used by lenders to assess your ability to obtain credit. We may use scoring methods to assess this application and to verify your identity.

Credit searches and other information which is provided to us and/or the credit reference agencies, about you and those with whom you are linked financially, may be used by EUI Limited and other companies if you, or other members of your household, apply for other facilities including insurance applications and claims. This information may also be used for debt tracing and the prevention of money laundering as well as the management of your account. Alternatively, we may ask you to provide physical forms of identification.

We may also make periodic searches at CRAs and FPAs to manage your account with us.

Information on applications will be sent to and recorded by CRAs. When you borrow from us, we will give details of your account(s) and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks, and to trace your whereabouts and recover debts that you owe. Records remain on file for six years after they are closed, whether settled by you or defaulted.

If you give us false or inaccurate information and we suspect or identify fraud, we will record it and may also pass this information to FPAs and other organisations involved in the prevention of crime and fraud.

If you borrow from us and do not make payments that you owe us, we will trace your whereabouts and recover debts.

Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law or where permitted under the terms of the Data Protection Act 1998.

 

When you make a claim

If necessary we may also have to investigate your claims and conviction history in the course of administering the claim. You can be assured that we will keep such investigations strictly confidential.

In the case of motor insurance, insurers pass information to the Claims Underwriting and Exchange Register, run by Insurance Database Services (IDS) and the Motor Insurance Anti-Fraud and Theft Register, run by the Association of British Insurers (ABI). This helps insurers check information and prevent fraudulent claims. When we deal with your request for Insurance we may search these registers.

Under the conditions of your policy, you must tell us about any incident (such as an accident or theft) which may give rise to a claim. When you tell us about an incident we will pass information to the Registers.

Information relating to your insurance policy will be added to the Motor Insurance Database (“MID”) managed by the Motor Insurers’ Bureau (“MIB”). MID and the data stored on it may be used by certain statutory and/or authorised bodies including the Police, the DVLA, the DVANI, the Insurance Fraud Bureau and other bodies permitted by law for purposes not limited to but including:

  • electronic licensing
  • continuous insurance enforcement; Law enforcement (prevention, detection, apprehension and or prosecution of offenders)
  • the provision of government services and or other services aimed at reducing the level and incidence of uninsured driving

If you are involved in a road traffic accident (either in the UK, the EEA or certain other territories), insurers and or the MIB may search the MID to obtain relevant information.

Persons (including his or her appointed representatives) pursuing a claim in respect of a road traffic accident (including citizens of other countries) may also obtain relevant information which is held on the MID.

It is vital that the MID holds your correct registration number. If it is incorrectly shown on the MID you are at risk of having your vehicle seized by the Police. You can check that your correct registration number details are shown on the MID at www.askmid.com.

 

Financial Sanctions

We will use information about you and that of others named on policy to ensure compliance with financial sanctions in effect in the UK and internationally. This will include the checking of your information against the HM Treasury list of financial sanctions targets as well as other publically available sanctions lists. Your information and that of others named on policy may be shared with HM Treasury and other international regulators where appropriate. You may also be contacted in order to provide further details in order to ensure compliance with Financial Sanctions requirements.

 

Fraud prevention and detection notice

In order to prevent and detect fraud insurers may, at any time share information about you with our other group companies.

If false or inaccurate information is provided and fraud is identified details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information.

We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

  • checking details on applications for credit and credit related or other facilities
  • managing credit and credit related accounts or facilities
  • recovering debt
  • checking details on proposals and claims for all types of Insurance
  • checking details of job applicants and employees

We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.

 

Use of Intercom Services

We use third-party analytics services to help understand your usage of our services. In particular, we provide a limited amount of your information (such as your email address and sign-up date) to Intercom, Inc. (“Intercom”) and utilize Intercom to collect data for analytics purposes when you visit our website or use our product. Intercom analyzes your use of our website and/or product and tracks our relationship so that we can improve our service to you. We may also use Intercom as a medium for communications, either through email, or through messages within our product(s). As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience. For more information on the privacy practices of Intercom, please visit http://docs.intercom.io/privacy. Intercom’s services are governed by Intercom’s terms of use which can be found at http://docs.intercom.io/terms. If you would like to opt out of having this information collected by or submitted to Intercom, please contact us.

 

Information security

Please be aware that communications over the Internet, such as emails or webmails, are not secure unless they have been encrypted.

Your communications may route through a number of countries before being delivered – this is the nature of the Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

 

Request your data

You have the right to access the data we hold about you under Section 7 of the Data Protection Act 1998.

 

You can email quality@admiralgroup.co.uk or write to:

 

Head of Central Quality

Ty Admiral

David Street
Cardiff
CF10 2AA


For copies of the information Admiral holds, please visit their website: http://www.admiral.com/

 

Please provide:

  1. Your name, address, policy/claim number and what information you would like.
  2. Two forms of identification such as a copy of a driving licence, passport, or document containing your signature, and a copy of a recent utility bill that confirms your address. (This is to take reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.)
  3. A cheque made payable to “EUI Ltd.” for £10. (In accordance with the Data Protection Act 1998, we are entitled to charge £10 to cover the administration costs.)

Please note that if your SAR involves personal data of other people (such as named drivers on your policy) or you are making a request on behalf of another (such as a parent on behalf of their child), we will need identification from these individuals, as well as a signed letter of authority from them that they are happy for you to act on their behalf and for us to release their data to you.

 

Changes to this policy

This privacy policy was last updated on 19th May 2016. We reserve the right to make changes to this policy and you will be prompted of any changes when you next visit our website.

From time to time we may need to change the way we use your personal data. Where we believe you may not reasonably expect such a change we will write to you. When we do so, you will have 60 days to object to the change but if we do not hear from you within that time you consent to that change.