PRIVACY NOTICE
This document and other associated documentation are also available in large print. If you require any of these formats, please let us know.
Contents
1. Important notice
2. How to contact us
3. How we use your personal data and the lawful basis for doing so
4. Who we pass your personal data to
5. Accessing our website and cookies
6. Closed circuit television (CCTV)
7. Telephone recording
8. Your rights
9. How we contact you about other products and services
1. Important notice
This is the privacy notice of Horizon Vehicle Management Ltd T/A Motum Insurance Services registration number: 10487129 whose registered office is at Lumaneri House Blythe Gate Blythe Valley Park Solihull West Midlands B90 8AH referred to as we, us or our in this privacy notice.
This privacy notice sets out how we collect and process your personal data. This privacy notice also provides certain information that is legally required and lists your rights in relation to your personal data.
This privacy notice relates to personal information that identifies you as a natural person (whether you are an actual or potential customer, an individual who browses our website or an individual outside our organisation with whom we interact). We refer to this information throughout this privacy notice as personal data or personal information and further detail of what this includes are set out in this privacy notice below.
The privacy and security of your personal information is very important to us so we want to assure you that your information will be properly managed and protected by us at all times. Please read this privacy notice carefully as it explains how we may collect and use your personal data.
This privacy notice may vary from time to time so please check it regularly. This privacy notice was last updated on 11/09/2023.
2. How to contact us
Controller and contact details:
For the purposes of relevant data protection legislation, we are a controller of your personal data. As a controller, we use (or process) the personal data we hold about you in accordance with this privacy notice.
If you need to contact us in connection with the use or processing of your personal data, then you can do so using our contact details as set out below.
[Data Protection Officer] / [Data Protection Representative]:
Our Data Protection Officer is Danny Flowers who you can contact at d.flowers@motum-services.com
What information we hold about you and where we obtain this from:
The personal data that we collect about you may include the following information:
· Personal data you provide to us in person, via our website or by telephone
· Personal data you provide when you enquire about insurance, or when you purchase a policy, through us, including information about what and/or who you want to insure, such as vehicle details, business activities, your home or travel details
· General information about you, such as your name, address, contact details and date of birth
· Personal data you provide if you subscribe to any of our mailing or newsletter services
· Your claims and credit history
· Financial details, such as your bank account and card details
· Criminal convictions
· Information about your use of our website such as your IP address, which is a unique number identifying your computer, including personal data gathered using cookies.
In addition, we may obtain certain special categories of your data (special categories of data) and data about criminal convictions, and this privacy notice specifically sets out how we may process these types of personal data. The special categories of data are data concerning health.
We collect your personal data from you as a controller when we obtain quotations for insurance for you, when we set up your policy for you and when we make changes to your policy for you. This may also involve the collection of data from or about others who are associated with you and your insurance policy such as other persons insured on your policies or your employees or representatives. By giving us information about someone else for the purpose of arranging insurance for them under your policy such as named driver, employee or travel companion etc. you confirm that you have their permission to do so, and that you have shared this privacy notice with them.
By asking us to arrange a contract of insurance for you where this involves passing information to us relating to children, you confirm to us that in doing so you are the responsible guardian of the child.
We also collect information from publicly available sources and third-party databases made available to the insurance industry for the purposes of reducing fraud and financial crime as well as any other third-party databases where your personal data may be held, provided such third parties have lawful bases on which to share such personal data with us.
3. How we use your personal data and the lawful basis for doing so
Where we are relying on a basis other than consent:
We may rely on one or more of the following legal bases when processing your personal data for the following purposes:
Purposes for which we process your personal data
The basis on which we can do this (this is what the law allows)
In order to perform our contractual obligations to you. This would include our fulfilling your requests for insurance services (including obtaining insurance for you, fulfilling requests for mid-term adjustments and obtaining renewals)
The processing is necessary in connection with any contract that you may enter into with us
To administer your account, including financial transactions for insurance broking
The processing is necessary in connection with any contract that you may enter into with us
To assist in the prevention and reduction of fraud and other financial crime
The processing is necessary for us to comply with the law and our legal requirements
In the interests of security and to improve our service -telephone calls you make to us may be monitored and/or recorded
The processing is necessary to pursue our legitimate interest in the management and operation of our business
To let you know about similar products and services that may be of interest to you
The processing is necessary to pursue our legitimate interest in operating our business
To make automated decisions, automated profiling and fraud detection
The processing is necessary in connection with some contracts that you may enter into with us
Special categories of data and criminal convictions:
We may also need to collect special categories of data from you such as information about your health, personal data revealing racial or ethnic origin, religious or philosophical beliefs or trade union membership and genetic data.
We may also collect information on criminal convictions which we may share with third parties. The lawful basis on which we can do this is the processing is necessary for reasons of substantial public interest relating to insurance purposes.
Insurance purposes mean (a) advising on, arranging, underwriting or administering an insurance contract (b) administering a claim under an insurance contract or (c) exercising a right or complying with an obligation, arising in connection with an insurance contract, including a right or obligation arising under an enactment or a rule of law.
4. Who we pass your personal data to
We may need to pass your personal data to other companies which may include:
The information you share with us may be transferred by us or any of the types of firms or organisations we have noted above, to other countries in order for processing to take place, including locations outside of the UK. We will only do so if there are adequate levels of protection in place as required by applicable data protection laws.
5. Accessing our website and cookies
When you visit one of our websites, we may collect information from you such as your email address, IP address (a unique address that identifies a device on the internet or a local network) and other online identifiers. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit.
We may use third parties to collate IP addresses to help us understand our Internet traffic data and data regarding your browser type and computer. We may also use web usage information to create statistical data regarding the use of our website. We may then use or disclose that statistical data to others for marketing and strategic development purposes, but no individuals will be identified in such statistical data.
We may use cookies and/or pixel tags on some pages of our website. A cookie is a small text file sent to your computer, mobile phone or tablet depending on the device used to access our website. A pixel tag is an invisible tag placed on certain pages of our website, but not on your computer. Pixel tags usually work together with cookies to help us to give you a more tailored service.
We may also use cookies and pixel tags in our email communication to personalise the email and track whether the email has been opened and whether the recipient has used any website links contained in the email communication. This allows us to monitor and improve our email communications and website. Useful information about cookies, including how to remove them, can be found at https://allaboutcookies.org.
Internet browsers normally accept cookies by default, although it's possible to set a browser to reject cookies. However, refusing to accept cookies may restrict your use of our website and/or delay or affect the way in which our website operates. You can find more information on cookies when you visit our website.
The open nature of the internet is such that data may flow over networks without security measures and may be accessed and used by people other than those for whom the data is intended. While this is outside of our control, we do take the protection of your information very seriously and aim to apply appropriate levels of security at all times.
6. Closed circuit television (CCTV)
Where CCTV is used, we have identified and documented the potential impact on individuals’ privacy and have taken this into account when installing and operating the CCTV system. We regularly review whether CCTV is still the best security solution.
We will clearly inform individuals of our use of CCTV, and we only retain recorded CCTV images for long enough to allow for any incident to come to light (for example, for a theft to be noticed) and to investigate it.
We will respond to individuals or organisations making requests for copies of their images on our CCTV footage and will seek prompt advice from the Information Commissioner where there is any uncertainty. We securely store CCTV images, limit access to authorised individuals, and regularly check that the CCTV system is working correctly.
We have a nominated individual who is responsible for the operation of the CCTV system.
7. Telephone recording
Where telephone conversations are recorded, we will inform you of this at the beginning of the call together with our reasons for doing so and any objections should be raised immediately.
Telephone recordings will be stored securely for no longer than necessary and you have the right to request a copy where this is still available. The call recordings will only be passed to third parties where we have a legal right or legal obligation to do so.
Payment card data is protected in accordance with the Payment Card Industry Data Security Standard (PCI DSS) and our system prevents us from recording Sensitive Authentication Data (SAD) or where this is not possible, is immediately deleted after card authorisation.
8. Your rights
We will only store your data for as long as is necessary to comply with the requirements of your insurance contract(s) and any legal obligations or lawful processing conditions that may exist as a result.
You have a number of rights concerning the personal information we use, which you may ask us to observe. In some cases, even when you make a request concerning your personal information, we may not be required, or be able to carry out your request as this may result in us not being able to fulfil our legal and regulatory obligations under the lawful processing conditions under which we hold your data or because there is a minimum statutory period of time for which we have to keep your information. If this is the case, we'll let you know our reasons.
You can ask us to:
If you have any questions or concerns about this privacy notice or your data protection rights, please contact us using our details set out at the beginning of this privacy notice.
You also have the right to make an enquiry or to complain to the Information Commissioner’s Office (ICO) if you are unhappy with our use of your data, or if you think we have breached a legal requirement. Further details about the ICO are available at https://ico.org.uk.
9. How we contact you about other products and services
We may from time to time process your personal data to let you know about similar products and services that may be of interest to you. This is because we value your custom, and we pride ourselves in offering professional and tailored advice which meets your specific insurance needs. This includes keeping you informed on the latest insurance and industry information and details of any offers or promotions relating to the insurance services we provide to you.
Our lawful basis for processing your personal data in this way is necessary to pursue the legitimate interests of our business unless we have otherwise obtained your consent to do so.
We may contact you by post, telephone or e-mail. You will be given the option to stop receiving any communications from us in this regard at any time, however, please note that this will not affect us contacting you about the servicing of products that you have specifically requested from us.
GOOGLE ANALYTICS
Google Analytics is a service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyse how users use our website and our mobile site. The information generated by these cookies (including your truncated IP address) is transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your, and other users’, use of our website. Compiling reports for us on website activity and providing other services relating to website activity and internet usage. The Google Analytics advertising features we use, and the insights they provide are:
AdWords Remarketing — uses behaviour, demographic, and interest data to identify users who are likely to convert, and then allows you to target those users with remarketing campaigns through Google Ads
Demographics and Interests Reporting — provides insight into the age, gender, and purchase interests of users, which you can use to better target your advertisements
Google Display Network (GDN) Impression Reporting — measures the impact of unclicked GDN Display ad impressions on conversions and site behaviour
Please note that Google receives your truncated IP address. This is sufficient for Google to identify (approximately) the country from which you are visiting our sites or accessing our website but is not sufficient to identify you, or your computer or mobile device, individually. You can find more information here, including a link to Google’s privacy policy.
To opt-out of analysis by Google Analytics on our website and other websites, please visit http://tools.google.com/dlpage/gaoptout.
INTERNATIONAL TRANSFERS
We do not transfer data outside of the United Kingdom (UK) or European Economic Area (EEA). Personal Data shared with third-party operational providers, required for the provision and operation of our services (as described within Recipients of Personal Data), may transfer personal data outside of the UK and EEA. Should this be the case, the international transfer will be made in accordance with an adequacy decision or subject to appropriate and documented safeguards.
YOUR RIGHTS
Your right to access
The right of access, commonly referred to as subject access, gives individuals the right to obtain a copy of their personal data as well as other supplementary information. It helps you to understand how and why we are using your data, and to check we are using it lawfully.
Your right to rectification
You have the right to have inaccurate personal data rectified. You may also be able to have incomplete personal data completed – although this will depend on the purposes for the processing. This may involve providing a supplementary statement to the incomplete data.
Your right to erasure
Under certain circumstances, you have the right to have personal data erased. Also known as ‘The right to be forgotten’. The right is not absolute.
Your right to restrict processing
Under certain circumstances, you have the right to request the restriction or suppression of your personal data, and as like the right to erasure, it is not absolute. Restriction of processing means we are permitted to store your personal data; we are unable to use it.
Your right to data portability
You have the right to obtain and reuse your personal data for your own purposes across different services. This eases the copying or transferring of personal data easily from one IT environment to another, safely and securely, without affecting the usability of the data.
Your right to object
Under certain circumstances you have the right to object to the processing of your personal data, however, you do have the absolute right to object to direct marketing.
Your right to be informed
You have the right to be informed about the collection and use of your personal data. Your right to be informed forms part of this policy, and provides the purposes for processing your data, our retention periods and who it will be shared with.
THE RIGHT TO LODGE A COMPLAINT WITH THE SUPERVISORY AUTHORITY
In the context of your personal data, You have the right to lodge a complaint to the supervisory authority, the Information Commissioner’s Office (ICO). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. If you would like to make a complaint, see our complaint policy here.
THE RIGHT TO WITHDRAW CONSENT AT ANY TIME, WHERE RELEVANT
To withdraw consent please see the contact information detailed within this Policy. Should consent be withdrawn for a particular purpose that we are relying on that consent to perform, we may be unable to provide you with our services or may be unable to tailor our services to your needs which may subsequently impact the service we provide.
Should you wish to unsubscribe from any marketing methods, you may do so by selecting the ‘unsubscribe’ link or by contacting us using the contact information described within this Policy.
DATA RETENTION
HOW LONG WILL WE HOLD YOUR PERSONAL DATA?
We will only retain your personal data for as long as is necessary to fulfil our obligations under the provision of our service as well as any purposes necessary to satisfy any legal, accounting or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk, of harm of unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, including applicable legal requirements.
Details of retention periods for different aspects of your personal data are available upon request. By law, we have to keep certain information about our customers and this data will be held solely and securely for those legal purposes.
SUBJECT ACCESS REQUESTS
You have the right to access your personal information, also known as a Subject Access Request (SAR). This means you are entitled to obtain the following information about yourself:
- Confirmation that we are processing their personal data;
- A copy of their personal data; and
- Other supplementary information;
A third party may make a request on your behalf. We will require evidence from the third party as to evidence this entitlement. This may take the form of a written authority or be a more general power of attorney.
HOW DO WE PROVIDE YOU WITH THE DATA YOU HAVE REQUESTED?
If you make a request electronically (via electronic means), we will provide the information in a commonly used electronic format unless you have specified otherwise. Please note, we may extend the time to respond by a further two months if the request is complex or you have made multiple requests. As you have the right to be informed, we will always ensure you are notified within one month of receiving the request, accompanied by an explanation.
We must act on your subject access request without undue delay and at the latest within one month of receipt. This is calculated as beginning from the day following receipt of the request until the corresponding calendar data the following month. We may request your identity to satisfy the request, however, this will be proportionate to the request itself and if we have doubts of the authenticity of identification.
WILL IT COST YOU ANYTHING?
For the vast majority of requests, we cannot charge you a fee. Where the request is manifestly unfounded or excessive, we may charge a reasonable fee to cover the administrative costs of complying with the request. This also applies in the event that you request further additional copies of data following your initial request. This will again be charged as an administrative cost.
COOKIES
A cookie is a small file of letters and numbers that is downloaded on to your computer when you visit a website. Cookies are used by many websites and can do a number of things such as remembering your preferences, recording what you have put in your shopping basket, and counting the volume of people accessing the website. We do use cookies. For more information on our use of cookies, please see our Cookie Policy.
LINKS TO OTHER WEBSITES
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
CHANGES TO OUR PRIVACY POLICY
Any changes to our privacy policy in the future will be posted to our sites and, where appropriate, through e-mail notification. This privacy policy was last updated 11TH September 2023
Motum Insurance Services is a trading name of Horizon Vehicle Management Ltd. Horizon Vehicle Management Ltd is authorised and regulated by the Financial Conduct Authority (Firm Reference Number 929035) in respect of insurance distribution . You can check our status on the Financial Services Register at https://register.fca.org.uk/s/. Registered Office in England at our address Suite 4, New Humberstone House Suite 4, New Humberstone House, 40 Thurmaston Lane, Leicester, England, LE5 0TE. We are registered in England and Wales (registration number is 10487129. We are registered with the ICO (registration number ZA218450).
It is our intention to provide you with the highest possible level of customer service at all times. However we recognise that things can go wrong on occasion and if this occurs we are committed to resolving matters promptly and fairly. Should you not be satisfied with our final response, you may be entitled to refer the matter to the Financial Ombudsman Service (FOS). More information is available on request or on their website, www.financial-ombudsman.org.uk.
Horizon Vehicle Management Ltd T/A Motum Insurance Services