www.carhireexcess.insure (our site) is a website owned and operated by Twilo Investments Ltd (“we”, “us” or “our”) of 71-75 Shelton Street, London, England, WC2H 9JQ.
The terms “you,” “your,” and “yours” refer to the individuals using our site and purchasing insurance from us. We are committed to safeguarding the privacy of our site visitors; this policy sets out how we will carefully treat your personal information.
We are a “data controller” for the purposes of the Data Protection Act 1998 and (from 25 May 2018) the EU General Data Protection Regulation 2016/679 (GDPR) and any successor legislation to the GDPR or the Data Protection Act 1998 (“Data Protection Law“). This means that we are responsible for, and control the processing of, your personal information.
You can contact us in any of the following ways:
By post: 71-75 Shelton Street, London, England, WC2H 9JQ
By email: [Contact@carhireexcess.insure]
Before using our site, requesting a quote, or obtaining any insurance policies you must agree to our Terms and Conditions.
WHAT DATA DO WE COLLECT?
In order to provide you with services at your request, we will need to collect some ‘personal information’ about you. We may collect, store and use the following kinds of personal information:
- Identity Data includes first name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, email address and telephone numbers.
- Financial Data includes bank account and payment card details.
- Transaction Data includes details about payments to and from you and details of services you have purchased from us (including but not limited to personal data relating to quotes, insurance policies and claims), payment card and bank account details, credit reference and scoring information). Due to the nature of our products this may include special Categories of Personal Data about your health and other information required by the underwriter XXXXXXX, Registered in Gibraltar with a company number: XXX (“XXX”) or any other insurance provider;.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.
- Profile Data includes your username and password, bookings made by you, feedback and survey responses.
- Usage Data includes information about how you use our website and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our affiliates and your communication preferences.
USING YOUR PERSONAL INFORMATION
We may use your personal information (and may pass your personal information to xxxx and xxxxx designated third parties to enable them) to:
- administer our site;
- improve your browsing experience by personalising our site;
- enable your use of the services available on our site;
- insurance administration, e.g. communications, claims processing and payment;
- decision-making on the provision of insurance cover and where applicable payment plan eligibility;
- assistance and advice on medical and travel matters;
- management and audit of our business operations;
- send you general (non-marketing) commercial communications;
- send you email notifications which you have specifically requested;
- send to you our newsletter and other marketing communications relating to our business or the businesses of carefully-selected third parties which we think may be of interest to you where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications);
- provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
- provide customers with reports, summaries, data and information;
- deal with enquiries and complaints made by or about you relating to our site;
- invite you to review our site using a trusted third-party service;
- prevention, detection and investigation of crime, e.g. fraud and money laundering;
- establishment and defence of our legal rights; and
- legal and regulatory compliance, including compliance with laws outside the United Kingdom.
Where you submit personal information for publication on our site, we will publish and otherwise use that information in accordance with the licence you grant to us.
We are allowed to use your information in these ways and share the information as described below because:
it is necessary so that we can provide you with insurance products and services and to manage your account with us.
- We need to use some of your information to comply with legal and regulatory obligations.
- Some of our use of your information is necessary for our legitimate business interests (such as conducting market research or corporate transaction involving our business).
- You have given your consent for some forms of use. For example, in relation to using your information to send you marketing materials or newsletters. You can opt out of this at any time (Please see the ‘Marketing’ and ‘Your Rights’ sections below).
We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.
We and our affiliated business partners would like to send you information about future products or services we think may be of interest to you from time to time. We will only do so if you have expressly agreed for us to contact you in this manner.
If you have agreed, we may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
You can ask us or our affiliated business partners to stop sending you marketing messages at any time [by logging into our website and checking or unchecking relevant boxes to adjust your marketing preferences or] by following the opt-out links on any marketing message sent to you or by contacting us (link) at any time.
If you opt out of receiving marketing messages, we will still continue to contact you in relation to insurance policies you have purchased.
Subject to Your Rights below you agree that we have the right to share your personal information with:
- Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
- Selected third parties including:
- xxxxx, business partners, suppliers and sub-contractors for the performance of any contract we or they enter into with them or you;
- advertisers and advertising networks that require the data to select and serve relevant adverts to you and others;
- analytics and search engine providers that assist us in the improvement and optimisation of our site;
- credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
All our site financial transactions are handled through our payment service provider Stripe. Generally you will enter the information directly on the Stripe system but we may share information with a payment service provider only to the extent necessary for the purposes of processing payments you make via our site and dealing with queries relating to such payments.
INTERNATIONAL DATA TRANSFERS
Information which you provide may be transferred to countries which do not have data protection laws equivalent to those in force in the European Economic Area (EEA).
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see
In addition, personal information that you submit for publication on our site or via its associated third party services (for example social media) will be published on the internet and may be available, via the internet, around the world. We cannot prevent the use or misuse of such information by others.
You expressly agree to such transfers of personal information.
SECURITY OF YOUR PERSONAL INFORMATION
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Where applicable, you are responsible for keeping your password and/or user details confidential. We will not ask you for your password (except when you log into our site).
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
You have various rights in respect of the personal information we hold about you – these are set out in more detail below. If you wish to exercise any of these rights, you can do so by contacting us. Please note that you will need to provide us with evidence of your identity.
Request access to your personal information: You can ask us to give you a copy of the personal information that we hold about you.
Request correction: You can ask us to change or complete any inaccurate or incomplete personal information held about you.
Request erasure: You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.
Right to object: You can object to our processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request restriction: You can ask us to restrict our use of your personal information in the following circumstances: a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) if you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request transfer: You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
Withdraw consent: If you have given us your consent to use personal information (for example, for marketing), you can withdraw your consent at any time.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
THIRD PARTY WEBSITES
Our site contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
COOKIES AND WEB BEACONS
A cookie consists of a piece of text sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
- Strictly necessary cookies. These are cookies that are required for the operation of our site. They include, for example, cookies that enable you to log into secure areas of our site or make a purchase.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our site when they are using it. This helps us to improve the way our site works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our site. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our site, the pages you have visited and the links you have followed. We will use this information to make our site and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites, and will mean that you cannot take advantage of some of our website’s features and may not be able to participate in some projects.
When we send out our newsletters, we’ll sometimes track who opened the emails and who clicked the links. We do that to measure our newsletter’s performance and to improve our features for specific groups of customers. To do this, we use mail providers who include single pixel gifs, also called web beacons, in emails sent from us or on our behalf. Web beacons allow us or our mail providers to collect information about when you open the email, your IP address, your browser or email client type, and other similar details, which we use to improve our services.
You can see more details about the cookies we use in the appendix below.
Please let us know if the personal information which we hold about you needs to be corrected or updated by contacting us at: Contact@carhireexcess.insure.
Effective date: 28 May 2018
APPENDIX 1 – COOKIES AND PURPOSE
|adform uid & cid||Tracking behaviour on website and media channel interactions|
|If you have a Facebook account, these cookies will allow you to share content on the carhireexcess.insure site with your Facebook contacts. You will be also able to tell if you or your Facebook friends ‘Liked’ any content on the carhireexcess.insure site in the past. The cookies will also send some non personal data to Facebook to gather aggregate information on how people interact with websites that use the Like button.|