This policy is currently under review.
1. PRIVACY STATEMENT
The Innovation Group Limited and its Group Companies (“Innovation”) manage critical incidents in the car and home on behalf of the world’s leading insurers, brokers and fleet managers, together with warranty and service plan provision for many automotive manufacturers globally. As a result of the services it provides Innovation may have a requirement to process personal information about you. Innovation is fully committed to protecting your personal information and recognises its responsibility to keep any information about you safe and secure at all times. Innovation will only process personal data in accordance with current and applicable data protection legislation (including the General Data Protection Regulation 2016 (“GDPR”)).
This privacy notice explains the following:
In order to provide our group services we may need to collect certain personal data about you. The data processed will depend on your relationship with us (such as client policy holder, third party policy holder, witness, claimant, website user, appointed representative or other person relating to our business). We may obtain personal data about you from: insurers; car dealerships (warranty); garages (repairs); contractors (property repairs); medical experts (if personal injury) or from yourself in a telephone conversation, email or letter.
Personal information collected about you and your dependants may include:
The data we collect will only be relevant to the service you require and by submitting these details to us you enable us to process your information to perform our obligations under a contract or to enable us to carry out this service for you efficiently and effectively.
We will only use your information for the purposes of the business we carry out with you or on behalf of our clients. This may include:
Personal information is stored in secured servers and storage systems. This is done within region where possible. We also use third party cloud providers to support us in providing our services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them. Each data centre has appropriate technical and operational measures in place to ensure the security of your personal data at all times.
Innovation will only share your personal information with third parties where it is necessary to enable us to provide a service to you and may include:
However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
Similarly, we may collect and use your personal information in reliance on our legitimate interests (or those of any third party).
We will take appropriate steps to ensure that your information is safe and secure at all times. This will include physical security to our offices, technical security of our IT systems and ensuring that any paperwork we hold about you is stored securely.
We will always process your personal data fairly and lawfully and for the specified purpose of our business dealings or in connection with our contractual obligations with our clients that you may be under a contract with.
We will ensure that the personal data that we hold is relevant, not excessive and will not be held any longer than is necessary and in line with Innovations retention policy. An example of the typical period of time we may hold onto your personal data is 7 years following our last dealing with you. This is in line with The Limitation Act 1980 and market practice. However, there may be times where we need to hold onto certain personal information longer. If this is the case we will ensure that we have a legitimate processing ground for this.
You have the right to request a copy of the information we hold about you under a Data Subject Access Request (“DSAR”). In order for Innovation to comply with your DSAR if we are the data controller we will provide a response to you within 30 days. If Innovation are the data processor and we are only processing your information on behalf of one of our clients under a contract, we may have to refer your request to them. They may ask for our assistance in obtaining the relevant information you have requested. We will notify you of this once we have transferred your request, or you may hear directly from the data controller if we are unable to contact you directly.
If you believe that any of the information that we hold about you is incorrect, or out of date, you have the right to request that we amend your details accordingly. We may have to ask you some security questions in order to do this and may require evidence relating to the change of details where necessary.
You have the right to be forgotten (commonly referred to as “erasure rights”). You are able to make this type of request in any manner, but we would suggest that this request is made in writing wherever possible. There may be some instances where we are unable to comply with your request, for example: if you owe Innovation money under a contract; if you have made a claim which Innovation are or have previously dealt with then we will need to hold onto your information for at least 7 years or any other length of time that has been stipulated to us when we are acting on behalf of another party you are contracted with.
You have the right to request that processing is restricted where for example you contest that the data we hold is inaccurate or where you believe the processing is unlawful. You have the right to receive personal data about you in a machine readable format and to give that data to another controller. You have the right to object to the processing of your personal data where our processing is based on legitimate interest or public interest.
You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing please email email@example.com.
Occasionally Innovation may want to use your personal data for a different purpose than it was originally provided. If Innovation want to do this we require your specific and informed consent. We may need to contact you via telephone, email or post in order to obtain your consent and if you choose not to opt in Innovation endeavour not to contact you again relating to this matter unless it is in the normal course of business.
Internet Browser: most websites collect certain analytical data to help them understand browsing habits of users. This may include collection of IP address, operating system type, geographic area of user, time of use, type of browser, pages visited and many more. This information is only used to monitor site usage levels and trends.
Cookies are text files containing small amounts of information which are downloaded to your personal computer, mobile or other device when you use a website. Cookies are then sent back to the originating website on each subsequent visit, or any other website that recognises the cookie. Cookies are used to try and improve your browsing experience by remembering your preferences, letting you navigate more efficiently and can also help to ensure that any advert you see online are more relevant to you and your interests. In order to see our full cookies policy please click here or visit https://www.innovation.group/cookie-policy.
Please note that the inclusion of a link on our websites does not imply our endorsement of that site or the policies that are contained within it.
The Board of Directors of The Innovation Group Limited (the “Board”) has overall responsibility for this notice, and for reviewing the effectiveness of actions taken in response to breaches raised under this policy.
The Board shall review this notice from a legal and operational perspective at least once a year.
This notice is designed to guide external customers and their policyholders, clients and website users with regard to what information we may collect about you during our business dealings and how and where we store your information.
This policy will also be reviewed by Group Legal on a regular basis.
In order for Innovation to deal with any breaches of this notice effectively, and should any employee, third party, client, website users and customers or their policy holders become aware of any potential or actual breach of this notice, please notify Innovation on firstname.lastname@example.org so that we may fully investigate the breach and resolve any causes found.
In respect of GDPR Innovation are data controllers when it comes to our employees, and any data where we decide the method and means of processing. For all other types of data Innovation are a data processor which means our processing of your data is controlled by a third party that you are under a contract with.
The Innovation Group contact details are:
Group Legal, The Innovation Group Limited, Yarmouth House, 1300 Parkway, Solent Business Park, Whiteley, Fareham, Hampshire, PO15 7AE.
Innovation has appointed a Data Protection Officer (DPO) who can be contacted by email at email@example.com. You have the right to lodge a complaint with the data protection supervisory authority. For Innovation the lead authority is the UK’s Information Commissioner’s Office (ICO).