Privacy policy
Business Ethical Policy : View Document
Cookies Policy : View Document
Corporate Social Responsibility Policy Statement : View Document
Privacy Policy : View Document
Website Terms of Use : View Document
Please note that Best4 operates a strict zero tolerance verbal abuse policy when dealing with customers. Best4 reserves the right to immediately cancel the customers cover, without any refund, in any situation where a customer delivers verbal abuse or threats in any medium, that are directed against a member of our staff and or the business including sexual harassment in any form.
Your rights, your information and what you need to know.
Autoguard Group is the formation of Autoguard Warranties, Best4, Fleetband, Sentience Automotive Solutions, and Warranty Administration Services.
Introduction
Your privacy is important to us, and we want you to understand what we do with your information and that we are committed to protecting your personal information.
This privacy policy contains important information about how we at Autoguard Group, and all our associated names, collect your personal information, what we do with that information, who we may share it with and why, and your rights regarding the personal information we have about you.
We may need to make changes to our Privacy Policy from time to time and we reserve the right to do that without notice. Please check our website if you want to stay up to date with any changes we may have made. If we make significant changes regarding where your data will be processed, we will contact you to let you know.
We will always comply with the applicable data protection law when dealing with your personal data. Further details on the GDPR can be found at the website for the Information Commissioner (www.ico.gov.uk). For the purposes of the GDPR, we will be: the ‘Data Processor’ of all personal data we hold about you in respect of the administration of an and all products held under Autoguard Group and its associated names and the ‘Data Controller’ of all personal data we hold about you in respect of any recovery products and/or services (if applicable), as well as staff, supplier and any other data streams we have. Please note that it is your responsibility to check and ensure all information, content, material, or data you provide to us is correct, complete and accurate.
As we take your privacy very seriously, the following principles underpin our approach to protecting and respecting your personal information:
1) We value the trust that you place in us by giving us your personal information. We will always use your personal information in a way that is fair, lawful, and transparent.
2) The information that is collected is only done so for specified, explicit and legitimate purposes and not further processed in a way that is incompatible with those purposes.
3) We will provide clear information about how we use your personal information.
4) We will take all reasonable steps to protect your information from misuse and keep it secure.
5) We will take all reasonable steps to ensure any information we hold is accurate and kept up to date.
6) We will not keep your information for longer than necessary.
7) We will comply with all applicable data protection laws and regulations, and we will co-operate with data protection authorities.
This Privacy Policy applies to the personal information of our Website Users, Customers, Suppliers, Staff and other people who we may contact.
Autoguard Warranties Ltd is an ICO registered organisation (the ICO use this term to include all data controllers, including sole traders and companies) under the ref: Z2865565.
Warranty Administration Services is an ICO registered organisation (the ICO use this term to include all data controllers, including sole traders and companies) under the ref: Z6598820.
How To Contact Us
If you have any questions about our privacy policy or the information we collect or use about you, please contact:
FAO Data Protection Team
Autoguard Warranties Ltd
Building 5
Archipelago Office Park
Lyon Way, Camberley
GU16 7ER
Or
FAO Data Protection Team
Warranty Administration Services Limited Otago House
Crofton Road Lincoln
LN3 4NL
Email: [email protected]
Tel: 01522 515603
OUR PRIVACY POLICY RELATING TO WEB USERS
1. Website Users Privacy Notice
For clarity it should be noted that Autoguard Group act as ‘Data Controller’ for the data collected from our web sites. Please see our Terms of Use policy under www.autoguardwarranties.com/website-terms-of-use/.
What personal information do we collect and process?
We collect a limited amount of information from our website users which may include:
• Information about how you use our websites*
• The frequency with which you access our websites*
• The location you view our website from (IP Addresses)*
• Any information you provide us with when you contact us via a web chat function, such as name and email address
*Please note: this is statistical data about our users’ browsing actions and patterns and does not identify any individual, and the above list of personal data categories is not exhaustive.
1.1 How do we collect personal information?
We only collect personal information to enable us to fulfil a request for further information that you may require. This information consists of:
• Your name / postcode
• Your business name / type of business
• Your telephone number
• Your e-mail address
1.1.1 Personal Data that we collect automatically.
When you visit our websites, there is a certain amount of information we collect as detailed in section 1.1. This information is automatically collected whether you use our services or not.
This data is collected by our servers and via cookies, in line with cookie settings in your browser. Please see our cookies policy for more information: www.autoguardwarranties.com/cookies-policy/
1.2 How do we use your personal data?
The limited information we collect from website users is used to help us improve your experience when using our websites and to help us manage the products and services we provide.
We do not link personally identifiable information to IP addresses, but we can and will use IP addresses to identify a user where we feel it is necessary to enforce compliance with this Privacy Policy and our website terms of use, to protect our site users, to comply with applicable laws and to trace a computer in cases of misuse or unlawful actions in connections with visits to or use of the websites.
1.3 Who do we share your information with?
We can confirm that we will never pass on or sell personal details to other parties for any purposes. And we are committed to keeping your personal information safe and secure.
1.4 Why do we process your personal data?
We will only collect and use your personal information in accordance with applicable and most up-to-date data protection laws including General Data Protection Regulation (GDPR). We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Our grounds for processing your personal information include:
1.4.1 Consent
Where necessary we will only collect and process your personal information if you have given your consent for us to do so, for example, we will only send you certain marketing information if we have your consent.
1.4.2 Legitimate Interests
We may use and process some of your personal information where we have sensible and legitimate business grounds for doing so. Under European privacy laws there is a concept of “legitimate interests” as a justification for processing your personal information. Our legitimate interests for processing your personal information may include:
• to enable you to access and use our products and services
• to communicate with you about the products and services you receive from us. We need to keep you informed about your use of the products and services, for example sending you a confirmation email of any renewals or documents. This won’t include marketing communications unless you have given us your consent to receive these
• because it is necessary to provide the product or service you have requested
• processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment
1.4.3 Performance of a Contract
The use of your personal information may be necessary to perform a contract/Policy or other that you have with us. If you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
1.4.4 Legal Obligation
The use of your personal information is necessary for us to meet our legal or regulatory obligations including the purposes of performing or exercising obligations or rights of the employer or employee under employment law.
1.4.5 Substantial Public interest
Processing is necessary for reasons of substantial public interest on the basis of applicable law.
1.5 How do we safeguard your personal data?
Your personal data is very important to us, and we take information and system security very seriously; we strive to comply with our obligations at all times. In order to safeguard personal data, we have implemented accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorised alteration or destruction, this includes measures to deal with any suspected data breach and includes any information that is collected, recorded and used in any way, whether on paper, online or any other medium.
We do our best to keep the information you disclose to us secure so, where appropriate, our sites use HTTPS, however, it is understood that any information you provide us with over the internet can never be guaranteed to be 100% secure. Certain information, for example, your payment details, are encrypted to minimise the risk of interception during transit, and for any payments we take from you online we will use a recognised online secure payment system.
You may, where applicable, complete a registration process when using our websites, which may include the creation of a username or password. Any such details should be kept confidential by you and should not be disclosed or shared with anyone. If you do disclose this information, you are solely responsible for all activities undertaken on the site where they are used. To protect your account, we ask that you create a strong password, that is lengthy and includes a mixture of alphabetical and numerical and special characters. Your password can only be reset with access to the email address registered on our system.
By using our websites, you accept the inherent risks of providing information online.
1.6 How long do we keep your data for?
We will keep your personal information on our systems for no longer than is necessary after the expiry of any product or service supplied by us.
We may keep statistical information but only where required to meet our reporting obligations. The length of time that we retain statistical information for these reasons will vary depending on the obligations we need to meet.
We securely destroy all financial information once we have used it and no longer need it.
1.7 What are your Individual rights?
Data protection law including General Data Protection Regulation (GDPR) sets out several rights that you have in relation to how we use your information. If you would like to invoke your rights please contact us and we will seek to deal with your request without undue delay, and in accordance with applicable laws. Please note that we may keep a record of your communication to help us resolve any issues you may raise.
1.7.1 Your Rights
Subject to certain limitations on certain rights, your individual rights are:
1.7.1.1 Right to be informed
You have the right to receive clear and easy to understand information about the personal information we have, why we have it and who we may share it with – this is detailed in this Privacy Policy.
1.7.1.2 Right to withdraw consent
Where we have obtained your consent to process your personal data for certain activities or consent to market to you, you may withdraw your consent at any time. You can withdraw your consent by contacting us and we will respond to your request without undue delay. Withdrawal will not affect the lawfulness of processing based solely on your consent before the withdrawal.
1.7.1.3 Right of access
You have the right of access to your personal information and supplementary information at any time, this will allow you to be aware of and verify the lawfulness of processing.
If you do wish to receive a copy of the personal information we hold about you, you may make a Data Subject Access Request (DSAR). This must be made in writing to our addresses, and at this point we may comply with your request or do one of the following:
• We may ask you to verify your identity or ask for more information about your request; and
• Where we are legally permitted to do so, we may decline your request. If your request is declined, we will provide you with the reasons why
1.7.1.4 Right to rectification
If the personal information is inaccurate or incomplete, you have the right to request that this is corrected.
1.7.1.5 Right to request erasure
You can ask for your information to be deleted or removed in certain situations. There may be occasions where we will not agree with your request and if your request is declined, we will provide you with the reasons why.
This is also known as ‘the right be forgotten’.
1.7.1.6 Right to restrict processing
You can ask that we block or suppress the processing of your personal information for certain reasons.
1.7.1.7 Right to data portability
If you wish, you have the right to transfer your data from us to another data controller. In certain circumstances, you may move, copy or transfer personal data easily from one IT environment to another in a safe and secure way.
1.7.1.8 Right to object
You can object to us processing your personal information where it’s based on our legitimate interests, and you do not agree with such legitimacy, for direct marketing and if we were using it for scientific/historical research and statistics.
1.7.1.9 Rights related to automatic decision making including profiling.
You have the right to ask us to:
• Give you information about the processing of your personal information
• Request human intervention or challenge a decision where processing is done solely by automated processes
• Carry out regular checks to make sure that our automated decision making, and profiling processes are working as they should
1.7.2 Fees
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
1.7.3 What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
1.7.4 Response time
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
1.8 Complaints
If you are not satisfied with the way any request, you make in relation to your personal information is handled by us then you have the right to refer your complaint to the relevant data protection regulator which in the UK is the Information Commissioner’s Office:
Information Commissioner’s Office
Information Commissioner’s Office,
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
https://ico.org.uk/concerns/
0303 123 1113
This Privacy Policy shall be governed and construed in all respects in accordance with the laws of England.
Other Parties
Autoguard Group and its associated name use the services of other parties for dealing with certain processes necessary for the operation of the business, website, and marketing methods.
These Parties include but are not exhaustive to:
MailChimp (email service provider)
Hubspot (CRM Platform)
Webequator Ltd (Website Developer)
Financial and Legal (Insurance partner- current)
Bastion Insurance Company Limited (Insurance partner - previous)
UK General Limited (Insurance partner - previous)
Call Assist (Roadside assistance partner)
Adobe Creative Cloud (Cloud-based file storage)
Trustpilot (Consumer feedback platform)
Voyc AI (Compliance monitoring, cloud-based system)
Any data used by such parties is used only to the extent required by them to perform the services that we request. Any use for other purposes is strictly prohibited. Furthermore, any data that is processed by third parties will be processed within the terms of this privacy policy, the GDPR Compliance Contract and in accordance with the Data Protection Act.
*For a full list of our third parties as of April 2024 please contact us at our address - this includes all parties within the Autoguard Group*
OUR PRIVACY POLICY RELATING TO OUR SUPPLIERS ONLY
2. Suppliers
For clarity it should be noted that Autoguard Group act as ‘Data Controller’ for the administration of data held on our suppliers.
2.1 What personal information do we collect and process?
Depending on the relevant circumstances and applicable laws and requirements, we may collect some or all of the following personal information:
• Publicly available information about your organisation such as address, contact information, directors’ information
• General identification and contact information of certain members of the organisations – this includes your name, address, telephone numbers and email addresses
• Names and contact information of applicable contact persons at your organisation.
• Your credit rating information
• Payment information
• Information provided during your contact with us during the course of phone calls (these may be recorded), emails and letters
• To the extent that you access our website we will also collect certain data from you. Please see Section 1 for more information
Please note: the above list of personal data categories is not exhaustive.
2.2 How do we collect personal information?
We collect and maintain different types of personal information in respect of those individuals who seek to be, are, or were suppliers of us, this information will be collected in a number of ways:
2.2.1 Personal Data that we receive directly from you
We may collect personal information directly from you, from a variety of sources such as:
• Where you contact us proactively, usually by phone, email or letter to discuss your products / services with us
• Where we contact you either by phone or email
2.2.2 Personal Data that we receive from other sources
We may use publicly available sources to confirm your information, for example, the Information Commissioners Office and Companies House.
In the course of our due diligence and where applicable we may also obtain information from third party agencies, for example, credit reference agencies, The Disclosure and Barring Service and financial sanctions registers.
2.2.3 Personal Data that we collect automatically
When you visit our websites, there is a certain amount of information we collect as detailed in Section 1.
This data is collected by our servers and via cookies, in line with cookie settings in your browser. Please see our cookies policy for more information.
Information about you will also be collected automatically by CCTV on the premises when you visit (Various UK Locations).
2.3 How do we use your personal data?
We may use the information we collect about you for a number of reasons, including:
• Determining your suitability as a supplier by conducting due diligence.
• To store (and update when necessary) your details on our database, so that we can contact you in relation to our agreements.
• To obtain support and services from you.
• To arrange payment for any products and services you provide.
• Ensuring safe working practices.
• It is necessary for us to meet and comply with our regulatory and legal obligations.
• Carrying out our obligations arising from any contracts entered into between us.
• Monitoring and reviewing your compliance to your obligations arising from any contracts entered into between us.
• For our own management information purposes including managing our business operations such as maintaining accounting records, analysis of financial results, internal audit requirements and receiving professional advice (e.g. tax or legal advice).
• Internal Record Keeping - Telephone recordings are used to verify content and may be used together with staff records for regulatory compliance, quality control and staff training, preventing or detecting criminal activity and for complaint resolution.
• Any other reasons required for the operational processes of the business.
• In more unusual circumstances, we may use your personal data to help us to establish, exercise or defend legal claims.
2.4 Who do we share your information with?
We can confirm that we will never pass on or sell personal details to other parties for any purposes. And we are committed to keeping your personal information safe and secure.
2.5 Why do we process your personal data?
We will only collect and use your personal information in accordance with applicable data protection laws including General Data Protection Regulation (GDPR). We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Our grounds for processing your personal information include:
2.5.1 Consent
Where necessary we will only collect and process your personal information if you have given your consent for us to do so, for example, we will only send you certain marketing information if we have your consent.
2.5.2 Legitimate Interests
We may use and process some of your personal information where we have sensible and legitimate business grounds for doing so. Under European privacy laws there is a concept of ‘legitimate interests’ as a justification for processing your personal information. Our legitimate interests for processing your personal information may include:
• To enable you to access and use our products and services
• To communicate with you about the products and services you receive from us. We need to keep you informed about your use of the products and services, for example sending you a confirmation email of any renewals or documents. This won’t include marketing communications unless you have given us your consent to receive these
• Because it is necessary to provide the product or service you have requested
• Processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment
2.5.3 Performance of a Contract
The use of your personal information may be necessary to perform a contract/policy or other that you have with us. If you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
2.5.4 Legal Obligation
The use of your personal information is necessary for us to meet our legal or regulatory obligations including the purposes of performing or exercising obligations or rights of the employer or employee under UK employment law.
2.5.5 Substantial Public interest
Processing is necessary for reasons of substantial public interest on the basis of applicable law.
2.6 How do we safeguard your personal data?
Your personal data is very important to us, and we take information and system security very seriously; we strive to comply with our obligations at all times. In order to safeguard personal data, we have implemented accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorised alteration or destruction, this includes measures to deal with any suspected data breach and includes any information that is collected, recorded and used in any way, whether on paper, online or any other medium.
We do our best to keep the information you disclose to us secure so, where appropriate, our sites use HTTPS, however, it is understood that any information you provide us with over the internet can never be guaranteed to be 100% secure. Certain information, for example, your payment details, are encrypted to minimise the risk of interception during transit, and for any payments we take from you online we will use a recognised online secure payment system.
You may complete a registration process when using our websites, which may include the creation of a username or password. Any such details should be kept confidential by you and should not be disclosed or shared with anyone. If you do disclose this information, you are solely responsible for all activities undertaken on the site where they are used. To protect your account, we ask that you create a strong password, that is lengthy and includes a mixture of alphabetical and numerical/special characters. Your password can only be reset with access to the email address registered on our system.
By using our websites, you accept the inherent risks of providing information online.
2.7 How long do we keep your data for?
We will keep your personal information on our systems for no longer than is necessary after the expiry of any product or service supplied to us.
We may keep statistical information but only where required to meet our reporting obligations. The length of time that we retain statistical information for these reasons will vary depending on the obligations we need to meet.
We securely destroy all financial information once we have used it and no longer need it.
2.8 What are your Individual rights?
Data protection law sets out several rights that you have in relation to how we use your information. If you would like to invoke your rights please contact us and we will seek to deal with your request without undue delay, and in accordance with applicable laws. Please note that we may keep a record of your communication to help us resolve any issues you may raise.
2.8.1 Your Rights
Subject to certain limitations on certain rights, your individual rights are:
2.8.1.1 Right to be informed
You have the right to receive clear and easy to understand information about the personal information we have, why we have it and who we may share it with – this is detailed in this Privacy Policy.
2.8.1.2 Right to withdraw consent
Where we have obtained your consent to process your personal data for certain activities or consent to market to you, you may withdraw your consent at any time. You can withdraw your consent by contacting us and we will respond to your request without undue delay. Withdrawal will not affect the lawfulness of processing based solely on your consent before the withdrawal.
2.8.1.3 Right of access
You have the right of access to your personal information and supplementary information at any time, this will allow you to be aware of and verify the lawfulness of processing.
If you do wish to receive a copy of the personal information we hold about you, you may make a Data Subject Access Request (DSAR). This must be made in writing to our address, and at this point we may comply with your request or do one of the following:
• We may ask you to verify your identity or ask for more information about your request; and
• Where we are legally permitted to do so, we may decline your request If your request is declined, we will provide you with the reasons why
2.8.1.4 Right to rectification
If the personal information is inaccurate or incomplete, you have the right to request that this is corrected.
2.8.1.5 Right to request erasure
You can ask for your information to be deleted or removed in certain situations. There may be occasions where we will not agree with your request and if your request is declined, we will provide you with the reasons why.
This is also known as ‘the right be forgotten’.
2.8.1.6 Right to restrict processing
You can ask that we block or suppress the processing of your personal information for certain reasons.
2.8.1.7 Right to data portability
If you wish, you have the right to transfer your data from us to another data controller. In certain circumstances, you may move, copy or transfer personal data easily from one IT environment to another in a safe and secure way.
2.8.1.8 Right to object
You can object to us processing your personal information where it’s based on our legitimate interests, and you do not agree with such legitimacy, for direct marketing and if we were using it for scientific/historical research and statistics.
2.8.1.9 Rights related to automatic decision making including profiling
You have the right to ask us to:
• Give you information about the processing of your personal information.
• Request human intervention or challenge a decision where processing is done solely by automated processes.
• Carry out regular checks to make sure that our automated decision making, and profiling processes are working as they should.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
2.8.2 What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
2.8.3 Response time
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
2.9 Complaints
If you are not satisfied with the way any request, you make in relation to your personal information is handled by us then you have the right to refer your complaint to the relevant data protection regulator which in the UK is the Information Commissioner’s Office.
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
https://ico.org.uk/concerns/
0303 123 1113
This Privacy Policy shall be governed and construed in all respects in accordance with the laws of England.
3. Mobile App Users Privacy Notice
3.1 Information We Collect
Our app may collect the following types of information:
• Personal Information (such as name, email, or phone number) only if you voluntarily provide it.
• Usage Data (such as device type, operating system, and app interaction data) to help us improve app performance and user experience.
• Location Data if you grant permission, for features that require it.
3.2 How We Use Information
We use the collected information to:
• Provide and improve app functionality.
• Communicate important updates or support information.
• Analyse trends and app usage to enhance performance.
• Comply with legal and regulatory requirements.
3.3 Data Sharing
We do not sell or rent your personal information. Data may only be shared with:
• Service providers who help us operate the app (e.g., analytics, crash reporting).
• Authorities, if required by law.
3.4 Your Choices
You can:
• Control app permissions through your device settings (e.g., location, notifications).
• Request access, correction, or deletion of your personal data by contacting us.
