Privacy & Data Protection Policy
We are Padly Limited. Our address is Enterprise House, 21 Oxford Road, Bournemouth, Dorset, BH8 8EY. Registered with the Information Commissioner's Office No. ZA025147. Our Data Protection Officer is Richard Waters
Padly Ltd works with its partners Go Assist Ltd and BIG Warranties Ltd to provide installation and insurance products if as per our customer’s needs. Your data is shared between Padly Ltd, Go Assist Ltd and BIG Warranties Ltd for the purpose of managing your installation, repair and/or your insurance policy.
In order to carry out our services we require personal information from you, and without that information we cannot provide our services to you. We will use your personal information to contact you about our services, and to keep in communication with you about your Policy/s you have with us.
We operate under two lawful bases for processing your personal information and these are;
- in order to perform our obligations under our contract with you and;
- In accordance with our legitimate business interests in providing you with installation, repair and insurance related services and from time to time, offer additional services which we think may be of use to you.
Where we rely on our legitimate business interests as the basis for processing your personal data, we will always balance our use of that data against your rights as a customer.
We place cookies or similar technologies on the machine you use to visit our site and/or you use to make an application. This is primarily to make it easier for you to access and navigate the website. By continuing to use our website, you are giving your consent to do this. More information about cookies is set out below.
This information does not identify any individual. We may also obtain information about your general Internet usage by using a cookie file that is stored on the hard drive of your computer, which again does not identify any individual. This information is sent back to the server each time the browser requests a page from the server that enables the web server to identify and track the web browser. For more information about cookies, please visit http://www.allaboutcookies.org. Cookies enable us to improve our service to you, estimate our audience size and usage patterns, store information about your preferences and recognise you when you return to our site.
We recognise the need for appropriate protection and management of the personal and financial information you share with us and believe that our systems meet and exceed industry standards. We protect that information using secure socket layer (SSL) encryption technology. We store data in encrypted form on computers and control access via secure web pages. We use firewalls and other security packages to protect us from external attack. We also test our systems to make sure they meet these expected standards.
The need to ensure that data is kept securely means that precautions must be taken against physical loss or damage, and that both access and disclosure must be restricted.
All our staff are responsible for ensuring that:
- Any personal data which they hold is kept securely.
- Personal information is not disclosed either orally or in writing or otherwise to any unauthorised third party.
- All phone operators are required to hand their phones in at the start of each shift, and end of breaks.
- All staff are required to lock their computers whilst they’re away from their desks.
- Ensuring that customer records are updated correctly.
- Informing the Company of any changes to information which they have provided, e.g. changes of address.
- Ensuring that security is passed before disclosing personal information
Collecting Your Information
We collect information about you in two ways - directly from your online application - the personal information you submit and also information provided if you telephone us or write into us.
- You will be fully aware of the information collected about you as you are required to complete the information.
- You have the following rights in relation to the data we hold about you:
- The right to be informed about the processing of your personal data
- The right to request access to your personal data
- The right to have your personal data corrected if it’s inaccurate or completed if we hold incomplete personal data
- The right to have your personal data erased
- The right to restrict the processing of your personal data
- The right to move, copy or transfer your personal data
- The right to object to the processing of your personal data
- Rights in relation to automated decision making
In addition, we may collect information about your computer including, your IP address, operating system and browser type - for system administration and to report information to our advertisers and selected partners.
Use of Your Information – What we Process and Share
The personal data you have provided, we have collected from you, or we have received from third parties may include your:
- date of birth
- residential address and address history
- contact details such as email address and telephone numbers
- product information
- identifiers assigned to your computer or other internet connected device including your Internet Protocol (IP) address
We may share the information you submit with third parties involved in the process of providing the services you request, such as engineers/supplier, insurers, manufacturers or consumer reviews/feedback platforms.
We may also need to share the information, if it becomes necessary with
- Our advisers or auditors
- Third party debt collection agencies
- Government organisations such as our regulators, the Police
- Product Providers who provide you with an insurance Quote through us as a broker and/or price comparison website
- Finance institutions to allow us to carry out a financial transaction in respect of your policy
- Consumer feedback/review platforms
- Lead Generation support providers
In addition to the above, we may also share your information with trusted third parties to improve our product, service and customer experience in the following ways:
- To work with our business partners to improve the products and services we offer, and develop new products and services that are tailored to our customers’ needs
- To help us build and define audiences to send adverts on third party advertisers (such as Facebook and Google) based on factors like; online identifiers, age, location and interests. This is done in order to show our adverts to people whose needs and requirements are most suited to the product/service being advertised.
We have trusted relationships with these carefully selected third parties who perform services on our behalf. All service providers are bound by contract to maintain the security of your personal information.
Under the General Data Protection Regulation, we are classed as the data controller and may use data that identifies you ("your personal data") for: statistical analysis; to develop and improve our products and brand; to update your records; to identify which of our, or others' products might interest you; to assess lending and insurance risks; to identify, prevent, detect or tackle fraud, money laundering and other crime; to carry out regulatory checks; keeping you informed about your loan and for market research.
We will keep your personal data confidential and only give it to others for the purposes explained. In particular our agents and subcontractors, acting for us, to use for the purpose of providing a service.
Your personal data will not be transferred outside of the European Union unless the recipient of the data applies security and processing standards compliant with EU data protection laws.
If you get a quote from us, we’ll keep your details for up to 3 years. If you purchase a service with us we’ll keep all personal information for a minimum period of 7 years after the policy ends/or the registration date to ensure we meet our statutory and regulatory obligations, and to enable us to manage complaints and any regulatory queries put forward to us. We may keep your information for longer if we have a legitimate interest or we are required to do so by law.
At the end of the retention period, your personal information will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis, underwriting and business planning.
The personal data we hold should be accurate and kept up to date. You have the right to have your personal information:
If you identify that any of your personal information is incorrect, you will need to contact us the Data Protection Officer to let us know if you want to do this.
Contact from Padly and Third Parties
Our Communication Policy explains when we are likely to contact you. We will not sell or transfer your data to any third party unless we are required to do so legally or for insurance purposes, however should you request a claim, your name, address and contact number will be passed to our contractors, only for the purposes of providing that service.
Third Parties and third Party Links
We may receive personal data about you from various third parties as set out below:
- Search Engines e.g. Google, Bing, Yahoo
- Marketing agencies;
Our site may contain links to third party websites. If you follow a link to any of these websites, please note that these websites have their own terms and privacy policies and that we do not accept any responsibility or liability for them.
If you have any questions about other third parties who may send us your personal data, please contact the Data Protection Officer
Your Right to Complain
We are subject to UK data protection laws, which we comply with fully and to which we give the greatest respect. We are registered with the ICO and our reference number is ZA025147.
Should you feel we have mishandled your personal data, you have the right to complain to the ICO, the UK supervising authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
- Before we provide services or goods to you, we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you.
- The personal data you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and money laundering, and to verify your identity.
- Details of the personal information that will be processed, for example: name, address, date of birth, contact details, financial information, device identifiers including IP address and sometimes vehicle details.
- We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
- We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.
- If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services or goods you have requested, or to employ you, or we may stop providing existing services to you.
- A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details provided.
- Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk or if our processing reveals your behaviour to be consistent with that of known fraudsters or money launderers; or is inconsistent with your previous submissions; or you appear to have deliberately hidden your true identity. You have rights in relation to automated decision making: if you want to know more please contact us using the details provided.
Data Protection Principles
The Company fully endorses and adheres to the principles of data protection. These principles specify the legal conditions that must be satisfied in relation to obtaining, handling, processing, transportation and storage of personal data. Employees and any others who obtain, handle, process, transport and store personal data for the Company must adhere to these principles.
Rights to Access Information – Subject Access Request (SAR)
Consumers, customers, employees and other subjects of personal data held by the Company have the right to access any personal data that is being kept about them. Any person who wishes to exercise this right should make the request in writing to the Company’s Data Protection Officer. We will then respond to your request within one month of receiving it. If your request is complex in nature we may extend this period to two months in which case we will inform you.
The Company aims to comply with requests for access to personal information as quickly as possible.
Communication with clients via electronic methods must still pass data protection, by confirming at least two pieces of personal information via a registered contact method e.g. email address recorded on client policy.
All electronic documentation is to be accessed by clients via an online portal called to which they will have been supplied a username and password during application or throughout their policy.
Law Relating to this Policy
This notice is not intended to form a contract or to create any legal obligations not already contained in current legislation.
It has been prepared in line with the following legislation:
- General Data Protection Regulation 2016 (2016/679 EU)
- Data Protection Bill/Act 2018
Changes to this Document
We may change this notice and policy from time to time by porting the changed version on our website or sending it to clients and other third parties who we deal with.
This policy will apply on and from 1st December 2022