Privacy policy

Introduction

This privacy policy will help you understand how we collect, use and protect your personal data. We strongly encourage that any individual, whose personal data you provide to us, reads this Privacy Notice.

You acknowledge that by providing your personal data to us, you agree to its processing in the manners outlined below. If you provide us with personal data about others, you acknowledge that you have permission from that individual to do so and that they understand how we will process their personal data. We are unable to offer you any product or service that requires the processing of special category data, as defined in all relevant UK data protection legislation including the GDPR, Data Protection Act 2018, and PECR, unless you provide explicit consent for the collection and use of such data.

Who we are

Veygo is a trading name of the data controller Able Insurance Services Limited (registered number 02890075). Able Insurance Services Limited is part of Admiral Group plc.

Companies within Admiral Group plc:

Able Insurance Services Limited (Registered number 02890075); trading as Gladiator and Veygo
EUI Limited (Registered number 02686904); trading as Admiral, Bell, Diamond, Elephant, Veygo
Admiral Law Limited (Registered Number 08023665); trading as Admiral Law, EUI Law, Diamond Law, Elephant Law and BDE Law
Admiral Financial Services Limited (Registered number 10255225); trading as Admiral Loans and Admiral Car Finance
Admiral Financial Services Limited (Registered number 10255225); trading as Admiral Loans and Admiral Car Finance
Inspop.com Limited (Registered number 03857130); trading as Confused.com

We use the following data processors to assist in your application for, and active membership of, the Veygo platform; this includes the purchase of insurance products and communication with other members:

Stripe Payment Europe Limited (Registered number 08480771) for processing payments. To view their privacy statement please click here.
PayPal (Europe) Limited (Registered number 05468033) for processing payments. To view their privacy statement please click here.

At all times, Able Insurance Services Limited will remain the data controller.

Data we collect

In order to provide you with our services, we will need to process your personal data. We will collect the data from you, from your use of our services and from external sources (both public and private).

Types of data we may collect

PERSONAL DATA

Examples of personal data we may collect include:

Name and address, date of birth and gender
Contact details including telephone numbers and email address
Credit/debit card details in order to complete your purchase
Lifestyle and other information
Further personal details such as marital status, employment status, income information, proof of residency
Your claims history
Government identifiers such as driving licence number
Location information
Machine identifiers including your IP address
Information about how you interact with us, our websites and our services
Information about others who will be or are detailed on your policy as car owner (which you should have their permission to share)
Information on your car, some of which will be collected from external databases. For example, road tax status.

SPECIAL CATEGORY PERSONAL DATA

Examples of sensitive personal data we may collect includes:

Medical history
Claims history
Criminal convictions and county court judgements

If you provide us with personal data about another individual, you acknowledge that you have permission from that individual to do so and that they understand how we will process their personal data.

How data is collected

We will collect your personal data when:

You ask for a quote
You purchase our products and services
You verify and complete your profile
You interact with us or make customer enquiries
You register for information or other services
You register a claim
You respond to communications or surveys
We require additional information from you for validation purposes

We collect data about you through the use of technology such as cookies and device finger printing.

YOUR COOKIE PREFERENCES

Managing, Disabling and Enabling Cookies

You have the ability to accept or decline cookies from any website by modifying the settings in your browser. If you wish to restrict or block the cookies which are set by our website, you can do this through your browser settings. For information about how to manage and disable cookies you can use the ‘Help’ function within your browser or please visit www.aboutcookies.org or www.allaboutcookies.org. However, please note that by deleting or disabling cookies this could affect the functionality of our website and you may not be able to access certain areas or features of our site.

We also engage in online advertising, to keep you aware of what we’re up to and to help you see and find our services.

To opt out of being tracked by Google Analytics across all websites click here.

Click here to view our full Cookie Policy.

Driving Licence Number and MyLicence

We may collect your Driving Licence Number (DLN or MyLicence) as part of your application for insurance (in some cases, we may not be able to insure you without this information) or when you make a claim.

The number is used to do an automatic check with the DVLA driver database to retrieve required information. The required information is:

Type of licence held
Length of time the licence has been held for
Entitlement to drive
Penalty points
Convictions
Conviction dates
Disqualifications

The data provided by the DVLA may be used alongside other information you provide:

To calculate an insurance quote
For anti-fraud purposes

They will not be used for any other purpose or be made available for anyone else. Only the motor insurance industry may use this information. If you apply for a quote with us, or membership of the platform, and don’t decide to take out insurance with us or complete your registration, the data returned from the DVLA database will be anonymised or deleted no later than 30 days after receipt of that data.

Please note that under our User Agreement with the Motor Insurance Bureau, individual agents do not have access to the data returned by a DLN search and as such will not be able to discuss issues relating to your DLN with you. In these instances, we suggest checking the information associated with your DLN is correct at www.gov.uk/view-driving-licence.

For details relating to information held about you by the Driver and Vehicle Licensing Agency (DVLA) please visit www.dvla.gov.uk and www.mylicence.org.uk. To view your driving licence, visit www.gov.uk/view-driving-licence.

CALL RECORDING AND MONITORING

We monitor or record calls, emails, SMS messages or other communications for:

Business purposes such as quality control and training
Processing necessary for entering into or performance of a contract
Prevention of unauthorised use of our telecommunication systems and websites
Ensuring effective systems operation
Meeting any legal obligations
Protecting your vital interests
Prevention or detection of crime
For the legitimate interests of the data controller

Use of your data for fraud prevention & detection and credit checking.

CREDIT REFERENCE

When you apply to us to open an account, and in circumstances where an amendment to your agreement is requested, we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering. To obtain this information, we will check the following records about you and anyone else who may also be insured and whose personal details have been provided as part of the insurance application.

Our own records.
Credit Reference Agency (CRA) records. When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders. They supply us with both public (including the electoral register) and shared credit and fraud prevention information
Fraud Prevention Agency (FPA) Records

We make searches about you at credit reference agencies who will supply us with information, including the Electoral Register and credit information. The agencies will record details of the search whether or not your application proceeds. The searches will not be seen or used by lenders to assess your ability to obtain credit. We may use scoring methods to assess this application and to verify your identity.

Credit searches and other information which is provided to us and/or the credit reference agencies, about you and those with whom you are linked financially, may be used by Able Insurance Services Limited and other companies if you, or other members of your household, apply for other facilities including insurance, loans applications and claims. This information may also be used for debt tracing and the prevention of money laundering as well as the management of your account. Alternatively, we may ask you to provide physical forms of identification.

We may also make periodic searches at CRAs and FPAs to manage your account with us. Information on applications will be sent to and recorded by CRAs. Records remain on file for six years after they are closed, whether settled by you or defaulted.

If you give us false or inaccurate information and we suspect or identify fraud, we will record it and may also pass this information to FPAs and other organisations involved in the prevention of crime and fraud.

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services and financing you have requested, or to employ you, or we may stop providing existing services to you.

A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us using the details provided below.

Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law or where permitted under the terms of all relevant UK data protection legislation including the GDPR, Data Protection Act 2018, and PECR.

HOW TO FIND OUT MORE

This is a condensed guide to the use of your personal information for credit referencing. If you would like to read the full details of how your data may be used please email our Customer Services Department at contact@veygo.com, or write to us at Veygo Pricing Department, Tŷ Admiral, David Street, Cardiff, CF10 2EH.

You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.

Equifax: Credit File Advice Centre, PO Box 1140, Bradford, BD1 5US or call 0844 355 0550 or log on to www.equifax.co.uk.

Experian: Consumer Help Service, PO Box 8000, Nottingham, NG80 7WF or call 0844 481 8000 or log on to www.experian.co.uk

The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at:

www.equifax.co.uk\crain

www.experian.co.uk\crain

FRAUD PREVENTION AND DETECTION

In order to prevent and detect fraud insurers we may, at any time, share information about you with our other Group companies. The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money laundering and to verify your identity. These include CIFAS and the Insurance Fraud Bureau (more information is available at www.insurancefraudbureau.org).

If false or inaccurate information is provided and fraud is identified, you could be refused certain services, finance, or employment and details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information. This is to detect, investigate and prevent crime.

We and other organisations may also access and use this information to prevent fraud and money laundering, for example when:

checking details on applications for credit and credit related or other facilities
managing credit and credit related accounts or facilities
recovering debt
checking details on proposals and claims for all types of Insurance
checking details of job applicants and employees

As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct, or is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity. You have rights in relation to automated decision making: if you want to know more please contact us.

How we use your data

We will use your data for:

Processing your quotes
Administering your policy, including claims handling
Fraud and money laundering detection and prevention
Credit scoring or other automated decision-making
Administering debt recoveries
Verifying your identity when required
Undertaking market research, product development and statistical purposes
Keeping you informed about promotions and new developments by email, telephone, SMS, social media or post, where we are legally permitted to do so and you have not asked us to stop keeping you up to date with such information.
For assessment and analysis to enable us to review, develop and improve the services which we offer
Refining pricing models and using collected data to accurately price individuals across all our insurance and loan products
We may use your personal data to make decisions about you using computerised technology, such as profiling you for marketing.

Legitimate Interests

There are certain circumstances where we process your personal data for our legitimate business interests in order to ensure we continue to provide a great customer experience. These can be commercial or societal benefits and in order for us to process your data, we will always balance our interests against your own to ensure it is fair.

The following processes are considered legitimate interests:

Fraud detection and prevention across Admiral Group, which may include conducting checks against external databases and your social media profiles
Engaging and contacting you throughout the lifecycle of your policy to ensure you have a good experience as a Veygo customer
Setting reserves for our injury claims
Internally auditing our processes to maintain our high standards
Some of our marketing activities
Use of your quote data (whether you accepted a policy or not), data collected during the lifetime of your policy, and data collected from third parties (such as credit reference agencies) to refine our pricing and risk assessment models across all our products within the Admiral Group, to improve the accuracy of our premiums and improve the quality of our services
Refining and improving our pricing models to improve the accuracy of our prices
Sharing data with selected third parties in order to add value to our products

WHEN YOU MAKE A CLAIM

If necessary, we may also have to investigate your claims and conviction history in the course of administering the claim. You can be assured that we will keep such investigations strictly confidential.

We pass information to the Claims Underwriting and Exchange Register, run by Insurance Database Services (IDS) and the Motor Insurance Anti-Fraud and Theft Register, run by the Association of British Insurers (ABI). This helps insurers check information and prevent fraudulent claims. When we deal with your request for insurance we may search these registers.

Under the conditions of your policy, you must tell us about any incident (such as an accident or theft) which may give rise to a claim. When you tell us about an incident we will pass information to the Registers.

Information relating to your insurance policy will be added to the Motor Insurance Database (MID) managed by the Motor Insurers’ Bureau (MIB). MID and the data stored on it may be used by certain statutory and/or authorised bodies including the Police, the DVLA, the DVANI, the Insurance Fraud Bureau and other bodies permitted by law for purposes not limited to but including:

Electronic Licensing
Continuous Insurance Enforcement; Law enforcement (prevention, detection, apprehension and or prosecution of offenders
The provision of government services and or other services aimed at reducing the level and incidence of uninsured driving

If you are involved in a road traffic accident (either in the UK, the EEA or certain other territories) insurers and or the MIB may search the MID to obtain relevant information.

Persons (including his or her appointed representatives) pursuing a claim in respect of a road traffic accident (including citizens of other countries) may also obtain relevant information which is held on the MID.

It is vital that the MID holds your correct registration number. If it is incorrectly shown on the MID you are at risk of having your vehicle seized by the Police. You can check that your correct registration number details are shown on the MID at www.askmid.com, or by writing to:

Motor Insurers’ Bureau
Linford Wood House
6-12 Capital Drive
Milton Keynes
MK14 6XT

Surveys

Able Insurance Services Limited may contact you from time to time to ask you to take part in a survey, in order to enable us to review, develop and improve our services. We usually use Survey Monkey and Qualaroo to host our surveys. In providing its services to us, Survey Monkey and Qualaroo act as data processors. You can view their Privacy Policies below:

Survey Monkey: https://www.surveymonkey.co.uk/mp/legal/privacy-policy/

Qualaroo: https://qualaroo.com/privacy-policy/

At all times, we will remain the data controller. Your survey responses, including any personal data provided, will only be used by Able Insurance Services Limited for the purposes stated within this Privacy and Security statement. Personal data can include (but is not restricted to) your name, age and e-mail address. We may also collect special category personal data, depending on the survey to which you are responding.

Who has access to your data

Apart from ourselves, other companies that may have access to your data include:

Companies within the Admiral Group. (For the purposes of this Privacy Statement, “Admiral Group” means Admiral Group plc and any company or entity in which Admiral Group plc owns more than 15% of the issued share capital. Companies in the Admiral Group shall include, without limitation, EUI Limited, Admiral Insurance Services Limited, Admiral Insurance (Gibraltar) Limited, Inspop.com Limited, Able Insurance Services Limited, AFSL, and any other company that is incorporated within the Admiral Group at any time in the future). A full list of our companies can be found at Brands & Markets | Admiral Group plc
In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party.
Where it is necessary to deliver the products and services bought by you. For example, we may disclose your personal data to Stripe Payment Europe Limited and PayPal (Europe) who process payments on our behalf. It may also be necessary for us to pass your personal data to the organisation from whom you have ordered any products or services other than your Able Insurance Services Limited product, such as travel insurance or a personal accident cover provider, etc. At all times, Able Insurance Services Limited will remain the data controller unless we inform you otherwise.

There are also some circumstances where we will share your data with external companies. At all times, privacy remains paramount and we will endeavour to minimise the data shared at every opportunity.

These circumstances include:

Enriching our data sets with information from external databases in order to provide a quote. Examples of this may include checking your driving license number with the DVLA
Comparing our records with those of third parties, such as Lexis Nexis, in order to assess the validity of the data provided
Sharing with other insurers, re-insurers, brokers, and other third parties who assist us in administering your insurance contract
Servicing your claim and sharing with companies that assist us such as loss adjusters, claims administrators, our approved repairers’ network, medical professionals and any company representing third parties to the claim
Sharing with carefully selected partners in order to add value to our products
Sharing with third parties so they can provide you with surveys
Building a marketing profile to find similar customers with similar needs; and
Sharing with regulatory or public bodies such as the PRA, FCA, ICO and the Financial Services Ombudsman

Confidentiality and the disclosure of your data

We will endeavour to treat your personal data as private and confidential. From time to time we may employ agents and subcontractors to process your personal data on our behalf. The same duty of confidentiality and security will apply to them and all processing will be carried out under our instruction.

We would like to bring to your attention our obligations to disclose data in the following four exceptional cases permitted by law, and the other situations set out below. These are:

Where we are legally compelled to do so
Where there is a duty to the public to disclose
Where disclosure is required to protect our interest
Where disclosure is made at your request or with your consent

In the unfortunate event that you have to make a claim then we will need to disclose data with any other party involved in that claim. This may include:

Third parties involved with the claim, their insurer, solicitor or representative
Medical teams, the police or other investigators

If you make a complaint about the service we provide, we may be obliged to forward details about your complaint, including your personal data, to the relevant ombudsman. You can be assured that they are similarly obliged to adhere to all relevant UK data protection legislation including the GDPR, Data Protection Act 2018, and PECR and keep your personal data strictly confidential.

Please note that we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering, as well as data sharing at any time for the purposes of fraud prevention. These checks may also include your DLN/MyLicence.

Dealing with other people

With the exception of cancellation (General Condition 4) it is our policy to deal with any acceptable contacts.

An acceptable contact is:

The Policyholder
A named driver
The spouse, partner or parent of a Policyholder
Any other person or organisation that provides evidence that they have authority to act on behalf of the Policyholder and passes our data protection procedure

If you would like someone else to deal with your policy on your behalf on a regular basis, please let us know by emailing us at contact@veygo.com or, by writing to us at Veygo Customer Care, Tŷ Admiral, David Street, Cardiff, CF10 2EH.

Claim process

To ensure an efficient and speedy claim process we will take instruction from you or from any other person you have confirmed as an acceptable contact. If you would like someone else to deal with your claim on your behalf, please let us know by getting in touch with us on the contact details above.

If you give us data about another person, in doing so you confirm that they have given you permission to provide it to us to be able to process their personal data (including any special category personal data) and also that you have told them who we are and what we will use their data for, as set out in this policy.

Protecting your data

Information Security

On our websites we protect any data you have given us by providing you with a User ID and password. We also use industry standard security to encrypt sensitive data in transit to our servers.

It may be necessary to transfer your personal data to other Group companies or service providers located outside of the European Economic Area. The data protection and other laws of these countries may not be as comprehensive as those in the UK or the EEA – in these instances we will take steps to ensure that your data is given an equivalent level of protection as it is in the EEA.

The User ID and password helps us to protect your personal data. You must keep this password safe and must not disclose it to anyone. Some suspicious emails contain attachments or links to websites that try to install malicious software on your computer. If you have entered your password or credit card information on what you think might be a malicious website or replied to an e-mail with that information, you should contact your credit card company immediately. Do not forget to contact us to update your card details and request to change your password.

When you ask for a quote from us, we will process the data on a secure server. Your browser will confirm that you are in a secure area by displaying an unbroken key or lock in the bottom right hand corner of your browser window.

Many organisations use security features such as firewalls to protect their computer systems. These firewalls may prevent you from connecting to our secure server to get a quote. If you are at work and cannot connect to our web site, please speak to your IT administrator.

Please be aware that communications over the Internet, such as emails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered – this is the nature of the Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

Additionally, you can protect your system by installing anti-virus and running scans as recommended by the vendor. You should also run any security updates/patches you receive for your system from the supplier.

Never respond to unsolicited emails from unfamiliar sources. Such emails may be fraudulent and attempt to get you to provide your personal details or payment information.

How long do we keep your data

We are subject to various legislative requirements concerning retention of data, and also have our own legitimate interests in retaining your data for a period of time beyond your policy lifecycle. These include defence of any late or delayed claims and improving our products and pricing.

We will not process your personal data for longer than is necessary nor will we process it for purposes beyond what it was collected for.

Your Rights as a Customer

You have a number of rights as a data subject, which are explained below. Please note that these rights do not apply in all circumstances, but where we can we’ll give you what you want.

In order to access the data we hold about you, you need to make a ‘Subject Access Request’, or SAR.

HOW TO MAKE A SUBJECT ACCESS REQUEST

To make a SAR please email us at: Informationrightsteam@admiralgroup.co.uk or please write to:

Head of Customer Assurance
Subject Access Request
Tŷ Admiral
David Street
Cardiff CF10 2EH

Please provide:

Your name, address, policy/claim number and details of what information you would like.
Identification documents; one which shows your name and signature (e.g. a copy of your passport) and one which shows your name and address (e.g. a copy of a recent bill or bank statement or other official document). We will accept just one identification document if it shows your name, address and signature, such as a copy of your driving licence. (This is to take reasonable steps to confirm your identity before providing you with details of any personal data we may hold about you.)

Please note that if your SAR involves the personal data of other people or you are making a request on behalf of another (such as a parent on behalf of their child) we may need identification from these individuals, as well as a signed letter of authority from them confirming that they are happy for you to act on their behalf and for us to release their data to you.

Once we have received your written request and identification documents, we will have one month to fulfil your request. Where for some reason this will not be possible, for instance due to large volumes of data being involved, we are permitted by law to take up to an additional 30 days to fulfil your request. Where any such delay is anticipated we will inform of you this as soon as possible along with details of when we expect to be able to provide you with the requested documentation.

Your other rights as a data subject, where applicable, include:

The right to be informed about our processing of your personal data
The right to have your personal data corrected if it is inaccurate, and to have incomplete personal data completed
The right to object to the processing of your personal data
The right to have your personal data erased (“right to be forgotten”)
The right to move, copy, or transfer your personal data (“data portability”)
Rights regarding automated decision making, including profiling

For more details on these rights and how to exercise them, please contact: informationrightsteam@admiralgroup.co.uk

If you have any queries about your rights, or believe that they have not been met by Admiral Group plc or any of the companies within the group, please contact our Data Protection Officer at: yourinformationrights@admiralgroup.co.uk, or write to:

Data Protection Officer
Admiral Group plc
Tŷ Admiral
David Street
Cardiff CF10 2EH

If you have any complaints relating to the processing of your personal data, you also have the right to complain to the relevant Supervisor Authority. In the UK this is the Information Commissioner’s Office (ICO). They can be contacted at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Marketing

MARKETING & YOUR PREFERENCES

Able Insurance Services Limited has various offerings and from time to time we would like to keep you informed of news, products or services, including but not limited to insurance (e.g. other automotive, insurance, legal or financial products, or other carefully selected offers or promotions which we feel may be of interest to you). This could be by email, social media channels or SMS.

If you have visited our site and have selected to view a quote, we may contact you, by telephone or other means, to discuss your quote and the cover options available to you. If you would rather we did not contact you for this purpose, or would like to let us know how you prefer to be contacted (such as by email or post) or to confirm the types of products and services that would be of most interest to you, then let us know by emailing us at contact@veygo.com or by writing to us at Veygo Marketing Department, Tŷ Admiral, David Street, Cardiff, CF10 2EH.

If you would like to alter your marketing preferences, please click the unsubscribe button at the bottom of our emails or log into your Veygo account and change your notification settings. You can also update your preferences when completing a quote with us.

Changes to this policy

This privacy policy was last updated on 1st January 2021. We reserve the right to make changes to this policy and you will be prompted of any changes when you next visit our website.

From time to time we may need to change the way we use your personal data. Where we believe you may not reasonably expect such a change, we will contact you. When we do so, you will have 60 days to object to the change but if we do not hear from you within that time you consent to that change.