Privacy & Cookies


The protection of your personal data is important to the BNP Paribas Group, which has adopted strong common principles in relation to data protection for the entire Group and which are reflected in its Group Privacy Policy.

This Data Protection Notice provides you with detailed information relating to the protection of your personal data by:

Pinnacle Insurance plc (trading as helpucover)

Cardif Pinnacle Insurance Management Services plc (trading as Everypaw)

BNP Paribas Cardif Limited (and trading as Warranty Direct)
Registered Address:

Pinnacle House
A1 Barnet Way
Borehamwood
Hertfordshire
WD6 2XX

("we", "us", "our"). The above companies are part of BNP Paribas Cardif and the BNP Paribas Group (both "Group companies").

We are responsible for the collecting and processing of your personal data in relation to our activities. The purpose of this Data Protection Notice is to tell you which personal data we collect and process about you and why, who we share your data with and why, how long we keep it and how you can exercise your rights.

Where necessary, further information may be provided to you when you apply for, purchase, renew or make a claim in relation to a specific insurance product or service.



1. WHICH PERSONAL DATA DO WE COLLECT AND USE?

Depending on the data that is required from you for the type of insurance product or service we provide to you and to enable us to provide and improve our services, we may collect any of the following types of personal data about you including but not limited to any of the following types:

Where necessary and subject to your explicit consent, we may collect the following special categories of data for the reasons stated below:

We do not collect or process any data relating to your racial or ethnic origin, political beliefs, religious or philosophical beliefs, trade union membership, genetic data or sexual orientation unless we have a legal obligation to do so.

The personal data that we use may be collected directly from you or obtained from the following sources for the purposes of verifying or enriching our data:



2. SPECIFIC CASES OF PERSONAL DATA COLLECTION INCLUDING INDIRECT COLLECTION

In certain circumstances, we may also collect and process information about you where you have no direct relationship with us. This may happen where your personal information is provided by, for example:



3. WHY DO WE USE YOUR DATA AND WHAT FOR?

a. To comply with our legal and regulatory obligations

We use your personal data to comply with various legal and regulatory obligations, including:

b. To perform a contract with you or to take steps at your request before entering into a contract

We use your personal data to enter into and perform our contracts, including:

The above processes may include the making of automated decisions, where necessary, for the entering into or the performance of the contract.

c. To fulfil our legitimate interests

We use your personal data in order to offer and develop our insurance products and services, to improve our insurance risk management and to defend our legal rights for the following reasons:

d. Respecting your choices where we have requested your consent

In certain cases, we require your consent to process your data, for example:


4. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

For the purposes above, we only share your personal data with the following individuals or entities:


5. TRANSFERS OF PERSONAL DATA OUTSIDE THE EEA

Where we transfer your data to a country outside the European Economic Area (EEA), where the European Commission has recognised that non-EEA country as providing an adequate level of data protection, your personal data will be transferred on this basis without your specific authorisation.

For transfers to non-EEA countries whose level of protection has not been recognised as adequate by the European Commission, we will either rely on an exemption from a rule or law that is applicable to the specific situation (e.g. if the transfer is necessary to perform our contract with you) or use one of the following safeguards to ensure the protection of your personal data:

To obtain a copy of these safeguards or details on where they are available, you can send us a written request as set out in Section 9.


6. RETENTION OF YOUR PERSONAL DATA

Your personal data is retained by us in digital format for as long as we need to comply with our legal and regulatory obligations and for the defence of complaints and claims against us. This includes being able to provide evidence in the case of any legal or regulatory investigations, disputes or claims regarding the provision of our products or services to you. In the case of personal information contained in paper format, the document will be recorded in digital format and retained on our systems; the paper format will then be securely destroyed.


7. WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?

In accordance with applicable regulations, you have the following rights:

If you wish to exercise the rights listed above, please contact us using the details in Section 9 below.

In accordance with data protection legislation, in addition to your rights above, you are also entitled to make a complaint to:

The Information Commissioner's Office
Head Office:

Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Website: https://ico.org.uk/concerns
Email: casework@ico.org.uk
Tel: 0303 123 1113

Wales:
2nd Floor, Churchill House, Churchill Way, Cardiff CF10 2HH
Email: wales@ico.org.uk
Tel: 029 2067 8400

Scotland:
45 Melville Street, Edinburgh EH3 7HL
Email: scotland@ico.org.uk
Tel: 0303 123 1115

Northern Ireland:
3rd Floor, 14 Cromac Place, Belfast BT7 2JB
Email: ni@ico.org.uk
Tel: 028 9027 8757 or 0303 123 1114


8. FUTURE CHANGES TO THIS DATA PROTECTION NOTICE

In the context of constant technological evolution we may have to update this Data Protection Notice. Please check the latest version of this Data Protection Notice on our website. We will inform you of any changes through our website or through our other usual communication channels with you..


9. CONTACTING US

To exercise your rights or if you have any questions regarding our use of your personal data please contact us at:

Data Protection Correspondent
Pinnacle House, A1 Barnet Way, Borehamwood, Hertfordshire WD6 2XX
Email: data.protection@cardifpinnacle.com

So that we can answer your requests as quickly as possible, please indicate the right(s) you wish to exercise. An acknowledgement of receipt will be provided.

We are required to answer all requests within one month but we are allowed to extend this period by one further month depending on the complexity of the request. We will contact you in writing if we are unable to reply to your request within one month.

If you have a separate enquiry related to the BNP Paribas Group then you may contact the Group's Data Protection Officer at:
Jerome Caillaud - Data Protection Officer, BNP Paribas CARDIF, 8, rue du Port, 92728 Nanterre, France
Email: group_assurance_data_protection_office@bnpparibas.com


10. OUR COOKIES POLICY

Cookies are small text files stored on your computer when you visit some web sites. To use our website properly, you need to have cookies enabled. Cookies allow certain information from your web browser to be collected by us, which we use to track visitor use. They do not identify who is using the computer, just the computer being used. Cookies and other similar technology make it easier for you to use our website on future visits.

Browsers can be used to restrict, block or delete cookies. Each browser is different, so check the 'Help' menu of your particular browser (or your mobile telephone's handset manual) to learn how to change your cookie preferences. Please be aware that if you block all cookies, this website (and many others you visit) will cease to work for you.

These are the main types of cookies we use, and what we use them for:

Cookies and other connection and tracking data stored on your device are kept for a period of 13 months from their collection date.