The Kindertons Group is committed to protecting your privacy. This Policy applies to visitors of the The Kindertons Group websites, The Kindertons Group mobile applications or any other electronic services or applications (“Electronic Services”) offered by The Kindertons Group. The Policy also applies to anyone who accesses The Kindertons Group products and services.
References in this Policy to "The Kindertons Group" apply to all The Kindertons Group companies, which includes but is not limited to: Kindertons Accident Management Limited, Plantec Assist Ltd, Sovereign Automotive Ltd, Jigsaw Law Ltd, JP Morriss Assessors Ltd, Platinum Assist Limited and Crusader Assistance.
This Policy sets out the basis on which any personal data that The Kindertons Group collects from you or that you provide to The Kindertons Group, will be processed by The Kindertons Group. Please read the following information carefully to understand The Kindertons Group’s views and practices regarding your personal data and how The Kindertons Group will handle it.
The data controller is Kindertons Limited, a company registered in England and Wales under company registration number 3711080 and whose registered office address is at Kindertons House, Marshfield Bank, Crewe, CW2 8UY.
All details supplied by you to The Kindertons Group will be safeguarded both by this Policy and also by relevant data protection laws which include the General Data Protection Regulation and any other subsequent data protection legislation in force from time to time.
Information collected and what it is used for
The Kindertons Group may collect the following information about you:
Payment card information is collected over a secure connection and all payment transactions will be encrypted. Payment card information is used solely for the purpose of processing payment for customer damage or fines such as speeding or parking offences. The Kindertons Group retains no record of payment card details directly and uses a third party WorldPay tokenised hosted payment service compliant with the Payment Card Industry Data Security Standard (PCI DSS).
We may store your account information in our databases indefinitely following the termination of your account with us to the maximum extent permitted by law.
We will need to collect your email address to send you communications about how to access and manage your claim (available within the "Portal" section of the Website).
Information we collect if you use our Mobile Applications
If you choose to download or use our Mobile Applications, or access one of our mobile optimised sites, we may receive information about your location and your mobile device, including a unique identifier for your device. We may use this information to provide you with location-based services, such as accident location and other personalised content. Most mobile devices allow you to control or disable location services within the mobile device’s settings. If you have questions about how to disable your device's location services, we recommend you contact your mobile service carrier or the manufacturer of your particular device.
By submitting personal information to us, you are deemed to have agreed to the terms set out above regarding the use of your personal information.
What we do with your data
All the personal information we hold about you will be processed by our employees who are based in the UK. We may use data processors who are based both in and outside of the EEA for services like printing and scanning, email, and telephone services to assist us with the service we provide to you. Where we engage data processors outside of the EEA we will ensure that they work under a specified contract and the appropriate technical safeguards are in place to ensure that your data remains secure.
We take all reasonable steps to ensure that your personal data is processed securely and is kept up to date.
Where appropriate, personal information will be kept for compliance and monitoring purposes.
How long do we keep your data?
We will retain records after our business relationship has ended in accordance with our Group Data Retention Policy, after which time your data will be securely deleted.
Where data is processed solely for marketing purposes, any information we use for this purpose will be kept until you notify us that you no longer which to receive marketing information from us. More information on our Group Data Retention Policy can be found on our website.
Sensitive Personal Data
It may benefit you to notify us of any health condition or disability you have so that we are aware of these conditions and how they affect you. This will allow us to take any reasonable steps to accommodate specific needs or requirements you have when providing our services to you. This type of information is known under the law as ‘special category information’ (or ‘sensitive personal data’) and we require your explicit consent to process this information.
We will only collect this type of information with your consent. It may be necessary to share the information with third parties as part of the service we are providing to you. Where this is the case we will always discuss the disclosure with you.
Where we store your personal data
All information (except Payment Card information) you provide to The Kindertons Group is stored on The Kindertons Group's secure servers or those provided by secure third-party hosting providers who comply with information security best practices such as ISO 27001.
Once The Kindertons Group has received your information, The Kindertons Group will use strict procedures and security features try to prevent any unauthorised access.
Confidentiality and Security
We limit access to personal information about you to employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs.
We have physical, electronic, and procedural safeguards that comply with our legal responsibilities to protect personal information about you.
We take your security seriously and take reasonable steps to protect your information.
Vendors and Partners
We work with vendors and partners to protect the security and privacy of user information whilst in their control.
Employee and Contractor Access to Information
We limit access to personal information about you to those employees who we reasonably believe need to come into contact with that information to provide products or services to you or in order to do their jobs.
Education and Training for Employees
We have implemented a company-wide education and training program about security that is required of every The Kindertons Group employee.
Disclosure of your information
Under data protection legislation, you have several rights regarding the use of your personal data as follows:
You have the right to obtain confirmation from us about that we are processing your personal data, what personal data is being processed and to obtain a copy of that data free of charge.
You have the right to ask us to rectify inaccurate data or complete and incomplete personal data that we hold.
Erasure (The Right to be Forgotten)
You have the right to ask us to erase your personal data without delay in certain circumstances. If you request us to erase your personal data, then this means that our business relationship will end as we cannot provide our services without processing your data. Due to legal and regulatory obligations we will need to store your personal data in accordance with our Group Data Retention Policy but no other processing will take place.
Restriction of Processing and the Right to Object
You have the right to restrict the processing of your personal data under certain circumstances, including if you have contested its accuracy and while this is being verified by us, or if you have objected to its processing and while we are considering whether we have legitimate grounds to continue to do so.
Right of Data Portability
You have the right for certain data you have given to us to be provided to you in a structured and commonly used electronic format (for example, a Microsoft Excel file), so that you can move, copy or transfer this data easily to another data controller. You may also request that we transmit this data directly to another organisation where it is practical for us to do so.
Automated individual decision-making, including profiling
You have the right not to be subjected to a decision solely on automated processing, including profiling. The Kindertons Group do not make any decisions about you using automated methods.
How to exercise your rights
If you wish to contact us in respect of any of the Rights described above please get in touch with The Data Protection and Legal Compliance Manager, Kindertons House, Marshfield Bank, Crewe, CW2 8UY, email email@example.com We will respond to your request free of charge and usually within one month.
How to complain about the use of your data
If you wish to raise a complaint about how we have handled your personal data, including in relation to any of the rights outlined above then please contact The Data Protection and Legal Compliance Manager, Kindertons House, Marshfield Bank, Crewe, CW2 8UY, email firstname.lastname@example.org we will investigate your concerns.
If you are not satisfied with our response, or believe we are processing your data unfairly or unlawfully, you can complain to the Supervisory Authority - Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wimslow, Cheshire, SK9 5AF. You can find further information about the ICO and their complaints procedure here: https://ico.org.uk/concerns
This notice was last updated on 12/04/2018. We may change this notice by updating our website to reflect changes in the law or our privacy practices. However, we will not use your Personal Data in any new ways without your consent. Please review this notice regularly so that you are aware of any changes.