We respect your privacy and are committed to protecting your personal data. The purpose of this Privacy Policy is to explain how we may use any data we collect about you, how you can instruct us if you prefer to limit the use of that data and for us to tell you about the policies and procedures that we have in place to respect your privacy.
We acknowledge and agree that we will safeguard your personal data in line with the Data Protection Act 2018.
Please read this Privacy Policy carefully to understand how we handle your data.
1. Who we are and what we do
Flock Limited is an Insurance Business who distributes commercial insurance products. Flock is a trading style of Flock Limited registered address 6th Floor One, London Wall, London, United Kingdom, EC2Y 5EB (ICO Data Protection Registration Number ZA263304) (“Flock”, “we”, “us“, "our”).
2. Information collection
2.1 When you contact us for a quotation we use your data for the purpose of providing a quotation and to administer your policy.
We collect Personally Identifiable data on you and potentially your employees. Predominantly this information is used in order to carry out our contract with you to arrange and manage your insurance policy. Note that in order to perform this contract Flock uses your personal data to make automated decisions. Additionally, we will use it for statistical and analytical purposes in order to improve our products and services.
What we collect | Why we collect it | Our Lawful Reason | How long we keep it for |
Information you directly provide to us for a quote i.e information about drivers, vehicle registration numbers and telematics data which includes speed, mileage, start location, end location, harsh events, time spent above the speed limit and forward facing camera footage that is made available to Flock. This continues throughout your policy period for any amendments, cancellations and renewals. | To understand the level of risk you represent and price your quote correctly. We also use this to search publicly available fraud databases. This Information will also be included in an anonymised aggregated database we can analyse and improve our question sets and pricing models for the benefit of our customers. | Performance of a contract. Article 6b. | The duration of your policy and for 10 years after termination of the contract. |
Data about you or anyone insured to drive on your policy with regards to motoring offences and convictions. Information you provide about anyone other than yourself will be processed on the basis you have obtained their explicit consent. | To understand the level of risk you and/or any named drivers represent, assist with decisions about the provision and administration of insurance and to price your quote correctly. | Performance of a contract. Article 6b. | The duration of your policy and for 10 years after termination of the contract. |
Details of any reported and actual claims including, but not limited to, cause of loss, value of total loss and total loss insured. | This will go into our anonymous data set to improve our products, services and pricing model. | Legitimate interests. Article 6f. Legal obligation. Article 6c. | 7 years after claim settlement after which time it will be pseudonymised. |
Correspondence between you and Flock including conversations on our chat function, via email and on the telephone. | To better assist you and other customers and to provide flexible ways in which customers can contact us. | Performance of a contract. Article 6b. | The duration of your policy and for 10 years after termination of the contract. |
Recording of telephone calls between you and Flock | Training and quality purposes | Legitimate interest. Article 6f. | The duration of your policy and for 10 years after termination of the contract. |
Recording of telephone calls between you and Flock | Compliance Monitoring | Performance of a contract. Article 6b. | The duration of your policy and for 10 years after termination of the contract. |
Sanctions lists and fraud detection databases | Prevention of money-laundering, fraud and illegal activities. | Legal obligation.Article 6c. | Indefinitely. |
Pages visited, browser type and settings, cookies, and similar tracking information. | To calculate anonymous, aggregate statistics and to improve the features and usability of our website. | Legitimate Interests.Article 6f. | We would keep this information as per our retention policy after which it will be pseudonymised. |
The Personal Identifiable Data information you give us include, but is not limited to:
2.2 Each time you use Flock’s website, we may automatically collect any of the following information: technical information, hardware device model, operating system, platform and device ID, browser information.
2.3 Information we receive from other sources. We will receive information about you if you use any of the other websites or apps we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with other data we collect through the website. We work closely with third parties (including, for example, DVLA, advertising networks, analytics and search information providers, software providers and hardware manufacturers) and may receive information about you from them.
2.4 IP addresses and event-tracking data. An IP address is a number which is automatically assigned to your mobile device or computer whenever you access the Internet. When you access our website, we log your IP address and can identify you from it. Event-tracking data is information collected by us when you navigate the website, for example, the specific sections of the website you looked at, the order you looked at them and the time of your use. We collect this information using the third-party services, Pendo and Google Analytics.
2.5 Aggregated data. We may collect and aggregate on an anonymous basis information about you, your spending and your use of the website with information about other users of the website in order to identify trends ("Aggregated Data"). Aggregated Data will not contain information from which you may be personally identified.
3. How we use your data
3.1 All data that we obtain about you will be used in accordance with current data protection legislation and this Privacy Policy. We, or third parties acting on our behalf, will collect, use and store your data listed above for the following reasons:
- to process your registrations and allow you to access and use the Website;
- to verify your identity for security purposes;
- to provide you with the information and services that you request from us, including accessing real-time risk analytics and geo-located data;
- to process your insurance transactions (including claims) and policy requests to enable us to quote insurance for you;
- to price insurance and identify different pricing models that are tailored to your profile and vehicle usage;
- to ensure the security of our services and website;
- with your express consent only, we may also use your data to send you information about related products or services that may be of interest to you;
- to contact you regarding administrative matters or notices or to deal with any enquiries made by you, to resolve disputes and to troubleshoot problems;
- to provide guidance on how to use the website;
- to inform you of new features within our website;
- to improve our risk models and algorithms;
- to track and improve our ability to serve our existing customers and acquire new customers; and
- to improve the website and other services we provide.
3.2 We may track data about how you navigate the website to analyse usage and how visitors navigate the website. This allows us to manage the website and to see what content is most popular.
3.3 We may pass Aggregated Data to the third parties referred to in the section below, such as partners, to give them a better understanding of our business and to bring you a better service**.**
3.4 In processing your data as discussed in this Privacy Policy, we consider this processing is necessary to provide you with our service and sell you valid insurance contracts. Where this may not apply, processing is necessary for our Legitimate Interests in providing the website and ensuring they operate in a commercially suitable way which is tailored to your use and interests. In some cases, this processing is also subject to your consent (which can be withdrawn at any time, as described below).
3.5 Where you have given your consent for us to use your information in a particular way, but later change your mind, please use the unsubscribe link found in any marketing communications or by emailing us at support@flockcover.com
4. Disclosure of your data to third parties
4.1 If you obtain a quote or purchase an insurance product or service, your personal data may be shared with Insurers including where they use your data if you make a claim.
4.2 We may also share your data with the following categories of third parties, including:
- our employees, your broker (where applicable), service providers, sub-contractors and agents to administer your account and the products and services provided to you by us now or in the future, including but not limited to our payment processors;
- analytics providers that assist us in the improvement and optimisation of our website; and
- our distribution partners, which includes software developers, hardware developers and any other company that distributes, advertises or recommends insurance policies on our behalf.
4.3 Except for insurers and our Principal (for more information on how these companies are regulated, please look at our FAQ here), any third parties with whom we share your data are limited (by law and by contract) in their ability to use your data for any purpose other than to provide services for us. We will always ensure that any third parties with whom we share your data are subject to privacy and security obligations consistent with this Privacy Policy and applicable laws.
4.4 We may also disclose your data to third parties:
- if we sell or buy any business or assets, we may disclose your data to the prospective seller or buyer of such business or assets;
- if we, or substantially all of our assets, are acquired by a third party, your data held by us may be one of the transferred assets;
- if we are under a duty to disclose or share your data in order to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity;
- if we are contacted by the police, a regulatory authority or any government body, we may disclose whether you are an insured driver/policy holder and provide details of any specific trip you or an employee have made in a connected vehicle;
- in order to enforce or apply our Terms of Use or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; or
- to protect the rights, property, or safety of us, our customers or other persons. This may include exchanging information with other organisations for the purposes of fraud protection and credit risk reduction.
4.5 Except as detailed above, we will never share, sell or rent any of your data to any third party without notifying you and/or obtaining your consent.
4.6 We work in partnership with the Motor Insurers’ Bureau (MIB) and associated not-for-profit companies who provide several services on behalf of the insurance industry. At every stage of your insurance journey, the MIB will be processing your personal information and more details about this can be found via their website: mib.org.uk. Set out below are brief details of the sorts of activity the MIB undertake:
- Checking your driving licence number against the DVLA driver database to obtain driving licence data (including driving conviction data) to help calculate your insurance quote and prevent fraud
- Checking your ‘No Claims Bonus’ entitlement and claims history
- Prevent, detect and investigate fraud and other crime, including, by carrying out fraud checks
- Maintaining databases of:
- Insured vehicles (Motor Insurance & Policy Data or Motor Insurance Database)
- Vehicles which are stolen or not legally permitted on the road (Vehicle Salvage & Theft Data or MIAFTR)
- Motor, personal injury and home claims (CUE)
- Employers’ Liability Insurance Policies (Employers’ Liability Database)
- Managing insurance claims relating to untraced and uninsured drivers in the UK and abroad
- Working with law enforcement to prevent uninsured vehicles being used on the roads
- Supporting insurance claims processes
5. Optional and Future Services.
5.1 There are optional services which you may choose to sign up to. The information required will vary for each service which is offered. This section explains the information we collect for each service, and how we may use it. These uses are in addition to the uses described in sections 3 and 4 of this Privacy Policy.
5.2 Remember, if you consent to receive texts from us, your mobile network may impose a charge on incoming texts. Please check with your mobile network provider for details.
6. Retention of information
We retain your data for as long as you use the website, any other services we provide to you to which your data is relevant and then as required to comply with applicable laws for 10 years.
7. Transfers of information
7.1 Your data may be transferred to, and stored in the United States or another location outside of the European Economic Area.
7.2 In particular, your data may also be processed by staff operating in the United States or outside the EEA working for us or third party data processors. Such staff may be engaged in, among other things, the provision of our services to you, the processing of transactions and/or the provision of support services.
7.3 Some of these countries do not have laws that protect your privacy rights as extensively as those in the United Kingdom. However, if we do transfer your data to other territories, we will take proper steps, the security procedures we use are described in section 9, to ensure that your data is properly protected and processed only in accordance with this Privacy Policy.
7.4 By providing us with your data, you acknowledge that such transfer, storage and processing of your data may take place.
8. Your rights
8.1 You may contact us by email at support@flockcover.com at any time, to request that we:
- update any of your data which is out of date or incorrect;
- delete any of your data which we are holding;
- restrict the way that we process your data;
- provide your data to a third-party provider of services;
- provide you with a copy of your data which we hold about you; or
- review an automated decision such as calculating a policy price.
8.2 Your request must include your:
- Name;
- Email address;
- Postal address
We may also request proof of your identity.
8.3 Please allow at least seven working days for us to process requests.
8.4 Without limiting the above, you have the right to ask us to not process your data for marketing purposes. By submitting an interest in our products, we identify a legitimate interest in contacting you at reasonable intervals with relevant information. You can exercise your right to prevent such processing by informing us by email at support@flockcover.com at any time.
8.5 If you have previously given your consent to the use of your data for marketing purposes, you can choose to stop receiving marketing communications which we send to you from time to time by following the unsubscribe instructions included in such communications. Alternatively, you can opt-out of such communications at any time by contacting us by email at support@flockcover.com.
9. How do we protect your data?
We use industry-standard efforts to safeguard the security and confidentiality of your data. These methods include but are not limited to:
a) Encrypting all messages in transit via HTTPS;
b) Separate security and business concerns to ensure resilience (Three Legged Auth);
c) Encrypting all user credentials using industry standard algorithms (RSA 256);
d) Preventing unauthorised data access by isolating data;
e) Preventing malicious traffic with firewalls;
f) We have a company policy of secure passwords and 2FA to sensitive information/services; and
g) We take nightly backups of our data which we clear out every 30 days. This protects our customers against data loss.
Although we make every effort to protect your data, the transmission of data over the internet is not completely secure. As such, you acknowledge and accept that we cannot guarantee the security of your transmitted data, and that any such transmission is at your own risk.
10. Links to other websites or apps
The website may contain links to other websites or apps. We are only responsible for the privacy practices and security of our website. We are not responsible for the privacy policies, content or security of any linked websites or apps. We recommend that you check the privacy and security policies of each and every website. We do not endorse or otherwise accept any responsibility or liability for the content of such third-party websites or apps or third party terms and conditions or policies.
11. Notification of changes to the Privacy Policy
We reserve the right to change this Privacy Policy from time to time. We will notify our users whenever changes are made and all changes will be posted on this page so that we can keep you informed of our information collection practices. However, we encourage users to be responsible about their privacy and recommend that you consult this page frequently so that you are aware of our latest policy and can update your preferences if necessary. Your continued use of this website shall constitute that you have read and understood the revised privacy policy.
12. Contact Us
If you have any comments or questions about this Privacy Policy, the practices of this website, your dealings with this website, please forward them to support@flockcover.com or contact us via our support line.
If you are located in the EEA, you may also make a complaint to a supervisory body for data protection matters in the country in which you are based. In the UK, this would be the UK Information Commissioner's Office (https://ico.org.uk/).
Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
The practices described in this privacy policy statement are our current privacy policies and procedures as of 9/8/2023.