In taking out an insurance policy through Abacai Technologies Limited (trading as boom), you have supplied us with your personal information, and this Privacy Notice explains how we will use it. In this Privacy Notice, “we”, “us” and “our” refers to Abacai Technologies Limited.
When we say, “you” and “Your” in this notice, we mean anyone whose personal information we may collect, including:
Anyone seeking an insurance quote from us or whose details are provided during the quotation process
Policyholders and anyone named on or covered by the policy
Anyone who may benefit from or be directly involved in the policy or a claim, including claimants and witnesses.
Who are ‘we’?
boom is a trading name of Abacai Technologies Limited who are the intermediary not your insurer and you can find us on the FCA register (www.fca.org.uk/register, number: 953258). Abacai Technologies Limited is an Appointed Representative of Complete Cover Group Limited and you can find them on the Financial Services Register (www.fca.org.uk/register, number: 309611). You can also find us through Companies House as registered in England & Wales, our number: 13147398 and our registered office is: Axiom House The Centre 4th Floor Feltham Middlesex TW13 4AU.
Abacai Technologies Limited is an Appointed Representative of Complete Cover Group Limited who are the Principal, which means Complete Cover Group are responsible for our regulated activities, offering their guidance and oversight. Complete Cover Group are authorised and regulated by the Financial Conduct Authority and you can find them on the Financial Services Register (www.fca.org.uk/register, number: 309611). Their company is registered in England & Wales, number 03578103 and their registered office is at Axiom House The Centre 4th Floor Feltham Middlesex TW13 4AU.
When providing personal information about others, you confirm that you have the consent of these individuals to supply their personal information. We are unable to offer you any product or service unless you provide explicit consent for the collection and use of sensitive personal data as defined in data protection laws. You have the right to withdraw consent at any time (see ‘Your Rights’). This may limit or terminate the contract of insurance that you arranged through us. Due to legal obligations with road traffic laws and regulatory requirements, we may not be able to remove your personal information.
How we use your information
Before we provide services, goods or financing to you, we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you. Your information includes personal details that you provided to us or your insurer, which is then used in a number of ways to process your insurance application, administer your insurance policy or any subsequent claim that you may make. The processing of the information you provide is necessary for the performance of the contract, including:
Performing vehicle and licence checks and validating information provided to us;
Maintaining and updating your policy record;
Administering your policy including handling claims;
The renewal of your policy;
Processing any claim that you or someone else makes;
Understanding our customer’s needs and requirements;
Analysing and research of products and services provided in the Group;
To inform you about and promote products (marketing)
Analysing the premium, and terms and conditions we offer where automated decision making applies;
Performing credit checks and validating information provided to us;
Dealing with complaints;
Preventing financial crime to meet our legal obligations.
Prospective buyers or purchasers in the event Abacai Technologies Limited wishes to sell all or part of its business.
Where we process special categories of data (including data relating to health or criminal convictions), we will do this on the basis that it is necessary for the performance of your insurance contract and for reasons of substantial public interest.
Automating decision making, including profiling
We may use profiling and automated decision making, to; assess insurance risks, detect fraud, and administer your policy. As part of the processing of your personal data, ‘accept’ or ‘decline’ decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if:
our processing reveals your behaviour to be consistent with that of known fraudsters or money launderers; or is inconsistent with your previous submissions; or
you appear to have deliberately hidden your true identity.
This helps us decide whether to offer you insurance, determine prices and validate claims. If you disagree with the outcome of an automated decision please contact us and we will review the decision.
We also use computer systems to carry out modelling. Sometimes using your personal information and sometimes using data in anonymised form. We conduct this modelling for a variety of reasons, for example, for risk assessment purposes to make decisions about you, such as your likelihood to claim.
However, we may also use your personal information in that modelling to make decisions about how we improve and develop our products and services, or our pricing, or to better understand how our prospective customers make decisions about which policy is the optimal policy (i.e. we are not making decisions directly about you).
Consequences of processing
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services, goods or financing you have requested, or to employ you, or we may stop providing existing services to you.
A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details above.
What personal information we collect
We collect the following types of personal information about you so we can complete the activities explained in “How we use your information:”
Basic personal details such as; name, age, address and gender
Family, lifestyle and social circumstances, such as; marital status, dependants and employment type
Financial details such as; direct debit or payment card information and other information to assess your financial status.
Photographs and/or video to help us manage policies and assess claims
Tracking and location information if it is relevant to your policy or claims and in some cases surveillance reports
Identification checks and background information about you we need to collect in order to assess the risk to be insured including previous claims information, data relating to your health and criminal convictions, including requesting a copy of your driving licence summary (DLS)
Medical information if it is relevant to your policy or claim
Accessibility details if we need to make reasonable adjustments to help
Business activities if it is relevant to your policy or claim
Credit history, credit score, sanctions/PEP check result and information received from various anti-fraud databases about you.
Identifiers assigned to your computer or other internet connected device including your Internet Protocol (IP) address
How we collect personal information
We may collect personal information from various sources including you, your representative, your employer or from publicly available sources, including information you have made public, for example on social media. We also collect information from other persons or organisations, for example:
Credit reference and/or fraud prevention agencies such as TransUnion
Emergency services, law enforcement agencies, medical and legal practices
Insurance industry registers and databases used to detect and prevent insurance fraud, for example the Claims and Underwriting Exchange (CUE)
Governmental and regulatory bodies such as HMRC, MIB, DVLA, the Financial Conduct Authority, the Prudential Regulation Authority, the Financial Ombudsman’s Service, and the Information Commissioner’s Office;
Insurance investigators and claims service providers
Service providers who provide the service for our products
Debt collection agencies who collect money owed to us.
Other involved parties, for example; claimants or witnesses.
Who we share your information with
We may share your personal information with third parties and other companies within our Group of companies for the purposes mentioned in ‘how we use your information’, please contact the Data Protection Officer for a full list of Group companies. We may share your information with third parties, including our product and service suppliers, agents, other insurers, reinsurers, parties involved in handling a claim, fraud prevention agencies and the police and government bodies if we believe that this is reasonably required for the prevention and detection of crime and fraud. This assists in keeping your premiums low.
We may pass your details and any information or documentation you provide to us to the recognised centralised insurance industry registers and databases, credit reference agencies, and policy and claims checking systems. Data may also be released to third parties if we are required to do so under the terms of a court order, for regulatory purposes or in the investigation and settlement of a claim or a complaint. When we and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.
We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years. We will only share your information in compliance with data protection laws.
How long your information will be kept
We will only hold your information for as long as necessary to administer the policy, manage our business or in order to comply with legal or regulatory requirements. This will be in line with our data retention policy.
Transferring personal information outside the UK
Some of the organisations we share your personal information may be located outside of the UK where your personal information is protected by laws equivalent to those in the UK. If we have to transfer data to organisations in a third country outside the UK, our contracts with these parties require them to provide an equivalent level of protection for your personal information to ensure your data continues to be protected by ensuring appropriate safeguards are in place.
You have the right to:
Object to us using your personal information. We will either agree to stop using it or explain why we are unable to
Ask for a copy of the personal information we hold about you, subject to certain exemptions
Ask us to update or correct your personal information to keep it accurate
Ask us to delete your personal information from our records if it is no longer needed for the original purpose Ask us to restrict the use of your personal information in certain circumstances
Ask for a copy of the personal information you provided to us, so you can use it for your own purposes Ask us, at any time, to stop using your personal information, if using it is based only on your consent
Complain about how we handle your data (see ‘Who to contact’ below)
Who to contact
If you wish to exercise any of your rights or have any queries about how we use your personal information, please contact our Data Protection Officer:
We will consider your request and either comply with it or explain why we are not able to. Please note, we may request evidence of your identity to process your request.
If you are not happy with any aspect of how we handle your data, we encourage you to come to us in the first instance but you are entitled to complain to the Information Commissioner’s Office (ICO):
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF