Hoxton Risk Services Limited – Privacy Policy

Our website helps you:

We are Hoxton Risk Services Limited, trading as Hoxton, Hoxton Insurance and Hoxton Insurance Services . We are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect will be processed by us. Please read this privacy policy carefully to understand our views and practices and your rights regarding your personal data. By visiting HoxtonInsuranceservices.com (our website), by using our services, or by otherwise providing us with your details, your personal information will be processed as described in this policy.

  • What information do we collect from you?
  • Why do we collect this information?
  • Automated Decisions Making
  • How long do we keep hold of your information?
  • Who might we share your information with?
  • How is your data stored and kept secure?
  • International transfers
  • What are your rights?
  • Changes to this Policy
  • Contact Us

What information do we collect from you?

We will collect and process the following data about you:

  • Information you give us. This is information about you that you give to us by filling in forms on our site, via your broker, or by corresponding with us by phone, email or otherwise. The information you give us may include your name, address, email address and phone number and financial information. We will ask you for further information depending on which insurance you are interested in.
  • Information we collect when you call us. If you call us we will automatically collect the phone number used to call. Some of our partner brokers, claims administrators or similar business partners may record calls as part of their FCA compliance requirement. The relevant business partner will be the data controller for that information, so please address any queries directly to the appropriate broker. We review a selection of the business partner calls set out above in our legitimate interests in order to check they are providing a quality service.
  • Information we receive from other sources. We are working closely with other organisations who may provide us with information relating to you, including, but not limited to:
    • Property information from surveyors;
    • In certain cases, convictions information from sources such as the DVLA;
    • Claims information, from claims organisations;
    • App providers, where you choose to allow the app to share data with us.
  • Information we collect from your use of our site via cookies:
    • We may use cookies to collect information about how you use our site and the internet more generally. A cookie is a small computer file which our site sends to your computer. Your computer typically then saves the cookie on your hard drive, but it is possible for you to stop this from happening if you prefer.
    • Cookies help us to understand how you use our site. The information that they send us will not identify you personally; it is statistical data about our visitors and their use of our site.
    • All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular parts of our website.
    • Most web browsers are initially set up to accept cookies. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. Please note, however, that certain features of the site might not function if you delete or disable cookies. For more information about cookies, including how to decline them and to delete cookies that may already be saved on your computer, visit www.allaboutcookies.org or go to the help menu within your internet browser.
    • Google Analytics: Analytics cookies help us understand how users engage with our site. An example is counting the number of different people coming to our platform or using a particular feature, rather than the total number of times the platform or feature is used. Without this cookie, if you visited the platform once each week for three weeks we would count you as three separate users. We would find it difficult to analyse how well our platform site was performing and improve it without these cookies. Analytics may collect information regarding the type of web browser or operating system, IP address, viewed pages, time and duration of site visits, crash logs, your geographic location, and other information relating to site usage.
    • We may also use web beacons in our emails to you. These are transparent image files that can be used to see if an email was read or forwarded to someone else. If you object to web beacons in emails, we recommend that you follow the same procedure for deleting existing cookies and disabling future cookies (see how to do this at www.allaboutcookies.org). We will still know how many of our emails are opened and we will automatically receive your IP address, a unique identifier of your device or other access device; but we will not be able to identify you as an individual.

Why do we collect this information?

We process your personal information for the following reasons:

  • Pursuant to a contract in order to:
    • Process information at your request to take steps to enter into an insurance policy;
    • Provide you with our products and services;
    • Process payments and assess your eligibility for payment plans;
    • Handle claims;
    • Meet our legal and regulatory obligations;
    • Maintain business and service continuity; and
    • Send service communications so that you receive a full and functional service and so we can perform our obligations to you. These will be sent by email wherever possible but in some circumstances we may need to contact you by post or by phone. These will include notifications about changes to our service.
  • On the basis of your consent:
    • Where we rely on your consent for processing this will be brought to your attention when the information is collected from you or will otherwise be clear from the context of you providing the information;
    • We will only contact you with direct marketing communications if you consent to us doing so and you will have the right to withdraw consent at any time.
      See the What are your rights? section below for more information.
  • In our legitimate interests of providing the best service and improving and growing our business we will process information in order to:
    • Provide you with a personalised service;
    • Promote our products and services;
    • Improve our products and services;
    • Keep our site and systems safe and secure;
    • Understand our customer base and purchasing trends;
    • Defend against, establish or exercise legal claims and investigate complaints; and
    • Understand the effectiveness of our marketing.
We will carry out analytics to improve our products and services as set out above

You have the right to object to processing carried out for our legitimate interests.

See the What are your rights? section below for more information.

  • To comply with legal requirements relating to:
    • The provision of products and services;
    • Anti-money laundering;
    • Fraud investigations;
    • Data protection;
    • Assisting law enforcement; and
    • Any other legal obligations placed on us from time to time.

Special Category Personal Data and Offences

In some circumstances we need to process special category personal data or criminal convictions and offences data which is required in order for us to make decisions in relation to providing you with a policy or assessing a claim. For example, in order to provide you with a motor insurance policy we will need to understand whether you have any motoring offences, or for a travel insurance policy we will need information on any existing medical conditions.

We process this information because it is required in order for us to enter into or to perform a contract with you. We also process this information because it is necessary for the purposes of substantial public interest permitted by law.

Automated Decision Making and Profiling

We use automated systems which means that some decisions are made automatically. We offer our insurance policies based on the information we have about our customers. Some information may identify a high risk to us in providing insurance, for example if an applicant for motor insurance has committed certain driving offences. Our systems are designed to identify particularly high-risk factors and, in some circumstances, to automatically decline an application. It may also affect the price at which we offer you our products and services. Decisions are therefore made based on your particular risk profile.

The types of decision which are automated include initial decisions about whether to offer you insurance, which product to offer and at which price, based on the information you have provided us with.

You have the right to request that we review the automated decision manually and you are entitled to express your view on the automated decision when you request a review. You can exercise this right by contacting our Data Protection Officer at dataprotection@nuventure.com

For the purpose of data protection legislation, the data controller is Hoxton Risk Services Limited, a company registered in England and Wales under registered No. 13056354 and whose registered office is at Brierly Place, 160-162, New London Road, Chelmsford, Essex, England, CM2 0AP.

Data protection is a group function provided by the holding company, NuVenture International Limited a company registered in England and Wales under registered No. 12798974 and whose registered office is at Brierly Place, 160-162, New London Road, Chelmsford, Essex, England, CM2 0AP.

How long do we keep hold of your information?

We will keep your information only for as long as is necessary for the purposes for which it was collected. The periods of retention are different depending on which insurance policy is involved. We will retain information for a number of years after the end of our relationship with you using the criteria below, unless obligations to our regulators require otherwise or we are required to remove such data from our records.

Our retention periods are determined by reference to:

  • Legal requirements – as a regulated financial services provider we are bound by specific rules on retention of information;
  • Statutory limitation periods – these determine the periods for which legal claims can be brought;
  • Insurance industry standards; and
  • Operational requirements – set by how long we need to keep information for operational purposes for example to operate your insurance policy, handle insurance claims or deal with legal claims.

Who might we share your information with?

For the purposes set out in the ‘Why do we collect this information?’ section above, we will share your personal information with:

  • The following categories of third parties, some of whom we appoint to provide services, including:
    • Distribution partners (or other insurance intermediaries), suppliers and sub-contractors for the performance of any contract we enter into with you, including our IT, Operations, Claims, Finance and Actuarial service providers;
    • Analytics and search engine providers that assist us in the improvement and optimisation of our site;
    • Customer survey providers in order to receive feedback and improve our services.
  • Any member of our group, which includes our parent company and subsidiaries.
    Additionally, we will disclose your personal information to the relevant third party:

    • In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets if appropriate.
    • If we are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets.
    • If we change or augment our select list of distribution partners, suppliers and sub-contractors.
    • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our customers, our regulator, or others. This includes exchanging information with:
      • Anti-fraud and anti-money laundering groups or organisations;
      • Credit reference agencies;
      • Debt recovery providers;
      • Law enforcement and legal professionals;
      • Our insurers or auditors.

    How is your data stored and kept secure?

    At Hoxton Insurance Services, we take your safety and security very seriously and we are committed to protecting your personal and financial information. All information kept by us is:

    • Stored in a secure hosting environment, and protected by industry standard security systems, including regular Malware scanning.
    • Accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
    • All credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

    Where we have given you (or where you have chosen) a username and password that enables you to access certain parts of our service, you are responsible for keeping this password confidential. We ask you not to share your password with anyone as you are solely responsible for, and bound by all activity conducted under username and password.

    International Transfers

    We may transfer your data outside the European Economic Area (“EEA”). For travel insurance, we may need to transfer information internationally if there is a medical emergency or incident. We will only transfer your information if adequate protection measures are in place or if the transfer is otherwise permitted in compliance with data protection legislation. Our systems are all hosted within the EEA. More information is available by contacting us.

    What are your rights?

    Where processing of your personal data is based on consent, you can withdraw that consent at any time.

    You have the following rights. You can exercise these rights at any time by contacting us at dataprotection@nuventure.com. You have the right:

    • To ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes;
    • To ask us not to process your personal data where it is processed on the basis of legitimate interests provided that there are no compelling reasons for that processing;
    • To ask us not to process your personal data for scientific or historical research purposes, where relevant, unless the processing is necessary in the public interest.
    • To request from us access to personal information held about you;
    • To ask for the information we hold about you to be rectified if it is inaccurate or incomplete;
    • To ask for data to be erased provided that the personal data is no longer necessary for the purposes for which it was collected, you withdraw consent (if the legal basis for processing is consent), you exercise your right to object, set out below, and there are no overriding legitimate grounds for processing, the data is unlawfully processed, the data needs to be erased to comply with a legal obligation or the data is children’s data and was collected in relation to an offer of information society services;
    • To ask for the processing of that information to be restricted if the accuracy of that data is contested, the processing is unlawful, the personal data is no longer necessary for the purposes for which it was collected or you exercise your right to object (pending verification of whether there are legitimate grounds for processing);
    • To request that we review an automated decision manually (see Automated Decision Making above);
    • To ask for data portability if the processing is carried out by automated means and the legal basis for processing is consent or contract.

    Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting us using the contact details below. In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority, which is the Information Commissioner’s Office (ICO) in the UK, at any time. The ICO’s contact details are available here: https://ico.org.uk/concerns/.

    Changes to our privacy policy

    This policy may be updated from time to time. Please check back frequently to see any updates or changes to our privacy policy.

    Contact us

    If you have any questions, comments or requests regarding this privacy policy please contact our data protection officer (“DPO”) at dataprotection@nuventure.com.

    For the purpose of data protection legislation, the data controller is Hoxton Risk Services Limited, a company registered in England and Wales under registered No. 13056354 and whose registered office is at Brierly Place, 160-162, New London Road, Chelmsford, Essex, England, CM2 0AP.

    Data protection is a group function provided by the holding company, NuVenture International Limited a company registered in England and Wales under registered No. 12798974 and whose registered office is at Brierly Place, 160-162, New London Road, Chelmsford, Essex, England, CM2 0AP.

    Hoxton Insurance Services products are underwritten by various insurers including Hiscox whose privacy notices can be found on their websites.

    Hoxton, Hoxton Insurance and Hoxton Insurance Services are trading names of Hoxton Risk Services Limited which is an appointed representative of Davies MGA Services Limited, a company authorised and regulated by the Financial Conduct Authority under firm reference number 597301 to carry on insurance distribution activities. Hoxton Risk Services Limited is registered in England and Wales company number 13056354. Registered office at Brierly Place, New London Road, Chelmsford, Essex, England, CM2 0AP.

    Office Location

    Brierly Place, New London Road
    Chelmsford, Essex, England, CM2 0AP

    contact@hoxtoninsuranceservices.com

    Hoxton, Hoxton Insurance and Hoxton Insurance Services are trading names of Hoxton Risk Services Limited which is an appointed representative of Davies MGA Services Limited, a company authorised and regulated by the Financial Conduct Authority under firm reference number 597301 to carry on insurance distribution activities. Hoxton Risk Services Limited is registered in England and Wales company number 13056354. Registered office at Brierly Place, New London Road, Chelmsford, Essex, England, CM2 0AP.
    ©2021 Hoxton