Privacy Policy

Trifords Limited t/as Auto Windscreens
PRIVACY POLICY: HOW WE USE YOUR INFORMATION

Auto Windscreens (“we, us, our”) is a trading name of Trifords Limited. We are committed to protecting your privacy. We take great care to ensure your information is kept safe and secure.

This policy explains how we will collect, store, use and share your personal information. We collect information in a number of ways including when you use our website, submit an application form or provide information to us by post, email, phone or text.

About us

We are Trifords Limited and we are part of the Markerstudy Group of companies. We can be contacted at Britannia House, Britannia Road, Chesterfield, Derbyshire S40 2UZ

We are a leading automotive glass repair and replacement company in the UK. We have partnerships with most insurance providers and a nationwide fleet of mobile service units.

Explanation of some of the terms used

Aggregator – quote comparison websites such as ‘gocompare’/ ‘comparethemarket’

Data Controller – means the person or entity which alone or jointly with others determines the purposes and means of the processing of personal data

Data Protection Law –the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 1998/2018

Markerstudy Group – details of the Markerstudy Group can be found at www.markerstudygroup.com/about us

Sensitive Information – this is also known as Special Category Data and includes information revealing, or about a person’s racial or ethnic origin, political opinions or trade union membership, religious or philosophical beliefs, health, sex life or sexual orientation, or genetic data and biometric data for the purpose of uniquely identifying a natural person. Information about criminal convictions is often included in this definition.

Data Controllers

For the purposes of the data protection law the data controller for the services we provide to you will be Trifords Limited.  We are registered with the ICO, registration number Z2649297

If you have engaged with us as a result of our partnership with brokers or an insurance company then that third party will also be a data controller for the purposes of Data Protection Law. In those cases we will also be a data processor for the third party in respect of the services we provide to you

Where a third party data controller is involved in the provision of the insurance and ancillary services to you, we recommend that you also review their privacy policy as this will tell you how they will process your information.

Data Protection Officer

We have appointed a Data Protection Officer to oversee our handling of personal information. Our Data Protection Officer can be reached at dataprotection@markerstudy.com.

Please click on the relevant section below for detailed information regarding how we process your information.

Who do we collect information about?

We collect information about the following types of individuals:

  • Previous and current customers
  • Previous and current parties covered under an insurance policy we administer, place or underwrite
  • Person's authorised to speak to us on behalf of a customer
  • Users of our websites
  • Customer online booking system
  • Business Partners

When do we collect information about you?

We collect information about you:

  • When you contact us to request an appointment or quotation for a service.
  • At the time of service delivery (either directly or by one of our approved repair third party companies).
  • When we contact each other (by phone, email, PDA, through our website or otherwise) such as to update or check your details, complete surveys, provide feedback, fill in forms, participate in competitions or complete applications for services.
  • When you register to use our website, subscribe to our services, search for a product, place an order on our website, participate in discussion boards or other social media functions on our website, leave any query or correspondence on our website, enter a competition, promotion or survey or when you report a problem with our website or any other activity undertaken with or by us.
  • When you contact us to make a complaint.

What information do we collect about you?

Please see below for detailed information regarding the types of personal information we are likely to collect and use about you.

If you provide personal information to us about other individuals you agree: (a) to inform the individual about the content of this Privacy Policy; and (b) to obtain any consent where we indicate that it is required for the processing of that individual’s personal data in accordance with this Privacy Policy.

Personal Information:

  • General information such as your name, address, date of birth, email address and phone number
  • Vehicle Registration Number
  • Financial information such as payment card
  • Photograph, mobile phone, video footage or CCTV
  • Details about you and your personal circumstances where this is appropriate in the administration of the service to allow us to identify a potentially vulnerable customer, as well as other information you (or a third party) may provide to us as part of the service whether through phone, email, letter, or via a website, PDA, App, social media or online chat.
  • We may collect information when you use our website including data that allows us to monitor your preferences and how you use our website. This helps us to organise our website content in order to improve your experience. The information we collect includes:
    • details of transactions you carry out through our website.
    • information that you provide by filling in forms on our website even if those forms are not submitted.
    • technical information, including the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
    • information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time)
    • products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
  • We may use cookies to collect information about how our website is used. Please see our cookies policy for more information about our use of cookies.

Special Category (sensitive) Personal Information and Criminal Personal Information:

  • We do not actively request details about sensitive personal information including criminal personal information. However it may be recorded if it is provided by you (or a third party) as part of the quote for service and /or claim administration process whether through phone, email, letter, or via a website, PDA, social media or online chat.

How do we collect your information?

We collect personal information from a number of different sources including:

  • Directly from you or from someone else on your behalf (including insurance companies and brokers) in person, by website, VRN feed, phone, email, on line chat, SMS, PDA & paper documents.
  • From other companies within the Markerstudy Group.
  • From third parties (including brokers, aggregators, insurance companies, business partners and accident management companies).
  • Other publically available sources, including ,but not limited to, Google Earth and social media
  • Through customer surveys.
  • From government agencies such as DVLA and HPI for vehicle make, model and part number
  • Manufacturer look up

What are the purposes for which information about you is used?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing. When the information that we process is classed as special category or sensitive personal information, we must have an additional legal ground for such processing.

Whether you provide us with the information, or we collect information from you or we are provided with information from other sources, we may use this information:

a) To provide a quote for our services

Legal grounds:

·        Our having an appropriate business need to use your information to provide a quote for the services you have requested, which does not overly prejudice you.

·        Administration of an insurance contract on behalf of a third party

b) To provide the contracted service

Legal grounds:

·        Our providing you with the contracted services

c) Communicating with you and resolving any complaints that you might have

Legal grounds:

·        Our providing you with the contracted services

·        Our having an appropriate business need to use your information to manage and respond to complaints which does not overly prejudice you

d) To transfer to third parties for the purpose of providing you with the services required under the contract

Legal grounds:

·        Our providing you with the contracted services

e) Complying with our legal or regulatory obligations

Legal grounds:

·        The use is necessary in order for us to comply with our legal obligations

f) Recover outstanding payments

Legal grounds:

·        Our having an appropriate business need to use your information in order to recover debts which does not overly prejudice you

g) To improve our customer service

Legal grounds:

·        Our having an appropriate business need to use your information in the improvement of our customer service which does not overly prejudice you

h) To measure the effectiveness of our advertising

Legal grounds:

·        Our having an appropriate business need to use your information to ensure our advertising is effective which does not overly prejudice you

i) To provide data analysis in order to assist us with the pricing of our products and detect market trends.

Legal grounds:

·        Our having an appropriate business need to use your information which does not overly prejudice you.

j) To personalise your repeat visits to our website and to improve our website, including as part of our efforts to keep our website safe and secure

Legal grounds:

·        Our having an appropriate business need to use your information which does not overly prejudice you.

k) To notify you about changes to our services or products

Legal grounds:

·        Our having an appropriate business need to use your information to keep our customers up to date with changes to our products or services which does not overly prejudice you.

l) To administer our websites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes

Legal grounds:

·        Our having an appropriate business need to use your information to maintain our websites which does not overly prejudice you.

m) To allow you to participate in interactive features of our services / website

Legal grounds:

·        Our having an appropriate business need to use your information to offer an interactive website for customers which does not overly prejudice you.

n) To transfer within the Markerstudy Group or to third parties for the purpose of conducting internet analytics.

Legal grounds:

·        Our having an appropriate business need to use your information to maintain our websites and undertake website analytics which does not overly prejudice you.

o) Providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers); technology may include voice analytics

Legal grounds:

·        we have a legitimate business need to provide secure and quality services

Who do we share the information we collect about you with?

Sharing within our Markerstudy Group

We may share your information within the Markerstudy Group for the following reasons:

  • To administer and manage thecontract
  • To provide data analysis in order to assist us with the pricing of our products and detect market trends;
  • To administer our websites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes
  • To improve our website, including as part of our efforts to keep our website safe and secure
  • To allow invoicing and to recover any outstanding payments;
  • For legal, financial reporting and regulatory purposes.

Sharing with third parties

We may also share your information with selected third parties, in order to offer services to you or to perform any necessary functions on our behalf.  This may include:

  • Your relatives, executors or guardians (on your behalf where you are incapacitated or unable) or other people or organisations associated with you such as your insurance broker
  • Where you have named an alternative contact (such as a relative) to speak with us on your behalf. Once you have told us your alternative contact, this person will be able to discuss all aspects of the service we are providing you
  • Our insurance partners such as brokers, other insurers, reinsurers or other companies who act as insurance distributors
  • Other third parties that you have asked us to engage with
  • Business partners
    • Clients: for whom we provide windscreen replacement services
    • Companies you have agreed may receive your information to allow you to enter into a contract with them (for example claims management companies)
  • Suppliers
    • Companies engaged by us to provide contracted services. This is a wide ranging list of companies and their use will depend upon the circumstances. For example,
      • Printing of invoices
      • To allow us to record our incoming and outgoing calls with you
      • Local engineers and companies specialising in aspects of the service we provide (for example installation of dashcams)
    • Companies engaged by us to provide aspects of our communications with you (for example, web hosting, online chat provider),
  • Debt Collectors
  • Credit Reference Agencies

Disclosure of your personal information to a third party outside of the Markerstudy Group will only be made where the third party has agreed to keep your information strictly confidential and shall only be used for the specific purpose for which we provide it to them.

We may also share your information with:

  • Search engine operators who can assist us in the improvement of our website.
  • Prospective buyers, in the event that we sell any business or assets.
  • Regulators and other authorised bodies, whenever we are required to do so by law.
  • We believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action (including fraud) or is otherwise in the overriding public interest.

What is our approach to sending information overseas?

We may send your data outside the European Economic Area (EEA) if we are required to do so for a joint data controller (for example if an insurer is based overseas).

We seek to ensure that data which is processed on our behalf as data controller is retained within the EEA but this is sometimes difficult (for example a UK supplier may have a server based outside of the EEA).

If we make a transfer of your personal information outside of the EEA we will take the required steps to ensure that your personal information is protected. Such steps may include placing the party we are transferring information to under contractual obligations to protect it to adequate standards.

How long do we keep personal information for?

We will only keep your personal information for as long as reasonably necessary to fulfil the relevant purposes set out in this Privacy Policy and in order to comply with our contractual, legal and regulatory obligations.

We have implemented a Document Retention Policy which records of details how long various types of information should be retained. The Policy is reviewed on a regular basis to ensure that it aligns to current legal and regulatory requirements. The retention periods vary depending upon the circumstances of an individual matter but in general our retention periods for customer facing documentation can be set out as follows

Quote Information

3 months

Service Records  

Retained due to the life time (of car) warranty period for workmanship

Claims Documents

7 years from date of last settlement /order

Complaints

3 years from the complaint being resolved

If you would like further information regarding the periods for which your personal information will be stored, please see the contact details outlined in the "How to Contact Us" section below.

Automated Decision Making

We do not use automated decision making

What marketing activities do we carry out?

We do not actively market our products & services directly to you

Your rights

Under data protection law you have certain rights in relation to the personal information that we hold about you. You may exercise these rights at any time by contacting us using the details set out in the "How to Contact Us" section of this Privacy Policy.

Please note:

  • In some cases we may not be able to comply with your request (e.g. we might not be able to delete your data) for reasons such as our own obligations to comply with contractual, legal or regulatory requirements. However, we will always respond to any request you make and if we can't comply with your request, we will tell you why.
  • In some circumstances exercising some of these rights (including the right to erasure, the right to restriction of processing) will mean we are unable to continue providing you with cover under the service.

The right to access your personal information

You have the right to access a copy of the personal information we hold about you and certain details of how we use it. There will not usually be a charge for dealing with these requests.

The right to rectification

We take reasonable steps to ensure that the personal information we hold about you is accurate and up to date. However, if you do not believe this is the case, you can ask us to update or amend it.

The right to erasure

In certain circumstances, you may ask us to erase your personal information.

The right to restriction of processing

In certain circumstances, you are entitled to ask us to stop using your personal information.

The right to data portability

In certain circumstances, you have the right to ask that we transfer any personal information that you have provided to us to another third party of your choice.

The right to object to marketing

You can ask us to stop sending you marketing messages at any time.

The right not to be subject to automated decision-making (including profiling)

We do not use automated decision making

The right to withdraw consent

For certain uses of your personal information, we will ask for your consent. Where we do this, you have the right to withdraw your consent to further use of your personal information.

The right to lodge a complaint with the ICO

You have a right to complain to the Information Commissioner’s Office (ICO) if you believe that any use of your personal information by us is in breach of applicable data protection laws and regulations.

More information can be found on the ICO's website at: www.ico.org.uk/concerns.

Making a complaint will not affect any other legal rights or remedies that you have.

How we protect your information

We want you to have confidence in how we use and hold your data. We know that to achieve this we must preserve the security and confidentiality of your personal information.  We have therefore developed a range of organisational, procedural and technical security measures designed to protect your personal information from unauthorized use or disclosure. Examples of some of these measures include:

  • User and privileged account management including appropriate policies for password complexity, length and history.
  • Auditing of system users and administrators.
  • Regular backup schedules and disaster recovery environment for key systems and services.
  • Secure file transfer methods are used to encrypt data.
  • Usage of data loss prevention tools within the Group.
  • Data breach detection: Security tools in place to detect unusual or abnormal activity.
  • Data breach investigation: Audit and logging tools used to investigate any potential or reported breaches.
  • Data breach response: A plan that pulls together our compliance, legal and IT security teams to ensure rapid assessment and mitigation of data breaches

Changes to our Privacy Policy

We keep our Privacy Policy under review and it is updated periodically. For example, those changes may be due to government regulation, new technologies, or other developments in data protection laws or privacy generally. You should check our website periodically to view the most up-to-date Privacy Policy.

This Privacy Policy was last updated on: 30th March 2018

How to Contact Us

Please contact us if you have any questions about our Privacy Policy or to exercise any of your rights

Data Protection Officer,

45 Westerham Road,

Sevenoaks,

Kent

TN13 2QB.

Or by email to dataprotection@markerstudy.com

Where you have made the request by electronic means, the information will be provided to you by electronic means where possible.

Other websites

Our website may contain links to other websites.  This Privacy Policy only applies to our own website so when you link to other websites you should read their own privacy policies. If this policy conflicts with any written contract that we have with you then the written contract shall take precedence.

Complaints

If you have a complaint about how we use your information then please contact us at:

Data Protection Officer,

45 Westerham Road,

Sevenoaks,

Kent

TN13 2QB.

If you have a complaint about the way in which your data has been processed, you can contact the ICO at: www.ico.org.uk/concerns.