esure App | Services powered by Caura

Privacy Policy

1. INTRODUCTION

You have downloaded the esure for iOS or Android app (“the esure App”), and by doing so have read and accepted the esure’s Terms‍

The information in this Privacy Policy describes how we, Caura Ltd, use your personal data in connection with your use of our services (the “Caura Services”) within the esure App, as defined in the esure:

• Terms
• Privacy Policy
• Cookie Notice

We respect your privacy and protecting your information is paramount. We want you to be informed and empowered in respect to your privacy when you use the esure App, so please read this Privacy Policy carefully before using any Caura Services.

Together with the esure Terms, this Privacy Policy sets out our views and practices regarding your personal data, how we collect, process and treat it, and the rights you have in relation to the protection of your personal data.

2. WHO ARE WE

We are Caura Ltd (also referred to as "we", “us”, "our" and "Caura"). We are registered in England and Wales under company number 11520538 and have our registered office at 1 Horse Guards Avenue, London, England, SW1A 2HU. Our registration number with the Information Commissioner’s Office (ICO) is ZA603130.

3. WHO ARE ESURE

esure Services Limited (“esure”) is registered in England and Wales under company number 02135610 and have their registered office at The Observatory, Reigate, Surrey, RH2 0SG.

esure are your insurance provider and they are authorised and regulated by the Financial Conduct Authority (FCA) under reference number 312063.

4. KEY WORDS

‘Caura Services’ means the services provided by Caura to esure App users as defined within the esure Terms.

'Data Protection Laws' means the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK.

'Data subjects' are users of Caura services within the esure App.

‘esure Services’ are car insurance, home insurance, or any other insurance services or insurance-related services that esure may provide to you from time to time.

'IP address' is your Internet Protocol address which is a code that each device connected to the Internet has in order to identify that device.

'Personal data' is information about an identified or identifiable natural person that could allow a living person to be identified.

‘Personal information’ means any information that we have obtained from you or third parties in connection with a service or product provided to you that is held now or at any time in the future by us.

5. WHAT INFORMATION DO WE COLLECT?

Information you give us

You may give us information about you when you use the esure App and when you communicate with us. This includes information you input during registration by answering specific questions, providing us with feedback, participating in surveys, and when you report a problem.

The information you give us may include:

• your contact details, such as name, address, email address, phone number;
• your vehicle registration number; and
• details about your vehicle, for example insurance documents, insurance expiry dates, or servicing due dates.

For insurance-related services we'll collect and process information about you from a number of sources, including from esure directly and from you where you provide it.

Information we collect from third parties

We collect information from esure to authenticate your identity and enable access to the esure App, to surface data regarding your esure insurance policies, and enable functionality of the esure App and the Caura Services within the esure App.

If you choose to provide us with your vehicle registration number, we will use that information to obtain certain information related to you and your vehicle from various sources, such as the Driver and Vehicle Licensing Authority (DVLA), including tax due dates, MOT renewal dates and MOT results.

Information we collect about you

We will collect information during your use of the esure App, including:

• details regarding the communications made between us;
• data regarding your usage, engagement, and other esure App data;
• technical information, including the Internet Protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, browser plug-in types and versions, Operating System (OS) and platform;
• services you viewed or searched for; and
• page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling and clicks), and methods used to browse away from the page and any phone number used to call our customer service number.

Recording telephone calls and other communications, we may monitor or record telephone conversations or other communications between you and us.

6. WHAT IS THE BASIS FOR PROCESSING?

We make sure we have appropriate legal bases on which to collect, use and share data about you. Our lawful bases may include:

• Consent. We will always seek your consent to process certain types of information where we are legally required to do so. You have the right to withdraw or decline your consent at any time;
• Performance of a contract. We need you to give us the information you provide and to collect information about you from the DVLA or third-parties like esure in order for us to provide you with the Caura Services, as agreed in the esure Terms, if applicable. If you do not provide this information, we may not be able to provide the Caura Services to you or you may not benefit from the esure App’s full functionality;
• Compliance with our legal obligations; and
• Legitimate Interests. We may process your personal data for the purposes of our own legitimate interests or for the legitimate interests of our suppliers provided that such processing does not outweigh your interests. When we rely on our legitimate interests, you have the right to object at any time. For example, we may process your personal data to:
  • Keep our records up to date;
  • Provide you with our services, including for the purpose of quality control and analysis;
  • Develop and improve our products and services; and
  • Communicate and manage our relationship with you.

7. WHAT IS YOUR INFORMATION USED FOR?

All the personal data we collect, store, process or share is processed:

• by Caura and esure as joint Data Controllers;
• to provide you with information and the Caura Services which you request via the esure App;
• to perform our obligations under any contract we have with you;
• to manage our communications with you in relation to your queries and complaints;
• to notify you about changes or updates to the esure App and the Caura Services available through it, including via push notifications;
• for analytical or training purposes;
• to ensure that content from the esure App is presented in the most effective way for you and your device;
• to assist in improving our processes, products and services;
• as part of our efforts to keep the esure App safe and secure and to prevent fraud; and
• to ensure compliance with your requests for the exercise of your rights.

What we will never do. Rest assured, we will never sell your information to third parties.

Information we receive from other sources. We may combine this information (including information we receive from the DVLA) with information you give to us and use this information and the combined information for the purposes set out above.

Recording telephone calls and other communications. We will use telephone recordings or transcripts of communications to check your instructions to us, analyse, assess and improve our services, for training and quality purposes and for the purposes of investigating any complaint you may make, or as evidence in any dispute between you and us.

8. WHO DO WE SHARE YOUR DATA WITH?

We may need to disclose your data to others to facilitate the provision to you of the esure App, and any additional services you request via the esure App. Your data may be disclosed to the other entities as described below.

We may share your information with:

• government organisations such as our regulators, the Financial Conduct Authority (FCA) and the Financial Ombudsman Service (FOS); the Police, Trading Standards, fraud prevention organisations and agencies such as the Insurance Fraud Register;
• esure for the purposes of verifying your identity, to allow the esure App to be accessed, to report on esure App usage and engagement, or to complete and fulfil your insurance requirements now and in the future. To see how esure uses, processes and stores your information please see esure’s Privacy Policy;
• If we find you've given us false or inaccurate information, we may pass your details to fraud prevention agencies. To prevent fraud and money laundering, we and other organisations, including law enforcement agencies may also access and use information recorded by fraud prevention agencies;
• our group companies for the purposes of business administration;
• third party service providers to whom you choose to make a payment with using our services within the esure App (e.g. the DVLA);
• third parties who supply services to us, such as our IT and hosting providers and our payment service provider, Stripe, who we use to facilitate payments you make when using certain Caura Services via the esure App, where we do this you implicitly agree to their terms and conditions, and privacy policies;
• our professional advisers, such as our legal advisers where they require that information in order to provide advice to us in relation to our services;
• any regulatory authority we may be subject to for the purpose of demonstrating compliance with applicable law and regulations;
• a prospective seller or buyer (or the buyer or seller’s advisers) of any of our business or assets;
• if we, or part, or all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets; and
• such third parties as we reasonably consider necessary in order to prevent crime, e.g. the police.

Disclosure of your personal information to a third party will only be made where they agree to keep your information confidential and will only be used for the specific purpose for which we provide it to them.

Please note that when you use the esure App to make payments to third parties, you will be subject to the relevant service provider's terms of use and privacy policy (which will be different from ours). We will show you these terms at the time of your purchase. The terms of use and privacy notice of Stripe, our payment service provider, may also apply. We encourage you to read these third-party terms of use and privacy policies carefully.

9. DATA STORAGE AND DELETION

We will only keep your personal data for as long as necessary to carry out the relevant purposes set out in this Privacy Policy and in order to comply with our commercial, legal and regulatory obligations, following which we will securely destroy your personal information. For example, if you transact with us we will keep your information for as long as required to comply with financial reporting requirements (e.g. to HMRC). We may continue to use anonymised data (that does not identify you) which is aggregated with anonymised data of other users.

After termination of your account with us, we may continue to use anonymised data (that does not identify you) which is aggregated with anonymised data of other users. We use this aggregated data for data analysis, profiling and research purposes. We may also keep your email address to ensure that you no longer receive any communications from us. After termination of your account we will still keep financial records of any transactions you have made with us.

10. YOUR LEGAL RIGHTS

We are committed to delivering the rights that data protection law provides to individuals. Please be aware that these rights are often not absolute, and exemptions may apply.

To exercise your rights, please contact us at esuresupport@caura.com

• The right to be informed: you have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this Privacy Policy.
• The right to access: you have the right to access the information we hold about you. We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs for certain requests.
• The right to rectification: you have the right to ask us (and third parties to whom we transfer your personal information) to rectify your personal information if it becomes inaccurate.
• The right to erasure: you have the right to ask us to erase your personal information in certain circumstances.
• The right to restrict processing: you have the right to restrict our processing of your personal information in certain circumstances, including if we no longer need your personal information but you would like us to retain it to ensure its continued availability to you in connection with any legal claims.
• The right to data portability: you have rights to obtain and reuse your personal data for your own purposes across different services in certain circumstances. This right only applies to personal information you have provided to us (i.e. not any other information); where the processing is based on your consent or for the performance of a contract; and when processing is carried out by automated means.
• The right to object: you have the right to object at any time to processing of personal information concerning you which is based on our legitimate interests. If we can show compelling legitimate grounds for processing your personal information which override your interests, or we need your personal information to establish, exercise or defend legal claims, we can continue to process it. Otherwise, we must stop using the relevant information.
• The right to withdraw consent: where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time.

11. HOW WE PROTECT YOUR INFORMATION

We do our best to protect your personal data, but we cannot guarantee the security of your data transmitted to the esure App; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, loss or damage.

12. LINKS TO THIRD PARTY WEBSITES

The esure App may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.

13. CHANGES

We may make changes to this Privacy Policy in future to reflect changes in the functionality of the esure App or otherwise changes in the way that we process your personal information. Any changes we may make to our Caura Privacy Policy will be posted here and, where the changes are material or we decide it is appropriate, notified to you by push notification or any other manner we deem appropriate. Please check back frequently to see any updates or changes.

14. COMPLAINTS

If you have a complaint relating to the processing of your personal data, please email dpo@caura.com.

We would appreciate the opportunity to address any concerns or complaints you may have with respect to the esure App and our data processing practices. However, you are also entitled to lodge a complaint with a supervisory authority at any time. In the UK this would be the Information Commissioner’s Office.

‍