Granite Financial Limited and all its subsidiaries (We/Us/Our) are committed to protecting and respecting your privacy.
For the purpose of the Data Protection Laws, the data controller is CRASH Services Limited of 134a Stockman’s Lane, Belfast, BT9 7JE.
Our nominated representative for the purpose of the Act is Michelle McGahan.
If you purchase services from us, communicate with us, or do business with us, this will result in us collecting personal data about you. This personal information will include information relating to:
- Contact details, Identification, administration of your claim, and marketing preferences.
- We also collect information provided if you fill in a form, complete a survey, etc.
- We do not normally collect sensitive personal data, however there are exceptions where this is necessary eg information relating to driving convictions required when providing insurance for a hire vehicle.
In the event you provide us with any sensitive personal data, we will take extra care to ensure your rights are protected.
Details of transactions you carry through our site and of the fulfilment of your orders. We do not, however, store the details of your credit/debit card.
To protect you, our business and third parties we may record calls between us.
We only ever use your personal data with your consent, or to the extent necessary to:
- enter into, or perform, a contract with you;
- comply with a legal duty;
- remember your preferences e.g. if you ask not to receive marketing material, we will keep a record of this, or
- for our own (or a third party’s) lawful interests (such as marketing, internal record keeping, market research or to improve our products) provided your rights don’t override these.
We will only use your information for the purpose it was collected (or for similar/related purposes). For our clients, this includes using use personal data to the extent necessary to perform our contractual obligations (such as administering their accounts and providing them with services).
We will never sell your personal data or share it with third parties who might use it for their own purposes.
We may use Personal Information to detect, investigate and prevent fraud, and this may include sharing Personal Information with other insurers, fraud prevention agencies and databases, and law enforcement agencies.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you, before collecting your data if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes.
When you enter one of our competitions or complete a registration form you will be asked if you would like to receive marketing information, this will be an opt in box.
You can unsubscribe from our marketing list at any time.
Our site may, from time to time, contain links to and from websites of our affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Individuals have the right to access their personal information and to limit the use and disclosure of their personal information. Please contact us if you wish to exercise these rights, by writing to the Data Protection Officer, at the address above or email DPO@crashservices.com.
If you wish to access the personal information you should make a subject access request, this can be done verbally, by email or in writing. Once the request is received the Data Controller must verify the identity of the data subject before disclosing any personal information. We will comply with the request without delay, and within one month unless, in accordance with legislation, we decide that an extension is required.
No charge will be made for complying with a request unless the request is manifestly unfounded, excessive or repetitive, or unless a request is made for duplicate copies to be provided to parties other than the relevant individual making the request. In these circumstances, a reasonable charge will be applied.
We will take all reasonable steps to confirm your identity before releasing to you the personal information we hold about you.
We may collect information about your computer, including, where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is the statistical data about our user’s browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:
- To estimate our audience size and usage pattern.
- To store information about your preferences, and so to allow us to customise our site according to your individual interests.
- To speed up your searches.
- To recognise you when you return to our site.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try and prevent unauthorised access.
We may disclose your personal information to any member of Our group.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If CRASH Services Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.