Likewize Device Protection Privacy Notice
Where Likewize Insurance Services B.V. or Likewize Device Protection UK Limited (Likewize) is acting as a third party administrator for your mobile phone/device insurance policy, we may process your personal data. Likewize may be acting as a Controller and / or a Processor of your personal data. For more information, please refer to your Policy documents / terms and conditions, which will inform you which entity is considered as a Controller.
Please note: Where we refer to your “Insurance Distribution Partner” in this notice, we are referring to the channel through which your Policy is provided to you (e.g. your network provider, bank, employer, etc.)
What information do we use?
To effectively administer your Policy, we may use the information contained in the table below. This list is not exhaustive, and we may from time to time gather/use further types of information about you, as required in order to deliver services that have been agreed with you through the Insurance Distribution Partner.
Source of Information
Typical Categories of Information
Your Insurance Distribution Partner or Underwriter
· Full name,
· Home address,
· Telephone number,
· Email address,
· Date of birth,
· Bank account number and sort code*,
· Policy and coverage details (e.g. product, start and end date, policy/membership number, etc.),
*If your Policy is linked to your bank account
Directly from You / the Policy Holder
· Device details (e.g. IMEI, serial number, make and model),
· Claim details,
· Claim verification / adjudication information and documents (e.g. ID documents, proof of purchase, proof of barring, crime reference numbers, etc.),
· Credit/debit card information,
· Vulnerability information (inc. type of vulnerability, whether your vulnerability is long or short term and any measures to support you),
· Information contained on a device that you provide to us**,
Generated by Likewize
· Telephone recordings and/or transcripts,
· Claim ID / reference numbers,
· Account notes (relating to claims, complaints, etc.),
· Correspondence with or about You, the Financial Ombudsman Service, the courts, Channel Partner or third party supplier (relating to claims, complaints, etc.),
We may also gather information about you from other third parties, such as fraud databases. In some cases, this information may constitute criminal offence data.
**When sending a device to us, we ask that you ensure your device does not contain any personal data (including SIM and memory cards). Where this is not possible, we may need to erase your personal data to repair or recycle your device. If your device is in a state which makes it impossible for us to digitally wipe it, we may send the device to a third party which specialises in the salvage/recycling of devices beyond repair. Where this is the case, we will have contractual and governance measures in place to ensure they protect your data and act responsibly.
Why do we need your personal data?
Your personal data is used for the following purposes;
- Insurance and Policy administration (e.g. communications, processing, delivering your device, etc.),
- Repairing or recycling your device,
- To facilitate the payment of excess fees and other fees associated with your claim (e.g. non-return fees),
- Customer service and complaint management/resolution,
- To analyse and understand your experience and satisfaction with our service,
- Quality management and staff training,
- Making assessments and decisions about the provision and terms of insurance and settlement of claims,
- Management, audit and improvement of our business operations,
- Fraud and wider crime prevention, detection and investigation,
- Risk identification, assessment, management and monitoring,
- Assessing, establishing and defending our legal rights and interests,
- Legal and regulatory compliance, including compliance with laws outside of your country of residence,
- Ensuring information security, continuity and resilience,
- To enable a proposed or actual sale, reorganisation, transfer or other transaction relating to our business,
- Ensure that we provide reasonable adjustments, support or protections for you, if we identify you as vulnerable,
We only process your personal data where one of the following conditions applies:
Processing is necessary for the performance of a contract* to which you are party (or in order to take steps at your request prior to entering into a contract).
Processing is necessary for compliance with a legal obligation to which we are subject.
Processing is necessary for the purpose of legitimate interests pursued by Likewize (or your Insurance Distribution Partner or Underwriter), except where such interests are overridden by your interests.
Processing is necessary in order to protect your vital interests, or the vital interests of another individual (e.g. where one of our call centre agents is concerned for your safety or welfare).
Where we are required to process sensitive (special category) data about you**, we do so when one of the following conditions applies:
You have given us your explicit consent to process (store and use) the data.
Processing is in the substantial public interest (safeguarding your economic wellbeing).
Processing is necessary in order to protect your vital interests, or the vital interests of another individual (e.g. where one of our call centre agents is concerned for your, or someone else’s, safety or welfare).
*Where we require your personal data to perform a contract, failure to provide such information could result in us being unable to properly administer your Policy, and as such may result in us denying a claim made by you.
**This is generally in the context of you telling us, or us identifying, that you meet the Financial Conduct Authority’s definition of a vulnerable customer, and your vulnerability is linked to your health.
Who might your personal data be shared with?
- Your Insurance Distribution Partner, and/or Underwriter,
- Other legal entities within the Likewize group,
- Third party business partners who provide services to us (e.g. legal and financial advisors),
- Device repair and technical support providers,
- Logistics and delivery partners,
- Digital platform providers and technical support, such as telephony management systems, claims management systems, card payment providers, etc.,
- Other service/product providers in Likewize’s supply chain,
- Law enforcement agencies and other statutory bodies, including the courts,
- Fraud prevention organisations and databases such as CIFAS,
- Other insurers, when we receive a reasonable and proportionate request,
- Industry regulators such as the Financial Conduct Authority and Financial Ombudsman Service,
- Other individuals listed on your Policy as authorised parties,
We may transfer your personal data to organisations in other countries (including to other Likewize group entities). We only do so, on the basis that recipients of the personal data will protect it in the same way we would and in accordance with applicable laws. In the event that we transfer personal data to countries outside of the UK, we will only do so where:
· the UK has decided that the destination country or organisation provides an adequate level of protection for personal data, or;
· the transfer has been authorised by the Information Commissioner’s Office (or relevant data protection authority), or;
· we have entered into a contract with the importing organisation to ensure your information is adequately protected.
For how long do we keep your personal data?
The length of time that we hold your personal data may vary dependent on the requirements of your Insurance Distribution Partner or Underwriter. Your personal data will only be held for as long as necessary to meet our legal and contractual requirements.
What are my rights?
Under data protection law, you have the right to;
- Request access to your personal data (commonly known as a data subject access request). This enables you to receive a copy of the personal information we hold.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal information about you.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request the transfer of your personal data to another party.
- Object to processing of your personal data where we are relying on a legitimate interest (or the legitimate interests of a third party).
The rights set out above may apply in limited circumstances, and we may not always be able or required to carry out your request. Where this is the case, we will do our best to explain why.
Please be aware that where Likewize is acting as a Processor on behalf of your Insurance Distribution Partner or Underwriter, they will be ultimately responsible for fulfilling your request, and Likewize will be bound by their instructions.
To exercise the above rights, please contact us via the contact centre details provided to you in your Policy documents.
During our claims processes, our system may make automated decisions about your claim. These decisions are based solely on your answers to our questions, and do not involve profiling. Likewize only uses automated decisions to apply the terms of your Policy to your claim request.
Where we have made an automated decision about your claim, you have the right to;
- request that a human reviews the decision
- express your point of view
- contest the decision
Due to the simple nature of these automated decisions, any review by a person is likely to have the same outcome, unless you have materially new information to offer.
When you have a claim rejected (either by a human, or our system) you will receive a written communication which explains the decision. This communication will contain an avenue for you to ask for a review, express your point of view and contest the decision, through our complaints procedure.
If you are not happy with the way in which Likewize collects, stores, or uses your personal data, you can make a complaint in line with the complaints procedure outlined in your Policy documents. You should make it clear to the Customer Relations Team that your complaint relates to data protection.
You are also entitled to make a complaint to the Information Commissioner’s Office (ICO), which is the relevant data protection regulator in the UK. You can do so via their website at https://ico.org.uk/make-a-complaint/, or via their helpline at 0303 123 1113. However, before making a complaint, they do expect you to have attempted to resolve the issue with us directly.
Please be aware that the ICO will only handle complaints relating to data protection. Any complaints relating to your Insurance Policy should be referred to the Financial Ombudsman Service, as outlined in your Policy documents.
If you have any questions about this privacy notice, or our data protection practices, please contact firstname.lastname@example.org. The Data Protection Team will not be able to answer questions or deal with complaints about your Insurance Policy.