MOTIX Connected Privacy Policy


In this Privacy Policy references to “we” or “us” refer to ITB Telematics LLP. MOTIX Connected is a trading name of ITB Telematics LLP. which is part of the MS&AD Group of companies. You can find out more about the group at www.ms-ad-hd.com/en.

At MOTIX Connected we take Data Privacy seriously and are committed to protecting and respecting your privacy. This Data Privacy Notice explains how we process and protect any personal data we collect or receive about you. This Data Privacy Notice applies to personal data provided by the website visitor, MOTIX Connected Member or Business Customers. Where you provide us with personal data about other individuals, you must provide this notice to them. Please read this Data Privacy Notice carefully to understand our practices regarding personal data.

We seek to comply with principles of "data minimization". This means we try to ensure that we avoid collecting or processing data other than the types and volume of personal data required to achieve the purposes set out in this Data Privacy Notice.

We will share data within the group, but this is limited to our group companies within the European Economic Area (EEA), except in exceptional circumstances where we may need to discuss a case with our parent companies.

Contacts

a) MOTIX Connected

Your personal data has either been, or will be collected by, or transferred to, MOTIX Connected. We can be contacted via post or email at the below address. We aim to respond to all correspondence within one calendar month.

MOTIX Connected
Great Burgh, Burgh Heath, Epsom, Surrey, KT18 5UX, United Kingdom.
Email: info@motixconnected.com 

b) Data Protection Officer

Our Data Protection Officer will handle any questions you may have on the use of your personal data and your rights as a data subject.

Data Protection Officer
MOTIX Connected
Great Burgh, Burgh Heath, Epsom, Surrey, KT18 5UX, United Kingdom.
Email: dpo@motixconnected.com 

c) EU Representative

As we do not have an establishment in the European Union (“EU”), we have appointed a representative based in the Italy, who you may address if you are located in the EU to raise any issues or queries you may have relating to our processing of your Personal Data and/or this Privacy Policy more generally.

Our EU representative is:

Alain Ventura, of Via Arrigo Boito, 202, 00052 Cerveteri (RM), Italy

Our EU representative can be contacted directly by emailing them at the following address: dpo@motixconnected.com

 

What Personal Data We Use

We process different data points depending on if you are a User of our Website (https://www.motixconnected.com) or a User of our Service. If you are a user of our Service we process a variety of different types of personal data depending on the nature of the services involved. The personal information that we collect will depend on our relationship with you.  


Users of our Website

We will share some website experience data with trusted third parties to help us improve the service we provide to you. This data will never be special category data. If possible this data will be irreversibly anonymized and therefore no longer attributable to you. Where data cannot be anonymized, it will include personal data shared by most web browsers such as (but not limited to) your IP address, location, operating system, web pages visited and areas of those web pages ‘hovered’ over, and will be sent only to our providers of demographic data and data analytics. Here is a list of the providers and what they help us to do:

  • Google Analytics - https://policies.google.com/privacy?hl=en-GB - helps us to measure the performance of your web experience and analyze usage so that we can improve your journey; information may be sent outside of the EEA but if so, it will be anonymized by us or on receipt.

You can refuse the use of Google Analytics and opt-out of having your information used by Google Analytics by visiting https://tools.google.com/dlpage/gaoptout/ . An opt-out cookie will be set on the device, which prevents the future collection of your data when using this Platform.

Further information concerning the terms and conditions of use and data privacy can be found at: http://www.google.com/analytics/terms/gb.html


  • Google Search Console - https://privacy.google.com/ - helps us monitor and fine-tune how Google search indexes and ranks our content. Search console does not use cookies, log-in or other information.


Our Cookie Policy may be found here.

We have provided you with links to each of their websites so that you may take the time to read up on their data protection policies yourself.

What will we use our personal information for?

We may process your personal information for a number of different purposes. We must have a legal ground for each purpose, and we will rely on the following ground:

We have a genuine business need to use your personal information such as maintaining our business records, monitoring usage of our website and marketing our services and improving our business model and services. When using your personal information in this way, we have considered your rights and ensured that our business need does not cause you harm. 

We’ve shown how we use your personal information, and the legal grounds we rely on, in the table below:


Type of Processing

Communicating with you and responding to any inquiries you have

Monitoring usage of our websites

Grounds for using personal information

We have a genuine business need (to respond to any enquiries)


We have a genuine business need (to assess usage of our website)

Grounds for special categories



We will not process your special categories of information for this purpose

We will not process your special categories of information for this purpose


Users of our Service

This includes but is not limited to:

Type of Personal Data                                                        

Example

Individual details

Name, address, other contact details (e.g. email and telephone numbers), date of birth.

Vehicle Details

Vehicle Registration Number (VRN), Vehicle Identification Number (VIN)

Telematics information

Date/time: This helps us to understand at what time of day the vehicle is driven

GPS/Locational data: This helps to understand what roads are driven and the location of the vehicle when it is moving or stationary. It also supports the Theft Tracking service.

Speed, acceleration, cornering and braking data: This helps us to understand the style of driving of the user

Accident detection: This helps us to operate the Accident Alert service and to understand the circumstances relating to any accident

Note: The telematics data obtained will relate to the vehicle, not necessarily just to the policyholder. It is not possible to determine an individual driver at any point in time. If a policy ends, or is cancelled, MOTIX Connected will cease to collect and process telematics data.


Why We Collect Your Personal Data

a) Purposes

When you use MOTIX Connected websites and apps, information is collected about your device and your visit including dates, times and duration of visits to our sites (including whether you are a first-time or repeat visitor); browsing, searching as you interact with our sites and apps; IP address; mobile telephone number; web addresses of the sites you come from and go to next, including whether you visited the website directly or were referred from another website or link; location information consistent with your browser settings and app choice; and information about your connection, including your device's browser, operating system, and platform type. We use this information for operational, performance measurement and other business purposes. This information is also used to tailor the content you see and may also be used to assess the effectiveness of our sites and to help you should you request help with navigation problems on our sites.


MOTIX Connected uses your personal data for various purposes, including providing our services, enabling your account, billing, technical support, product development, and data analysis. For telematics customers, MOTIX Connected may link vehicle and driving information to personal data. In addition, we use personal data to improve services that we offer to our customers and to combat fraud and other illegal activity.


b) Lawful Basis


Under the local laws in some countries, we must be able to describe the legal basis on which we rely to process your personal data. In most cases, we will process your personal data for our legitimate business interests (for example, to enable us to understand how our services are used and to derive knowledge that enables us to develop new services), when it is necessary for purposes of a contract, or when it is necessary for us to do so to meet our legal obligations. 

When we process your personal data for our legitimate business interests, we put in place safeguards to make sure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or fundamental rights and freedoms.

In certain circumstances and where required by law, we may ask for your consent to process your personal data, and you may withdraw your consent at any time by contacting us using the details at the end of this notice.


With Whom We Share Your Personal Data

To allow us to meet our obligations and effectively provide our services to you, it may be necessary to pass your personal data onto external parties. These external parties may include:

  • Insurance Claims Handlers

  • Insurance Providers

  • Lawyers and Solicitors

  • Loss adjustors

  • External parties involved with your insurer

  • The police and law enforcement, where obliged by law to comply.

  • External parties involved in the investigation, defence or prosecution of claims

  • Other insurers (under court order or to prevent and detect fraud)

  • The Prudential Regulatory Authority, the Financial Conduct Authority, the Information Commissioner’s Office and other regulators when obliged by law

  • Our suppliers and sub-contractors for the performance of any contract we have with them such as IT suppliers, sub-contractors and any other outsourced service centre providers

  • Selected third parties in connection with any sale, transfer or disposal of our business.

Your data will be shared securely, and only when absolutely necessary. It will never be sold on to external parties or organisations for marketing purposes.


How Long We Store Your Personal Data

We will not keep personal data for longer than necessary for the purpose for which it is processed.  It will be retained in accordance with our Data Retention Standard. Laws or regulations may require us to keep records for specific periods of time. We may also need to keep records in order to administer the insurance relationship, to fulfil our contractual or statutory obligations or to resolve queries or disputes which may arise.


We will store your personal data based upon the following criteria:


  • Whether the personal data is actively required for the purposes stated in this Data Privacy Notice

  • Whether there is a legal or regulatory reason to continue to retain the personal data


Sending your Personal Data Abroad

Sometimes we (or third parties acting on our behalf) will transfer personal information that we collect about you to countries outside of the European Economic Area (“EEA”).

Entities that receive your personal data may use it only for the purpose(s) for which it was originally shared, and they must protect it from any further use. These companies may be located outside the country where you are located. Although these countries do not always have the same data protection or privacy laws in place as your country or may not be deemed to provide protections that are "adequate" or "equivalent" to the privacy requirements of your service country, the entity providing your service binds its global employees and third party providers to the same high standard of personal information protection that it commits to you. Where transfers occur, it is likely that we will use a set of contract wording known as the “standard contractual clauses” which have been approved by the data protection authorities.


Your Rights

Under data protection law you have a number of rights in relation to the personal information that we hold about you. You can exercise these rights by contacting us. We will not usually charge you in relation to a request.


The right to access your personal information 

You are entitled to a copy of the personal information we hold about you and certain details of how we use it. We will usually provide your personal information to you in writing unless you request otherwise. Where your request has been made electronically (e.g. by email), a copy of your personal information will be provided to you by electronic means where possible.

The right to rectification 

We take reasonable steps to ensure that the information we hold about you is accurate and where necessary up to date and complete. If you believe that there are any inaccuracies, discrepancies or gaps in the information we hold about you, you can contact us and ask us to update or amend it.

The right to erasure 

This is sometimes known as the ‘right to be forgotten’. It entitles you, in certain circumstances, to request deletion of your personal information. For example, where we no longer need your personal information for the original purpose we collected it for or where you have exercised your right to withdrawn consent. Whilst we will assess every request, there are other factors that will need to be taken into consideration. For example we may be unable to erase your information as you have requested because we have a regulatory obligation to keep it.

The right to restriction of processing 

In certain circumstances, you are entitled to ask us to stop using your personal information, for example where you think that the personal information we hold about you may be inaccurate or where you think that we no longer need to use your personal information.

The right to data portability

In certain circumstances, you can request that we transfer personal information that you have provided to us to a third party.

The right to object to marketing 

You have control over the extent to which we market to you and you have the right to request that we stop sending you marketing messages at any time.  You can do this either by clicking on the “unsubscribe” button in any email that we send to you or by contacting us. Please note that even if you exercise this right because you do not want to receive marketing messages, we may still send you service-related communications where necessary.

The right to object to processing 

In addition to the right to object to marketing, in certain circumstances you will also have the right to object to us processing your personal information.  This will be when we are relying on there being a genuine business need to process your personal information. Please note, in some circumstances we will not be able to cease processing your information, but we will let you know if this is the case.

Rights relating to automated decisions 

If you have been subject to an automated decision and do not agree with the outcome, you can ask us to review it.

The right to withdraw consent 

Where we rely on your consent in order to process your personal information, you have the right to withdraw such consent to further use of your personal information. Please note that for some purposes, we need your consent in order to provide your policy. If you withdraw your consent, we may need to cancel your policy or we may be unable to pay your claim. We will advise you of this at the point you seek to withdraw your consent

The right to lodge a complaint with the ICO 

You have a right to complain to the Information Commissioner’s Office if you believe that any use of your personal information by us is in breach of applicable data protection laws and / or regulations. More information can be found on the Information Commissioner’s Office website: www.ico.org.uk . This will not affect any other legal rights or remedies that you have.


Please note that although we take your rights seriously, there may be some circumstances where we cannot comply with your request such as where complying with it would mean that we couldn’t comply with our own legal or regulatory requirements. In these instances we will let you know why we cannot comply with your request.


How we protect your information

The protection of your personal data is important to us. We take a number of technical and procedural measures to protect personal data. For example:


  • Where we capture your personal information through our website, we will do this over a secure link using recognised industry standard technology (SSL) which encrypts data that is transmitted over the internet. Most browsers will indicate this by displaying a padlock symbol on the screen

  • We prevent unauthorised electronic access to servers by use of suitable firewalls and network security measures. We use strong internal antivirus and malware monitoring tools and conduct regular vulnerability scans to protect our internal infrastructure and also to protect communications we may send you electronically. Our servers are located in secure cloud servers that are operated to recognised industry standard. Only authorised people are allowed entry and this is only in certain situations

  • We ensure that only authorised persons within our business have access to your data and conduct regular checks to validate that only the correct people have access.

  • We promote responsible access to data and segregate who can see what data within the organisation

  • Internally in our organisation, we have password policies in place which ensure passwords are strong and complex and are changed regularly

  • We use secure email exchange where necessary for sensitive data and have monitoring on all email we send and receive

  • We schedule periodic checks of all security measures to ensure they continue to be efficient and effective, taking into account technological developments.


Automated Decision-Making

In most cases, we use an automated decision-making process to make an assessment of your “risk score” this process will only use the information which you have provided to us and will make an overall assessment of your driving. This assessment will consider the level of risk involved and if applicable, generate a risk score for your insurance provider. The automated decision-making process is regularly tested to ensure it remains fair, effective, and unbiased. If you object to the use of automated decision-making, please call your Insurer directly or you may contact our Data Protection Officer directly.

MOTIX Connected may consider a range of factors, including the time of day, style of driving, and environmental information such as weather conditions. 


How to Complain

MOTIX Connected is committed to providing high-quality products and services. If you feel that we have not met your expectations, we'd like to know so we can put things right for you. You can submit a complaint over the phone, via post, by email or online here:

Address: MOTIX Connected, Great Burgh, Burgh Heath, Epsom, Surrey, KT18 5UX, United Kingdom.

Email: info@MOTIXconnected.com

We would expect that any complaint can best be dealt with by contacting us in the first instance, and we will take complaints made to us seriously. However, if you wish to complain about our use of your personal data, and do not wish to contact us first, you also have the right to complain directly to the supervisory authority. Full contact details can be found below:

Information Commissioner’s Office

Wycliffe HouseWater Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113
Website: https://ico.org.uk/global/contact-us/

Updates to this Privacy Policy

We may need to make changes to this Privacy Policy periodically, for example, as the result of government regulation, new technologies, or other developments in data protection laws or privacy generally or where we identify new sources and uses of personal information (provided such use is compatible with the purposes for which the personal information was originally collected). The Data Protection Officer will ensure that this document is updated regularly or as legislation requires.


This Privacy Policy was last updated on 18th February 2022 and comes into effect on 23rd of February 2022.