Privacy Policy

For us, data protection is a sensitive topic. Our activities to comply with the GDPR are in order to respect your privacy.

The purpose of this policy is to explain how we control, process, handle and protect your personal data when using this website. If you do not agree to any of the policy, you may wish to cease using this website.

Controller for the data processing on our website https://expertcompare.co.uk is

C/o Candid Insurance Services Ltd
85 Whiteladies Rd
Bristol
BS8 2NT

Email: hello@expertcompare.co.uk

‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

a) Data collected on expertcompare.co.uk

Generally, you can use our website without giving away any personal data. However, we save certain data in our server log files when you connect to our website. The server log files contain information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type, referral source, length of visit and number of page views). Therefore, we use “session” cookies (for further cookie uses see forth sec. 10). Session cookies will be deleted from your computer when you close your browser. We save and use your IP-address as well as a time stamp only for internal reasons.

Rationale/Reason for Processing Lawful Basis for Processing Third party recipients linked to that activity

  • - to assist you in obtaining a quote
  • - to provide you with the service that you require and expect/li>
  • Legitimate Interests* Data is used for the purpose of arranging an introduction to an FCA-authorised mortgage or insurance intermediary who will be able to provide you with a quote on the mortgage or insurance product that you are interested in.

*Legitimate Interests is defined as ‘processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

b) Personal data submitted to us

We collect your personal data if you submit them to us via a form, for example.

If you request a service we would typically collect the following:

We only process personal data in accordance with the GDPR or any other national data protection law.

a) Processing is necessary for the performance of a contract (Art. 6 par. 1 lit. b) GDPR)

We process your personal data mainly to provide you with our services, especially in order to give you access to your account as a buyer and/or seller and to use it for transactions with other buyers and/or sellers.

b) Processing is necessary for the purposes of legitimate interests (Art. 6 par. 1 lit. f) GDPR)

In certain cases, we process data for our legitimate interests to provide you with the services of our website and to maintain the security of our IT systems. This concerns data stored in the server log files, for example.

We may disclose information about you to any of our employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes as set out in this privacy policy.

Where you request a service from us, this will usually necessitate passing your personal data to an insurance or finance broker. We will inform you at the time the request is made who this is.

In addition, we may disclose information about you:

We use the service Google Analytics (see forth under sec. 10), where data is transferred and then processed outside of the European Union, namely in the United States of America. However, Google LLC, the provider of Google Analytics, is under the EU-US-Privacy-Shield, which ensures a standard of data protection, comparable to the EU.

In addition, personal information that you submit for publication on the website will be published on the internet and may be available via the internet around the world.

We save data processed on a contractual basis for three years after the contract is terminated, after which it is deleted.

Data processed because of a legitimate interest is saved for three years after it has been collected.

As soon as the storage period expires, the personal data are routinely erased in accordance with legal requirements.

Pursuant to the GDPR, you have certain rights as a data subject:

If you provided us with your informed consent, you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. To withdraw your consent, please write to:

The Data ProtectionOfficer

C/o Candid Insurance Services Ltd
85 Whiteladies Rd
Bristol
BS8 2NT

Our ICO number is: Z3488836

You neither are obliged to provide any personal data to us, nor is processing your data a statutory requirement. However, if you want to enter into a contract with us as a seller or buyer, you have to provide us with the necessary data. Otherwise, a conclusion of contract is not possible.

We do not use automatic decision-making or profiling.

We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.

We will store all the personal information you provide on our secure (password- and firewall- protected) servers.

Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

  1. Controller
  2. What is personal data and how do we collect it
    • your first name
    • your surname
    • your direct dial
    • your mobile
    • your email
    • your address
    • details required to provided the service request
  3. Purposes we use your personal data for

    We will contract a third party to supply products and services to you on Our behalf. These may include providing you with a mortgage quotation, delivery of goods and services, search engine facilities, advertising, and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, We will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, Our obligations, and the obligations of the third party under the law.

    Rationale/Reason for Processing Lawful Basis for Processing Third party recipients linked to that activity

    • to assist you in obtaining a quote
    • to provide you with the service that you require and expect
    • Legitimate Interests* Data is used for the purpose of arranging an introduction to an FCA-authorised mortgage or insurance intermediary who will be able to provide you with a quote on the mortgage or insurance product that you are interested in.

    *Legitimate Interests is defined as ‘processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child’.

    It is in our ‘legitimate interests’ to introduce you to an FCA-authorised mortgage or insurance intermediary, as this is the service we offer. This aligns with your interests to receive a quote from an FCA-authorised mortgage or insurance intermediary.

  4. Disclosures to third parties
    • to the extent that we are required to do so by law;
    • in connection with any legal proceedings or prospective legal proceedings;
    • in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk); and to the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling.
    •  Except as provided in this privacy policy, we will not provide your information to third parties.
  5. Data retention
  6. Rights of the data subject
    • You shall have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and certain information. (Art. 15 GDPR: right to access)
    • You shall have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement. (Art. 16 GDPR: right to rectification)
    • You shall have the right to obtain from us the erasure of your personal data without undue delay. (Art. 17 GDPR: right to erasure)
    • You shall have the right to obtain from us restriction of processing. (Art. 18 GDPR: right to restriction of processing)
    • You shall have the right to receive your personal data, you provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided or to have the personal data transmitted directly from one controller to another, where technically feasible. (Art. 20 DS-GVO: right to data portability)
    • You shall have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or where processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, including profiling based on those provision. (Art. 21 GDPR: right to object)
    • You shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation. (Art. 77 GDPR: right to lodge a complaint with a supervisory authority). https://ico.org.uk/make-a-complaint/
    • You shall have the right to be informed about the collection and use of your personal data
    • Please refer to section 8 for the right not to be profiled.
  7. Obligation to provide personal data
  8. Automatic decision-making
  9. Security
  10. Internet specific services

a) Cookies

A cookie consists of information, sent by a web server to a web browser, which stores the cookie on the user’s device. The information in the cookie is sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the specific browser.

We may use both “session” cookies and “persistent” cookies on our website. We will use session cookies to keep track of you whilst you navigate the website; we will use persistent cookies to enable our website to recognise your browser if you visit us again;

Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until they are deleted or until they reach their expiry date.

You may at any time prevent the setting of cookies by using the corresponding settings in your browser or the respective software on your device and thus permanently deny the setting of cookies. Moreover, you may delete cookies saved on your device at any time. However, if you deactivate the setting of cookies, not all functions of our website may be entirely usable.

b) Google Analytics

We use Google Analytics. Google Analytics is a web analytics service of the Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043-1351, United States. Via this technology, we collect and analyse data about our visitor’s behaviour. This data is anonymous and we use it for the optimization of our website. We use the function anonymizeIP, which anonymizes your IP-address before the data is transferred to Google’s servers in the United States of America.

Google Analytics places cookies on your device. By setting the cookie, Google may analyse the use of our website. Therefore, Google gains knowledge of information, such as the access time, the location from which the site was accessed and the frequency of visits of our website by the data subject. With each visit to our website, data will be transmitted to Google in the United States of America. Google may store and pass these personal data collected through the technical procedure on to third parties.

As stated above, you may prevent the setting of cookies through our website at any time by means of a corresponding adjustment of your web browser or respective software used. Additionally, you may download a browser add-on under the link https://tools.google.com/dlpage/gaoptout and install it.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html. Google Analytics is further explained under the following Link https://www.google.com/analytics/.