Privacy Notice

Privacy notice updated: January 2025 We’re committed to safeguarding and preserving the privacy of personal data. This privacy notice explains what happens to any personal data you provide to us, or that we collect from you. In this privacy notice, references to “our”, “us” and “we” are to Planet Protection Ltd. Planet Protection Ltd is registered in England and Wales under company number 15384818, authorised and regulated by the Financial Conduct Authority, with our registered office at 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ. If you have any questions about our privacy notice, please email privacy@planetprotection.co.uk. This privacy notice describes how and why we obtain, store and process information which can identify you directly or indirectly, such as your name, contact details, business information and location information. This privacy notice applies where we’re acting as a data controller in respect of your personal data. References to the processing of information include the collection, use, storage and protection of personal data. All personal data collected by us will only be processed in accordance with this privacy notice.  

How We Protect Information

We’re committed to ensuring that the information we process is as secure as possible. In order to prevent unauthorised access, use or disclosure, we’ve put in place physical, electronic and organisational procedures to protect it. Anyone processing personal data in our team or on our behalf must do so in accordance with this privacy notice and on the basis that we’re satisfied that they can and will adhere to our high standards for data protection and security. Information entered on our website and email data processed by our mail servers is encrypted in transit using HTTPS over Transport Layer Security (TLS). We use encryption as well as Secure Sockets Layer certificates (SSL) when sending payment information to our payment providers. Please note, however, that transmission of data over the internet is inherently insecure, so we can’t guarantee the security of information sent over the internet. If we provide you with a password to access our services, it is your responsibility to keep it confidential. We won’t ask you for your password, other than when you need to log in. We recommend that you regularly change your password.  

Information We Collect, and How We Use It

Generally, information we may collect from and process about you falls into the following categories:

1. Information we collect from you through our product application or renewal process, or through the management of your account – for example, your name, contact details and information about your business, or claims history. Financial information relating to your payments to and from us. This could be on the website, on the phone or if you write to us; generally we refer to this as ‘Account Data’.
2. Information automatically collected about you when you visit our site (“Website Data”) – Website Data may include your IP address, browser type and version, location data, source of referral, length of visit, pages you view, search queries you make and general use of our website.
3. Information from third party sources – for example, sanctions checks, information from third party insurers and underwriters, information about your use of services from analytics software, information about your business online.
4. Information provided by you through social media, like queries and complaints to us.

Why Do We Use Your Information?

Your Account Data will be processed for a number of reasons, including:

1. To assess your insurance requirements
2. To provide cover
3. To calculate your insurance premiums and policy conditions
4. To obtain and provide you with quotes for insurance
5. To arrange and manage your insurance policies, including claims, mid-term alterations, renewals and cancellations
6. To follow up with you by email when you have started the application process
7. To provide our products and services
8. To comply with our legal and regulatory obligations

We may also use this information to help us improve and sell our services, and to monitor our compliance with regulatory requirements. We may create a profile about you to help us provide services and understand your preferences to send you the most relevant information. We make automated decisions using profiling, which may include non-human intervention for example, to decide what type of cover and the level, cost and terms of the cover to provide to you. You can always contact our customer service team to discuss this further.  

The Legal Basis for Using Your Personal Information

The law sets out the permitted basis for our processing of your information. We rely on the following bases to process your data:

1. Legitimate interests – the processing is necessary for our, your or a third party’s legitimate interests unless overridden by your personal data rights.
2. Contract – the processing is necessary for an insurance policy between us, or because we are taking specific steps towards entering into a contract with or on behalf of you.
3. Legal Obligation – We process personal data where necessary to comply with any legal obligations which we’re subject to; to establish or defend any legal claims so as to protect our or your legal rights, or the legal rights of other interested parties; or to obtain or maintain our own insurance cover, obtain professional advice or otherwise manage business risks.
4. Consent – for certain activities, where we need your express consent to process your information, we will obtain it prior to using your information and you can change your mind at any time.
5. Public interest – for instance cooperating voluntarily with a police investigation.

Call Recording

Please note that we record phone calls for the following purposes:

1. Collecting Account Data
2. Training and monitoring our team
3. Fraud prevention and security
4. Quality assurance and service improvement
5. Compliance with regulatory requirements

We don’t store payment card information on our systems. Please don’t send it to us. We will never ask you for your bank details.  

Information We Share with Third Parties

We share Account Data with:

1. Other businesses in the insurance industry, such as:
2. Underwriters
3. Other intermediaries
4. Business service providers
5. External consultants For the purposes of calculating premiums, assessing claims, arranging and handling your insurance.
6. Our own insurers and professional advisors where necessary to:
7. Obtain insurance or professional advice
8. Establish or defend legal claims
9. Comply with legal obligations
10. Protect your interests
11. Manage business risks
12. Applicable regulators when requested, including:
13. Financial Conduct Authority (FCA)
14. Financial Ombudsman Service
15. Information Commissioner’s Office (ICO)
16. HM Revenue & Customs (HMRC)

We use third parties to enable us to provide our services. These may store personal data and include:

1. IT services and cloud storage providers
2. Marketing services providers
3. Client relationship management tools
4. Data analysis services
5. Payment processing services
6. Compliance and regulatory support services

We enter into agreements with all third-party data processors which state that personal data will not be processed for any purpose other than as stated in our privacy policies.  

International Transfers of Data Outside the European Economic Area

Some of our third-party service providers may store or process your data outside the UK/EEA. When this occurs, we ensure appropriate safeguards are in place through:

1. Standard contractual clauses approved by the UK government/European Commission
2. Adequacy decisions where applicable
3. Additional technical and organizational security measures as needed

Retention of Personal Data

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including:

1. Maintaining our business records for analysis and audit purposes
2. Complying with legal and regulatory record-keeping requirements
3. Defending or taking legal action
4. Managing complaints about our products and services
5. Assessing the effectiveness of our marketing and services

Typical retention periods:

1. Account data: Minimum 7 years after closure
2. Incomplete applications: Maximum 2 years (unless you opt in for marketing)
3. Website data (cookies etc.): Deleted when no longer required
4. Marketing data: Until you withdraw consent or opt-out
5. We may need to extend these periods to meet legal/regulatory requirements or handle ongoing queries/complaints.

Your Individual Rights

As a data subject, you have the right to:

1. Request access to your personal information (Subject Access Request)
2. Request correction of incomplete or inaccurate information
3. Request erasure of your personal information where there is no compelling reason for continued processing
4. Object to processing based on legitimate interests
5. Request restriction of processing in certain circumstances
6. Request transfer of your data to another provider
7. Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@planetprotection.co.uk or write to: Data Protection Officer Planet Protection Ltd 71-75 Shelton Street Covent Garden London, WC2H 9JQ We may charge a reasonable fee or refuse to respond if your request is manifestly unfounded or excessive.  

Complaints

You have the right to complain about how we handle your personal data. Please contact us first at privacy@planetprotection.co.uk – we aim to resolve all complaints promptly and fairly. If you’re not satisfied with our response, you can complain to: Information Commissioner’s Office (ICO) Website: www.ico.org.uk Tel: 0303 123 1113  

Links to Third Party Websites

Our website may contain links to other websites. Once you leave our website, we don’t have control over other websites. We’re not responsible for the protection and privacy of any information you provide while visiting third party websites, and such sites are not governed by this privacy notice.  

Changes to This Privacy Notice

We review this privacy notice regularly and may update it from time to time. Any changes will be posted on our website. This privacy notice was last updated in January 2025. This privacy notice is maintained by the Data Protection Officer of Planet Protection Ltd. For questions about this privacy notice or our privacy practices, please contact: privacy@planetprotection.co.uk