We are committed to protecting and respecting privacy. This Privacy Policy should be read in conjunction with our Terms and Conditions and applies to your use of our Service and Site. The same definitions apply.
This Privacy Policy has two sections. Part A relates to your own personal data submitted to us in the course of our business, including your use of our Site and Services, which we decide how to process (i.e. where we are the Data Controller). Part B relates to personal data relating to others that you submit to us or we collect to process on your behalf (i.e. where we are your Data Processor).
Personal data is information that allows someone to identify or contact you e.g. your name, address, telephone number, email address, as well as any other information about you that is associated or linked to such information (‘your Information’). This Privacy Policy sets out the basis on which we may collect, use, process and store your Information that we collect or that you provide to us by any direct or indirect means. Our Site contains privacy panels and information which determine how we will collect and process your Information. Please read the relevant sections of our Site when you submit any Information to us. This Privacy Policy explains our practices regarding your Information and how we will treat it. By submitting any of your Information to us through either our Site or Services or otherwise, you are agreeing to the terms of this Privacy Policy and you expressly consent to the collection, use and disclosure of your Information in accordance with this Privacy Policy and you represent and warrant that you have all rights necessary to submit your Information. Please do not submit to us any personal data relating to you or any other data subject unless you have the right to do so.
If you need any help or assistance in relation to the use of our Site, please contact support@coveragebook.com and we will do our best to get back to you promptly.
We may collect and process the following Information about you:
Our servers may collect your Information including data about your computer or device, including where available your IP address, operating system and browser type, to assist us in the provision of the Site and Services, for system administration and to report aggregate anonymised information to our associates and Third Party API Providers.
For the same reason, we may obtain your Information about Site usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our Site and to deliver a better and more personalised service. They enable us:
We use your Information in the following ways:
We shall only be entitled to process your Information as above to the extent that at least one of the following applies:
We may disclose your Information subject to the same restrictions as contained in this Privacy Policy to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 736 of the UK Companies Act 1985. We may also disclose your Information to third parties:
When we subcontract the running of our Site or any part of it to a third party (including but not limited to Third Party API Providers) or where the Site interacts with a third party service provider, provided that all subcontractors are bound by reasonable privacy policies.
In the event that we sell or buy any business or assets, in which case we may disclose your Information in confidence to the prospective seller or buyer of such business or assets.
If we or substantially all of our assets are transferred to or acquired by a third party, in which case all of your Information will be one of the transferred assets on the equivalent terms and conditions as herein.
If we are under a duty to disclose or share your Information in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions other agreements; or to protect the rights, property, or safety of us, our customers, or others. This includes exchanging Information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We will endeavour not keep your Information for longer than necessary in order to facilitate your use of our Site and Services. If you wish to delete your content or your account, we will delete the content we hold in relation to you on request, except that some prior content may remain in backup or cached copies for a reasonable time (but we will not make it available again to third parties). In addition, content that you have submitted to our Third Party API Providers may still be in use and so there may be some ongoing use of your Information. We may also retain certain information to prevent identity theft, legal disputes and misconduct, even if deletion has been requested.
All of your Information that you provide to us is stored on our servers, which may be hosted by third parties. Any payment transactions (if any) will be encrypted and may be processed by third party payment providers. In addition, as a condition of providing certain third party services to you, we may need to provide your Information to our Third Party API Providers to enable them to monitor the usage by you of their services, which use may be subject to the privacy policies of our Third Party API Providers.
When you click on a link to a third party website, you will leave our Site and a third party may collect your Information from that site subject to their own privacy policy. We have no control over such third party sites and privacy policies. This Privacy Policy only applies to your Information collected by us via this Site.
Your Information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by third parties and staff operating outside the EEA who work for us or for one of our suppliers as necessary for operating the Site and Services. If any processing of your Information is to take place outside of the EEA in a third country or international organisation which does not ensure an adequate level of data protection, we may only transfer your Information if appropriate safeguards have been implemented and on the condition that enforceable data subject rights and effective legal remedies for data subjects are available. The safeguards may be by way of EU Model Contract Clauses, binding corporate rules, approved code of conduct or approved certification mechanism. If you require any further information in this regard, please contact support@coveragebook.com.
We may create anonymous records from your Information by excluding all data from which you may be identified or contacted. We may use such anonymised data for our reasonable business purposes (including but not limited to research and develop our Site and Services and our business).
You have a number of rights as a data subject as summarised below:
You have the right to obtain confirmation as to whether or not personal data concerning you are being processed and, where that is the case, to access your Information and details of how we process it, as long as this does not adversely affect the rights and freedoms of others. You may request a copy of Information undergoing processing, subject to evidence of your identity (normally a certified copy of your passport plus an original copy of a utility bill showing your current address). The first copy shall be provided without charge, but reasonable administration fees shall be charged for additional or subsequent copies.
We will rectify any errors in the Information we hold on request.
You may erase your Information from our systems in the following situations:
You have the right to restrict our processing on specified grounds.
Where you have asked us to rectify, erase or restrict processing of your information, we shall communicate the same to each recipient to whom your Information has been disclosed, unless this proves impossible or involves disproportionate effort, in which case we shall let you know.
You have the right in specific circumstances where processing is based on consent to receive your Information in a structured, commonly used and machine-readable format and have the right to transmit the Information to another controller without hindrance, provided that our processing is carried out by automated means.
In certain circumstances you have the right to object to our processing of your Information, including in relation to profiling, direct marketing or scientific or historical research purposes.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you unless this is necessary for our contract, is authorised under applicable law or is based on your explicit consent.
You can exercise these right by contacting us at support@coveragebook.com and/or by following our online account procedures. We shall respond to your requests without undue delay and in any event within one month unless we need to extend such period by up to two further months in specific circumstances. Please note that if you delete or restrict your account or required Information, this may prevent you from making full use of our Services.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone, including people who work for us.
The transmission of you Information via the internet is not completely secure. Although we will do our best to protect your Information, we cannot guarantee the security of your Information transmitted to or from our Site; any transmission is at your own risk. Once we have received your Information, we will use strict procedures and security features to try to prevent unauthorised access.
Where processing of personal data relating to others controlled by you (“Subscriber Personal Data”) is to be carried out on your behalf pursuant to the terms and functionality applicable to your Coveragebook.com subscription, appropriate technical and organisational measures shall be implemented by us in such a manner that processing will meet the requirements of the EU General Data Protection Regulation 2016/679 (“GDPR”), as may be amended or superseded and other applicable data protection laws and regulations in the UK and EU (together, “Data Protection Laws”) and ensure the protection of the rights of the data subject.
We shall not engage a subprocessor to process Subscriber Personal Data (“Subprocessor”) without your prior specific or general written authorisation, which may be given in electronic form. In the case of general written authorisation, we shall inform you of any intended changes concerning the addition or replacement of other processors, thereby giving you the opportunity to object to such changes. Details of this process are set out below.
Details of the subject-matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects are set out below.
In respect of any processing of Subscriber Personal Data we shall:
Where we engage a Subprocessor, such engagement shall contain the same, or equivalent, data protection obligations as are referred to above by way of a binding contract or other other legal act, in particular providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of GDPR.
Where any Subprocessor engaged by us fails to fulfil its data protection obligations in respect of Subscriber Personal Data, we shall remain fully liable to you for the performance of that subprocessor’s obligations.
You hereby instructs us to process Subscriber Personal Data as reasonably necessary for the provision of the Site and Services and in compliance with our Terms and Conditions.
We may continue to use those Subprocessors already engaged by us as at the date of these terms, provided that prior to May 2018 wee meet the obligations set out in this Addendum regarding such Subprocessors.
With respect to each new Subprocessor appointed after the date of this Addendum, we shall:
We shall publish on the Site the appointment of any new Subprocessors to be appointed, including full details of the processing to be undertaken by the Subprocessor. If, within 14 days of publication, you notify us in writing of any objections (on reasonable grounds) to the proposed appointment, we shall not disclose any Subscriber Personal Data to that proposed Subprocessor and/or (as applicable) you shall not access any element of our Site or Services affected by this issue until reasonable steps have been taken to address the objections raised by you. If no such objections are raised, you shall be deemed to have consented to the appointment of the Subprocessor.
We shall be entitled to charge you for the reasonable and verified costs of our specific assistance and cooperation provided pursuant to this Privacy Policy except to the extent that such measures have been necessitated by a breach by us or our Subprocessors. Our charges shall be on a time and materials basis according to our prevailing Rate Card and invoiced according to our standard payment terms.
In the event that we are able to demonstrate that we and/or any Subprocessor adheres to an approved code of conduct or approved certification mechanism as referred to in Article 40 GDPR, you accept that we may rely on the same to demonstrate its compliance with this Privacy Policy, so as to mitigate or avoid incurring unnecessary administration and costs, unless otherwise required by Data Protection Laws or as may be mutually agreed by the parties.
The processing of Subscriber Personal Data as required by Article 28(3) GDPR is as follows:
The subject matter and duration of the processing of the Subscriber Personal Data are set out in our Site, Terms and Conditions and Privacy Policy.
All reasonable purposes in relation to our performance of our contractual obligations to you.
All personal data processed in the normal use, management and development of our Site and Services including:
All users of our Site and Services, mobile applications and other features, services and technology provided by us which may include:
Your obligations and rights are set out in the Terms and Conditions and this Privacy Policy.
Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to request from a business with whom the California resident has an established business relationship what types of personal information, if any, the business shares with third parties for direct marketing purposes by such third parties and the identities of the third parties with whom the business has shared such information in the immediately preceding calendar year. We do not currently share any Subscriber Personal Data with third parties for direct marketing purposes by such parties. A number of states are currently considering enacting laws similar to the California law above. If you are a resident of a state that enacts such a law, please contact us with any questions, requests or comments by email to support@coveragebook.com.
Our Site and Services are not intended for use by children, and we do not knowingly collect any personal data from children under 13. For purposes of the Children’s Online Privacy Protection Act (COPPA) in the US, if we learn that we have collected the personal data of any such individual, we will take steps to delete the data as soon as possible.
Any changes we may make to our Privacy Policy in the future will be posted on this page and, where we consider appropriate, we may notify you by e-mail in advance of their application. They shall become binding on you on publication on our Site. Any continued use of our Site and/or Services shall constitute your deemed acceptance of such changes.
Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to support@coveragebook.com.