Insurer Solutions: Nationwide Smart Repair Solutions Ltd

Data handling and privacy policy

Nationwide Smart Repair Solutions Ltd Data Handling and Privacy Policy 2018

In order to conduct a transaction with you as a customer we require certain information to enable us to provide you with our services. NSRS Ltd is committed to respecting and protecting your privacy in accordance with the EU’s General Data Protection Regulation (EU 2016/679) (“GDPR”) introduced via the Data Protection Bill, to replace the Data Protection Act 1998.

For the purposes of the GDPR legislation, NSRS Ltd is classified as the Data Processor and this Privacy Policy outlines how we handle and process your data.

We are registered with the Information Commissioner’s Office under reference: ZA429974

1. How we handle your personal data

Data entered by you through our website is held securely on servers based in a UK data centre and such data including any images provided by you are used for internal purposes only and are not shared with any third party unless required to by law as detailed below.

2. How we use your information

We use your information to conduct our business with you for the purposes of providing our services to you and or processing payment from you. We may use the information we hold for research or internal statistical purposes and this is for our legitimate interests for us to analyse historic activity, to improve our algorithms to help determine future business impact and to further our commercial interests to enhance our services in developing new systems and processes.

Following a completed transaction with you we may contact you and invite you to provide feedback which we may publish on our website and other digital media platforms including social media. This will be with your permission and consent and any published content other than your first name or your title and surname will be anonymous to protect your identity and personal information.

3. Disclosure of your personal data

The personal data and information we hold about you is not shared with any external parties with the exception of where we might be required by law to disclose your personal data to including and not limited to; UK Government Agencies, Regulatory Authorities, External Auditors and External Law Firms.

4. Data Retention

Any data we hold will not be retained for longer than is necessary and will be managed in accordance with our data retention policy. In most cases the maximum retention period will be for a period of seven (7) years of the invoice date, unless we are required to retain the data for a longer period due to business, legal or regulatory requirements.

We are required by law to retain invoice transaction information and history for a period of seven (7) years which might feature your name, address, contact telephone number, email address, vehicle details and payment method. All documents are stored in digital format on a secured server hosted within the UK. No data is transferred outside of the UK or the European Economic Area (EEA). Access to information is restricted by encrypted strong passwords and is only accessible to key personnel and IT technical support staff.

Other data including email correspondence between us and any archived data is automatically deleted and destroyed after a minimum 12 months period.

Where payments are made by debit/credit card the details are solely used for the purpose of obtaining authorisation and payment from your card issuer. Whilst we record payment method and amount for receipt purposes, card information details are not stored by us.

5. Your Rights

At any time you have the right to;

  1. Request a copy of the personal information we hold about you
  2. Ask us to delete any of your personal data (subject to certain legal exemptions)
  3. Have any inaccurate or misleading data corrected or deleted
  4. Ask us to provide a copy of your data to any data controller
  5. Lodge a complaint to the Data Protection Authority; the Information Commissioner’s Office

For access to your personal data we may hold please write to:
The Data Protection Officer, Nationwide Smart Repair Solutions Ltd, Astech Mill, 50 Stratford Road, Shipston on Stour, Warwickshire, CV36 4BA.