Privacy Policy

  1. Home /
  2. Privacy Policy

Agile Developments Group Ltd (“Agile”) understands the importance of, and is committed to, protecting the privacy of data relating to identifiable living individuals (“Personal Information”).

We encourage you to read this Privacy Policy carefully because it has been designed for you, as a visitor to our website (“Site”) or user of our Agile Claim Application (“App”) or if you access our Agile Claims System at any point in the claims journey (the “System”).

Agile operates in an increasingly data-driven marketplace where the protection of Personal Information is of paramount importance to us, as we expand our business and services. By visiting the Site, using our System or App or by sending us information, you accept and fully consent to the practices described in this policy.  We adhere to Regulation (EU) 2016/679 (the “EU GDPR”) as it continues to apply to our activities or customers in the EU.  But for the majority of our operations which take place in the UK, we comply with the retained version of the EU GDPR as it applies from 1 January 2021 in the UK (as amended and updated from time to time) (the “UK GDPR”).  As we grow we shall also take account of and comply with local laws in different jurisdictions where we operate.

What Kinds of Personal Information do we Process?

Our work brings us into contact with different kinds of Personal Information (i.e.). We categorise these as follows:

  • Identity/Profile Dataincludes first name, last name, and vehicle details i.e.  make/model, registration/chassis number, IP address, cookie-logs, which can identify an individual.
  • Contact Dataincludes location or address, email address, social media handles (twitter/linkedin/Instagram pages) and telephone numbers.
  • Technical Dataincludes IP address, your login data, browser type and version, time zone setting and location, any plug-ins, operating system and some information about the devices you use to access Agile’s services.
  • Usage Dataincludes information about how you use our services, our System, our App, and proceed through the claims cycle.
  • Marketing and Communications Dataincludes your preferences in receiving marketing from us (or our partners) and your communication preferences.
  • Aggregated Dataincludes analytical data, often arranged to provide statistical or demographic information about accident patterns, telemetry data, and road user insights. For the avoidance of doubt, Aggregated Data will not be considered Personal Information when it does not directly or indirectly reveal a person’s identity.

We do not collect any Special Categories of Personal Information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).

Does this Processing make us a Data Controller or Data Processor?

For the vast majority of our work, we act under instruction from other companies acting on your behalf i.e. Your Insurer, Broker, Claims Management Company, Telematics Service Provider, Vehicle Manufacturer, Lease, Rental, Accident Assistance or Breakdown Company who are more directly responsible for handling a claim, or dealing with or advising on insurance, or managing a customer claim or a claims settlement. We provide our AI-based tools and services in order to implement these requests.  This makes us a data processor under GDPR.  But as owners of our company, as an employer, and creator of our tools and services we are a data controller in respect of our Systems, technical decisions and our employees. The diagram below helpfully depicts the difference.

HOW YOUR INFORMATION WILL BE COLLECTED

Generally, Personal Information will be collected from you directly when you input data into our App or System. At all times you are volunteering and consenting to this dialogue and exchange of information – you can withdraw and stop providing your information at any time in the process.

There may be other occasions when Agile collects your Personal Information from other sources such as public sources, your insurer, or your claims handler or other sources.  You can choose not to provide Agile with any Personal Information as you so wish.

WHY DOES AGILE NEED YOUR PERSONAL INFORMATION?

Agile collects, holds and uses your Personal Information for the purposes of providing a service to you.  Agile may also collect, hold and use your Personal Information for:

  • user engagement purposes or System integrations with others’ systems relevant to your claim or accident;
  • administrative and business management purposes;
  • marketing purposes and to identify and inform you of products, services and training courses that may be of interest to you (it is important to note that we will apply appropriate opt-in / opt-out choices which honour your prerogative to give your consent to such marketing); and/or
  • any other legal requirement. 

Change of Purpose / Re-Purposing

Agile takes reasonable steps at all times to ensure what we are doing is relevant to the purposes we communicate to you under this Privacy Policy.

We will only use your Personal Information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason which is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your Personal Information for an unrelated purpose, and only if we are legally authorised to do so, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your Personal Information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

WHAT LAWFUL BASES DO WE HAVE FOR COLLECTING AND USING YOUR PERSONAL INFORMATION?

It is increasingly important for Agile as a technology-solution provider with an App, System and Site in the insurance claims-sector to have appropriate and lawful justification for the different kinds of data processing which takes place.  Using the GDPR as our benchmark,  we have reviewed the six kinds of possible legal justification that could apply to the processing of Personal Information.  They are summarized as followed in the infographic below:

Applying these to Agile’s business model, we are confident we have the following lawful bases for processing your data (in addition to any consent you provide via signing up to our App or System or by consenting via a partner’s services or sites):

We possess a legitimate business interest in collecting and using your Personal Information especially where it is to serve our contractual requirements with partners such as insurers and claims handlers.  We are a commercial enterprise which is innovating in the claims management, telemetry and insurance space. We are bringing better, faster and more intelligent technology solutions to our industry.  We have taken time to study the three essential tests required for any “legitimate interests” examination and as a result, we believe the collation of limited Personal Information is integral and necessary for our business to function and for us to provide the Agile Services to our customer-base.  We have also considered alternate modes of operating without our App, System or technology solution and weighed the balance of the impacts of our secure data processing on individuals.  We take the view that there is minimal or no likelihood of harm to the rights and freedoms of the valued users, persons with claims and partners whose Personal Information we hold.

On a less frequent basis, we are obliged to process much of the Personal Information we receive in order to fully perform our contractual terms with our users (through terms and conditions of service) and partners whose services we supplement or enable.

Similarly infrequently but equally importantly, we will also process Personal Information where we need to comply with other legal obligations – for example connected with any regulatory requests made of us by a tax authority, or a data protection regulator such as the Information Commissioner’s Office (ICO) in the UK, or perhaps in the conduct of litigation between employee and employer where Agile’s records may be required to assist a Court or other legal process.

You are under no obligation to provide your Personal Information to Agile. However, without certain information from you, or where information provided is inaccurate or irrelevant, Agile may not be able to provide its services to you.

Cookie Policy – your interactions with Agile

We may now or in future use internal and external analytic tools to better understand usage patterns. Our aim here is to improve the design, user experience, and the relevance of our services to partners and end users. Certain cookies and similar tools we use include those provided by Google Analytics and WordPress Analytics (powered by Jetpack).

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our Site may become inaccessible or not function properly.

You have rights to manage and turn off/on certain cookies as you wish from your browser settings but you may not be able to use Agile’s App or features of our Sites if cookies are disabled. In light of recent changes to cookies practices in 2021 (with respect to the disablement of third party cookies on some browsers) we include below an updated list of the more popular browser types with hyperlinks showing how to adapt their cookie settings accordingly:

Sharing your Personal Information

Agile will only disclose your Personal Information for the purposes described in this Privacy Policy and this would by extension apply to:

  • Agile’s partners such as claims handlers and insurers where you have agreed to this when accepting our services;
  • a professional association, a regulator or registration body if relevant to the provision of Agile’s services or otherwise with your consent;
  • Agile’s professional advisors (which may or may not arise in the context of any corporate activity, due diligence or investment we undertake);
  • any other entity, with your consent, or to whom disclosure is required or authorised by law; and/or
  • any other third parties engaged to perform administrative or other services.

The Agile platform uses cloud providers such as Amazon Web Services and Microsoft Azure to manage certain data sets.  We also use Sage for accounting and financial tasks. More details on the precise locations of data sets housed or hosted by global entities such as Amazon, Microsoft, Google and Sage are available on their respective websites.

OVERSEAS DISCLOSURES

Agile may disclose Personal Information to certain important overseas service providers in order to provide our services, improve our services, and for administrative or business management purposes. Recipients of such overseas partners and business functions are currently located in the United States (for example Google Analytics) but may also be located in other countries as we grow as a business and expand our geographical coverage.  At all times Agile will ensure that wherever in the world your data is stored or processed, it will be done so in full adherence to prevailing law.

What this means for data belonging to persons within Europe is that appropriate safeguards will be taken to ensure adequate protections are in place with regards to any “third country” we use for any overseas functions or processes in compliance with the GDPR. This will include use of the EU’s Standard Model Clauses where appropriate.

Agile can aggregate your non-personally identifiable data

We may in future make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes such as for industry research or benchmarking anonymised (or pseudonymised) trend analysis.

You may request access to your Personal Information

In most cases, you are advised to seek your Personal Information from the organisation who contracted us to provide a service to it. They will hold the comprehensive range of information relating to a particular claim, insurance cover, settlement options, and other relevant data.

Nevertheless, to the extent we hold a small amount of Personal Information about you, you can gain access to it by contacting us. We will deal with all bona fide requests for access to Personal Information as quickly as possible.

IT Security – our organizational and technical measures

Agile takes all reasonable steps to ensure Personal Information it holds is protected against misuse, interference and loss and from unauthorised access, modification or disclosure. Any minimal amount of Personal Information we hold about you is stored on secure servers, and all data transferred between you and the Agile Service is encrypted.

Our experienced technical and development partners Excelledia Ventures help us to design and maintain suitable “organisational and technical measures” – all geared towards the protection and integrity of the data sets we hold.

How long do we keep your Personal Information

To determine the appropriate retention periods for each kind of data, we consider (i) the amount, nature and sensitivity of the Personal Information, (ii) the potential risk of harm from unauthorised use or disclosure of those personal details, (iii) the purposes for which they are processed, (iv) whether we can achieve those purposes through other means, and (v) the applicable jurisdictional rules which may differ from state to state or region to region (where we reserve the right to implement different retention and deletion schedules for data belonging to individuals in the EU and UK, where GDPR-standard rules may apply).

When we work with Audatex Limited, to gain access to their “first notification of loss solution” and use it in our own products, we accept a certain amount of Personal Information will require to be held for time-periods set by or agreed with Audatex Limited.  Further details on Audatex’s retention and deletion periods are available upon request.

Your rights under modern data protection principles

Article 5 of the EU GDPR codifies several key principles which provide you with rights.  Agile as a modern, progressive and ambitious company follows the spirit of these leading data protection principles for your benefit (and in particular any individuals residing in the EU or UK).  Principles such as purpose-limitation, storage-limitation, data accuracy, data security and integrity and data minimisation are honoured by Agile in the following expression of your rights:

  • The right to request a copy of any Personal Information that we hold about you (essentially your “subject access rights”);
  • The right to be told, where any information is not collected directly by us, what available information exists as to the source of the information about you;
  • The right to be told of the existence of automated responses or workflows which are part of the Agile System;
  • The right to object to the processing of data where the processing is based on either the conditions of public interest or our legitimate business interests;
  • The right to have all Personal Information erased (in other words, the right to be forgotten) which practically involves the removal of your data and any account you may have with us (but please be aware it will be impossible to use the Agile Services once you trigger such rights);
  • The right to restrict processing where you have objected to the processing;
  • The right to have inaccurate data amended or destroyed; and
  • The right to prevent processing that is likely to cause unwarranted substantial damage or distress to you.

How to make a subject access request – to edit, delete, or access your Personal Information:

As you will note above, you have the right to ask for a copy of any Personal Information that Agile holds about you in our records, to correct any inaccuracies and to update any out-of-date information. We are aware of the range of subject access requests which can arise (especially under UK GDPR and EU GDPR).  We will provide you with a copy of the Personal Information undergoing processing in electronic emailable form.    Any additional copies will incur a fee to cover our reasonable costs (including our employee’s time to assist with this additional work).

This policy may be updated from time to time

Agile reserves the right to take professional advice, review and revise our Privacy Policy at any time, and any amended Privacy Policy is effective upon posting to this website or otherwise when we communicate it to you (via email or social media handles which we may choose to use in future).  We suggest that you visit our website regularly to keep up to date with any changes.  We are keen to integrate data protection principles increasingly into the work we do with clients and business partners alike.  Where possible we look for opportunities to reflect “data protection by design” into any new programmes, initiatives and markets we seek to enter.   Any of these new measures may prompt an update to this Privacy Policy and we shall endeavour to make you aware as required.

How to contact us and/or make a complaint?

For further information or enquiries regarding Personal Information that we may hold about you, or if you would like to opt out of receiving any promotional communications, please write to:

Agile Developments Data Protection Officer:

3 Sinclair Close,

Colchester,

England, CO4 5WD

Complaints@agiledevelopments.group

In the event of a complaint, please use the above email address to contact us directly.  In the event you remain dissatisfied after raising an issue with us in connection with this privacy policy, you are free to contact the Information Commissioner’s Office at the following address:

Information Commissioner’s Office
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire, SK9 5AF

Tel: 0303 123 1113 (local rate)

Last update: February 2022