OFFER ENDS IN

INTRODUCTORY DISCOUNT 60% OFF

Privacy Policy

Last updated on 28/08/2024

  1. Introduction

    1. Who we are

      Ripe Thinking Limited is a company incorporated in England and Wales with registration number 9651089 and having its registered address at The Royals, Altrincham Road, Manchester, M22 4BJ (Ripe Thinking).

      This Privacy Policy is issued on behalf of the Ripe Thinking companies within the United Kingdom (UK). When we mention "Ripe", "we", "us" or "our", what we mean is the relevant company controlled by Ripe Thinking that processes your personal data. Further information on the group of companies is set out below.

      We are a tech-driven insurance specialist. We are registered with the Information Commissioner's Office (ICO) and we appear on the ICO's register of data protection fee payers. Our registration numbers are set out below (the companies below shall together be referred to as, the Ripe Group):

      • Ripe Thinking Limited - ZA288747
      • Ripe Thinking Two Limited - ZA712579
      • Ripe Insurance Services Limited - Z9481976
      • The Golfers Club UK Limited - Z6686163
      • GreenFree Limited - ZA051431

      We are committed to compliance with all applicable data protection legislation, including the UK General Data Protection Regulation, the Data Protection Act 2018, and Privacy and Electronic Communications Regulations 2003.

    2. Purpose of this Privacy Policy

      This Privacy Policy explains how we use personal data which we collect about individuals in relation to insurance quotations, policies or products sold.

      We use a combination of security measures to protect your personal data in line with our obligations under data protection law. Our employees receive training to help us comply with data protection law and safeguard your privacy.

      Where you are an individual, the Ripe Group company that services your product, arranges your insurance quotation, policy or product, will be the main company responsible for your personal data, known as the controller. Most of the personal data we collect relates to the individual who is taking out a policy (or other individuals where it's taken out jointly). We may also ask for personal data about other individuals if we need it. For example, if you ask us to provide insurance for someone other than you such as other household or family members. If you provide us with personal data about someone else, we will assume that you have their permission, where required. We will process their personal data according to this Privacy Policy so please encourage them to read it if they want to find out more.

      By providing personal data you are accepting the practices described in this Privacy Policy. Any dispute you have regarding privacy is subject to this Privacy Policy and our Terms of Business. We keep this Privacy Policy and the Terms of Business under regular review and we reserve the right to update them without notice. We recommend you visit these sections regularly as continued use of this site after a change will constitute acceptance of the new Terms. Our Terms of Business do not affect your statutory rights.

  2. Contents

    This Privacy Policy consists of the sections set out below. For ease of reference, please click on the relevant section to go directly to that section.

    • Who we are
    • Purpose of this Privacy Policy
    • How we collect information from you
    • What information we may collect about you
    • Information from third parties
    • How we use your personal data
    • Lawful bases for uses of personal data
    • International transfers of personal data
    • Automated decision-making
    • Marketing
    • Your rights
    • Accuracy of your data
    • Retention of your data
    • Social plugins
    • Cookies
    • Children
    • Dealing with other people
    • Security of your data
    • External links
    • Contacting us
    • How to report a concern
    • Updates to this Privacy Policy
  3. How we collect information from you

    We collect your personal data in a number of ways.

    • Directly from you. We collect information about you when you register with us, contact us or place an order for our services, voluntarily complete insurance forms, customer surveys, provide feedback and participate in competitions, or apply for a job.
    • From third parties. Where you are a joint policyholder, named driver or otherwise a beneficiary under a policy, we will also obtain personal data about you from the policyholder.
    • Automatically. Website usage information is collected using cookies. Further details on our use of cookies is set out below.

    Further information on the types of personal data that we collect and process is set out below.

  4. What information do we collect about you?

    1. Information provided by you or third parties

      • General data: your name, date of birth and your relationships to other people, e.g. family members on a joint insurance policy.
      • Contact data: your postal address, telephone/mobile number and e-mail address.
      • Fiduciary data: their name.
      • Identification data: e.g. driving licence number or passport.
      • Product data: information about quotations, policies and claims, and any information relevant to your product, e.g. products make, model, value and serial number and your renewal dates and policy and claim histories.
      • Appearance and behavioural data: your gender, age, general interests, descriptive data, e.g. demographic data and behavioural data, e.g. your purchase history.
      • Claims data: if a claim is made under an insurance policy, this includes information about the claim collected from you.
      • Fraud and sanctions related data: information obtained as a result of investigations, e.g. carrying out checks of publicly available sources such as newspapers and social media sites and information obtained from checks of fraud databases and sanctions lists such as relationships/close associations with politically exposed persons.
      • Education and employment-related data: your education, vocational and professional qualifications, employment status, job title employment and educational history.
      • Financial data: includes credit/debit card details (including updated card information provided by card issuers when changes are made) and bank account details, payment information and details of income and assets.
      • Credit assessment data: includes information received from credit agencies.
      • Sensitive personal data: information about health, life events, resilience and capability that helps us identify if you might have additional support requirements in order that we can better meet your needs. Where relevant, we also process information about physical or mental health conditions, test results, medical results and treatment, information about personal injuries sustained. We may also collect details regarding criminal offences, including alleged offences, criminal proceedings, outcomes and sentences (previous criminal convictions). We may also process information about trade union membership if you share this information with us.
      • Authentication data: includes account log-in information, passwords and memorable data for accessing your accounts.
      • Telephone recordings, emails and online chat transcripts: information obtained during recordings of telephone calls, emails or online chats with our representatives and contact centre.
      • Marketing and communication preferences, promotion entries and customer feedback: includes marketing and communication preferences, information relating to promotions and prize draws, responses to surveys, complaints and details of your customer experience.
      • Vehicle and driving related data: includes driving licence status, entitlement and restrictions or endorsements, driving convictions, vehicle details including registration number and MOT details (to help insurers check information to prevent fraud and reduce incidences of negligent misrepresentation and non-disclosure).
      • Demographic/profile information: for instance, your postcode and age.
      • Technical data: Internet Protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
    2. Information from third parties

      We may also obtain personal data from third parties, including the following:

      • Comparison websites and other similar companies where you have used these companies to obtain quotes.
      • Third parties who provide you with services relating to your product such as roadside assistance providers.
      • Third parties who provide us, or your insurer relevant to your product or claim, with services such as but not limited to loss adjusters, claims handlers, legal advisers, assistance providers, and experts.
      • Third parties involved in your product or claim, such as but not limited to claimants, defendants and witnesses to an incident.
      • Financial crime, fraud or uninsured detection agencies, databases and sanctions lists, including the Motor Insurers' Bureau (MIB) who are the data controller for the Motor Insurance Database (MID), the Claims Underwriting Exchange (CUE), Motor Insurance Anti-Fraud Theft Register, No Claims Discount Database, MyLicence, Whiplash Reforms Programme, Employers' Liability Tracing Office (ELTO) and Insurance Fraud Bureau (IFB).
      • Government agencies and regulatory bodies including the police, the courts, the Driver and Vehicle Licensing Agency (DVLA), Driver and Vehicle Standards Agency (DVSA), the Department for Work and Pensions (DWP), Companies House.
      • Regulators who regulate how we operate including the Financial Conduct Authority (FCA), Information Commissioner's Office (ICO) and the Financial Ombudsman Service (FOS).
      • Where we search your (or any person included on the proposal) 'No Claims Discount' details against a No Claims Discount database (NCD) to obtain information in relation to your 'No Claims Discount' entitlement, such searches may be carried out against your name, date of birth, gender, Vehicle Registration Mark and or address/postcode.
      • Insurance industry bodies, including the Association of British Insurers and the MIB.
      • Third parties that provide services in relation to your policy or claim, including checking no claims discounts.
      • Other third party suppliers including, auditors, legal advisers and other professional service firms and sanctions checking service providers.
      • Data suppliers, such as but not limited to Equifax and LexisNexis.
      • Publicly available sources including HM Land Registry, the Office for National Statistics (such as but not limited to census data) and other data made available under the Open Government Licence, internet searches, news articles, online marketplaces and social media sites, apps and networks (such as but not limited to Twitter, Facebook and Instagram).
      • Providers of marketing and advertising services.
      • Third parties in connection with any acquisition of a business by us.
  5. How we use your personal data

    We shall use your personal data for the purposes set out below.

    • Performing the services which you have requested.
    • To provide customer service, including responding to your enquires and fulfilling any of your requests for information.
    • To send you important information regarding our services.
    • For any regulatory or legal purposes imposed on us (for instance for reporting to the FCA).
    • For informing you about other services and products provided by us or our partners which may be of interest to you.
    • For delivering any prizes or discounts which you may be entitled to through promotions or competitions run by us or our partners.
    • Information collected from the website is used to personalise your repeat visits to the website.
    • For the administration of our recommend a friend programme with MentionMe.
    • For any other legitimate interest of ours such as for carrying out credit checks, preventing fraud, maintaining adequate records or for the recovery of unpaid debts.
    • Processing of personal and sensitive personal data is necessary for us to provide your insurance policy, benefits or other services, such as assessing your application and setting you up as a policyholder, administering and managing your insurance policy or benefits, providing all related services, providing a quote, handling and paying claims and communicating with you. In these circumstances, if you do not provide such information, we may not be able to offer you a policy, service or process a claim.

    Some or all of the information you supply to us in connection with your insurance proposal may be passed to third parties including those set out below.

    • Insurance and other companies for underwriting, claims and premium collection purposes.
    • Credit reference agencies.
    • Other sub-contractors who may assist us in providing the services requested from you.
    • Service providers (such as our partners in order to redeem any promotional offers or for us to run a promotion).
    • MentionMe for the administration and validation required for our recommend a friend programme, regardless of whether you have enrolled in the programme.
    • To our partners for marketing purposes (where you have provided your consent). Where a partner processes your information for their own purposes (for instance when redeeming a promotional offer) you should refer to such partner’s own privacy policy. You have the right at any time to stop us from contacting you for marketing purposes or giving your information to companies outside of the Ripe Group. If you no longer wish to be contacted for marketing purposes, please e-mail dataprotection@ripeinsurance.co.uk
    • In processing your order, we may send your details to, and use information from credit reference agencies, fraud prevention agencies and other companies or agencies for use in credit decisions and risk profiling. When you apply to us for insurance, we will also pass your details to the insurer. Information provided by you may be put onto a register of claims and shared with other insurers to prevent fraudulent claims.
    • If you agree we shall share your personal data within Ripe Group to offer you additional products and services.
    • Where you provide your (or any person included on the proposal) Driving Licence Number (DLN) to confirm your (or the relevant person included on the proposal) licence status, entitlement and relevant restriction information and endorsement/conviction data, searches may be carried out prior to the date of the insurance policy and at any point throughout the duration of your insurance policy including at the mid-term adjustment and renewal stage. A search of the DLN with the DVLA should not show a footprint against your (or another relevant person included on the proposal) driving licence. For details relating to information held about you by the DVLA please visit www.dvla.gov.uk.
    • We will pass details of your 'No Claims Discount' to certain organisations to be recorded on a NCD database. This will occur if information requires updating or correcting at any stage, and also at the renewal stage of your policy and upon or after the cancellation of your policy prior to the expiry date.
    • Searches may be carried out at point of quote or point of sale and if an insurance policy is incepted during the term of your policy and renewal stage.
  6. Lawful bases for uses of personal data

    We are committed to collecting and using personal data in accordance with applicable data protection laws and we must have a lawful basis to use your personal data for the purposes described in this Privacy Policy. Depending upon the purpose, our lawful basis will be one of the following:

    • Performance of a contract: to perform a contract that we may have agreed with you for the provision of our services.
    • Compliance with a legal obligation: to meet responsibilities we have to our regulators, tax officials, law enforcement, or other legal responsibilities.
    • Legitimate interests: to deliver and improve our products and services and keep people informed about our products and services or for any other purposes we identify as appropriate to our business needs, or the business needs of a third party. Where we rely on legitimate interests as our lawful basis, we carry out a balancing test to ensure that our interests, or those of a third party, do not override the rights and freedoms that you have as an individual. The outcome of this test will determine whether we can use your personal data for the purposes described in this Privacy Policy.
    • Consent: where we have obtained appropriate consents to collect or use your personal data for a particular purpose.

    We can only collect and use sensitive personal data (e.g. biometric data and health data) where we have an additional, specific lawful basis to process such information. The table below sets out the bases which we rely on to process sensitive personal data.

    Our lawful bases for the use of personal data:

    Purpose Personal data we may process for the specified purpose may include (but shall not be limited to) the types of data set out below Lawful basis for processing personal data Lawful basis for processing sensitive personal data
    Communicating with you and others including complaints handling Your contact details and information relevant to your policy and complaint
    • Performance of a contract
    • Compliance with a legal obligation
    • Legitimate interests
    • Necessary for insurance purposes
    • Legal claims
    • Necessary for safeguarding economic well-being of certain individuals
    Identifying customers requiring additional support
    • Your contact details
    • Sensitive personal data about your physical or mental health condition
    • Compliance with a legal obligation
    • Legitimate interests
    • Necessary for safeguarding economic well-being of certain individuals
    • Necessary for the equality of opportunity or treatment
    • Explicit consent
    Evaluating your application or renewal or to provide a quote
    • Your contact details and information relevant to your policy including financial details
    • Sensitive personal data about your physical or mental health condition
    • Performance of a contract
    • Legitimate interests
    • Necessary for insurance purposes
    • Legal claims
    Provision and administration of a policy including taking payment
    • Your contact information and identifying details
    • Financial details including bank account details
    • Depending on the nature of the debt, sensitive personal data about your physical or mental health condition
    • Performance of a contract
    • Compliance with a legal obligation
    • Legitimate interests
    Necessary for insurance purposes
    Managing third party relationships e.g. claims handlers
    • Your contact information and identifying details
    • Financial details
    • Sensitive personal data about your physical or mental health condition
    • Performance of a contract
    • Legitimate interests
    Necessary for insurance purposes
    Financial or other crime, fraud and credit checks
    • Your contact information and identifying details
    • Financial details
    • Sensitive personal data about your physical or mental health condition
    • Performance of a contract
    • Compliance with a legal obligation
    • Legitimate interests
    • Necessary for insurance purposes
    • Legal claims
    • Regulatory requirement relating to unlawful acts or dishonesty
    • Clearly or obviously made public by you
    • Prevent or detect crime
    • Prevent fraud
    Compliance with legal or regulatory obligations
    • Your contact information and identifying details
    • Financial details
    • Sensitive personal data about your physical or mental health condition
    Compliance with a legal obligation
    • Necessary for insurance purposes
    • Legal claims
    • Regulatory requirement relating to unlawful acts or dishonesty
    Establish, enforce or defend legal rights
    • Your contact information and identifying details
    • Financial details
    • Sensitive personal data about your physical or mental health condition
    • Compliance with a legal obligation
    • Legitimate interests
    Legal claims
    Improving quality, training and security
    • Your contact information and identifying details
    • Sensitive personal data about your physical or mental health condition
    Legitimate interests
    • Legal claims
    • Explicit consent
    Managing our business operations e.g. accounts, financial analysis, audit Your contact information and identifying details
    • Compliance with a legal obligation
    • Legitimate interests
    N/A
    Data analysis (including modelling)
    • Your contact information and identifying details
    • Financial details
    • Sensitive personal data about your physical or mental health condition
    • Legitimate interests
    • Necessary for insurance purposes
    • Necessary for insurance purposes
    • Legal claims
    Applying for or claiming on insurance sold
    • Your contact information and identifying details
    • Sensitive personal data about your physical or mental health condition
    • Necessary for insurance purposes
    • Legal claims
    • Necessary for insurance purposes
    • Legal claims
    Buying, selling, transferring or disposing of our business
    • Your contact information and identifying details
    • Sensitive personal data about your physical or mental health condition
    • Necessary for insurance purposes
    • Legal claims
    • Explicit consent
    • Necessary for insurance purposes
    • Legal claims
    • Explicit consent
    Marketing and customer insight analysis, campaign planning and execution
    • Your contact information and identifying details
    • Publicly available information about you
    • Legitimate interests
    • Consent
    N/A
    Marketing in accordance with your preferences and administering promotions Your contact information and identifying details
    • Legitimate interests
    • Consent
    N/A
    Archiving, research or statistical analysis
    • Your contact information and identifying details
    • Sensitive personal data about your physical or mental health condition
    Necessary for archiving, research or statistical analysis Necessary for archiving, research or statistical analysis
  7. International transfers of personal data

    Sometimes we, or third parties acting on our behalf, may need to transfer personal data outside of the UK. We'll always take steps to ensure that any transfer of personal data outside the UK is carefully managed to protect your privacy rights and ensure that adequate safeguards are in place. This might include transfers to countries that the UK considers will provide adequate levels of data protection for your personal data (such as countries in the European Economic Area (EEA)) or putting contractual obligations in place with the party we are sending information to.

  8. Automated decision-making

    We will look to automate decisions within our processes where it is possible, and you will have the right to the reasoning behind any decisions taken by these automated means (such as but not limited to the result of declarations made during any online application).

    We use credit reference information about you provided to us by third parties to assess your suitability for insurance products.

    These automated processes use data provided by you, other records we may hold about you in our systems and data sourced from third parties.

    Where you do not wish us to take any automated decisions using your personal data, you must contact us at dataprotection@ripeinsurance.co.uk, or write to us at: Data Protection Administration, Ripe Thinking Limited, The Royals, Altrincham Road Manchester M22 4BJ. Please note we may not be able to process your application in certain circumstances (e.g. if you do not wish for credit reference checks to be carried out).

  9. Marketing

    We would like to send you information about our product and services, carefully selected partners and other companies in our group, which may be of interest to you and where you have consented to receive marketing.

    You have the right at any time to stop us from contacting you for marketing purposes or sharing your information with other members of the group or partners. If you no longer wish to be contacted for marketing purposes from the Ripe Group, please contact Ripe Thinking Limited at dataprotection@ripeinsurance.co.uk, or write to us at: Data Protection Administration, Ripe Thinking Limited, The Royals, Altrincham Road Manchester M22 4BJ.

    Unless we hear from you otherwise, we shall keep you informed of any promotions, discounts or other products and services from the Ripe Group that we may think may be of interest to you for up to 24 months from your last interaction with the Ripe Group. Following such period, we shall assume that you are no longer interested in such promotions, discounts or other products and services.

    If you have opted in to receiving marketing directly from a partner, to stop receiving these communications, you must contact the partner directly.

  10. Your rights

    If you are resident in the UK and the EEA, you have certain rights in relation to the personal data we process and hold about you. These rights are:

    • Right of access: you have the right to request access to personal data that we may process about you.
    • Right to rectification: you have the right to require us to correct any inaccuracies in your data.
    • Right to erasure: you have the right to require us to delete your data, subject to certain legal requirements.
    • Right to restriction of processing: you have the right to require us to restrict the way in which we process your personal data. You may wish to restrict processing if, for example:
      • You contest the accuracy of the data and wish to have it corrected; or
      • If you would prefer restriction to erasure.
    • Right to object to processing: you have the right to object to our processing of your personal data.
    • Right to data portability: you have the right to obtain from us the personal data we hold on you.
    • Right to withdraw consent: where we have relied upon your consent to process your personal data, you have the right at any time to withdraw your consent.
    • Right to lodge a complaint with the ICO: you have the right to complain with the ICO in the UK in relation to the processing of your personal data.

    With the exception of lodging a compliant directly with ICO, if you would like to contact us to exercise any of the other rights set out above, please put your request in writing; include proof of your identity (such as a copy of your driving licence or passport) and address (such as a recent utility or credit card bill); and specify the right you wish to exercise.

    Our contact details are provided at the end of this Privacy Policy.

    We will respond to requests made by you within one month. We will not charge a fee for you to exercise any of the rights listed above.

    It may take us longer if the request is particularly complicated or you have made several requests. We'll always let you know if we think a response will take longer than one month. We may also ask you to provide more detail about what you want to receive or are concerned about.

    We may not always be able to do what you have asked. This is because your rights will not always apply, e.g. if it would impact the duty of confidentiality we owe to others, or if the law allow us to deal with the request in a different way. We will always explain to you how we are dealing with your request. In some circumstances (such as the right to erasure or withdrawal of consent), exercising a right might mean that we can no longer provide our product to you.

  11. Accuracy of your data

    It is important that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your relationship with us. You may ask us to correct or remove information you think is inaccurate.

  12. Retention of your data

    Your personal data will be kept for no longer than is necessary for the purposes for which the personal data is processed. This means that your personal data will only be retained for as long as it is still required to provide you with services or is necessary for legal reasons. In doing so we may retain such information for a reasonable time to prevent fraudulent activities, for our own reporting regulatory requirements and to protect ourselves in the event of any legal claims and complaints.

    The specific retention period for your personal data will depend on your relationship with us and the reasons for which we hold your personal data. For example, we can keep certain personal data relating to customers for 7 years from the last date of lapse or cancellation of the policy depending on the purposes for which the data is processed. To support us in managing how long we hold your data and our record management, we maintain a data retention policy which includes clear guidelines on data retention and deletion.

  13. Social plugins

    This website contains social plugins from social media platforms such as Facebook and X. If you visit a website containing such a plugin, your browser can establish a direct connection with the servers of those social media platforms and transmit information about your surfing behaviour to their servers (such as but not limited to even if you do not click the "Like" button). If you are logged into one of the social media sites, the social media platform can assign the visit to your social media account. The Ripe Group has no influence on the type and scope of the information collected and transmitted but may receive information through such channels and you may receive marketing from us via such social media platforms as a result of your browsing habits. We recommend that you familiarise yourself with the privacy policies of the social media platforms that you use.

  14. Cookies

    This website uses cookies. Please refer to our Cookie Policy for further information on what cookies are and our use of cookies. If you prefer not to have cookies stored on your computer, you may change your browser settings to either refuse all cookies, or to ask you if you wish to accept a cookie each time a website tries to store one. If cookies are blocked, you may not be able to use all functions of this website.

  15. Children

    If you are aged 13 or under‚ please obtain your parent or guardian's permission prior to providing any personal data to us. Children without this consent should not provide us with such information.

  16. Dealing with other people

    To comply with data protection legislation, the request of many of our policyholders and to make the managing of your policy more convenient, it is our procedure to deal only with the person named on the policy. If you would like someone else to be able to deal with your policy for you on a regular basis, please let us know. In some exceptional circumstances, we may also deal with other people who call us on your behalf. If at any time you would prefer us to deal only with you, please call to let us know. In dealing with other people on your behalf we will need to process their personal data, please ensure you have the permission for us to process their information for such purposes to enable them to deal with your policy.

  17. Security of your data

    The Ripe Group employs up to date technology to protect against the loss, misuse or alteration of information under our control. Our internal procedures cover the storage, access and disclosure of information in accordance with data protection legislation.

    We also have procedures to deal with any suspected data breach. In the unlikely event of a data breach, we will take steps to mitigate any loss or destruction of data and, if required, will notify you and any applicable authority of such a breach.

    Please note that e-mails are not 100% secure. We advise that you take this into account before e-mailing personal and confidential information to us. If you send information by e-mail to us, you are doing so at your own risk. We use industry standard encryption technologies when transferring and receiving customer information exchanged with our website. Your personal data may be held on computer or manual files.

  18. External links

    The Ripe Group accepts no responsibility for the content or privacy practices of any Third Party website (Third Party Website) to which a hypertext link from this website exists. The links are provided "as is" with no warranty, express or implied for the information provided within Third Party Websites (and the services that may be accessible through them). We encourage you to read the privacy policies of Third Party Websites before you submit any personal data to them or use their services.

  19. Contacting us

    If you have any questions about this Privacy Policy or how to exercise your rights, please contact us:

    Email: dataprotection@ripeinsurance.co.uk

    Post: Ripe Thinking Limited, The Royals, Altrincham Rd, Manchester M22 4BJ

  20. How to report a concern

    If you have a concern about how your information is being used and our data practices, we ask that you contact Ripe Thinking Limited using the details above.

    If you are not happy with our response, you have a right to make a complaint with your local data protection supervisory authority at any time. In the UK this is the ICO. We however ask that you please attempt to resolve any issues with us before contacting the ICO.

  21. Updates to this Privacy Policy

    This Privacy Policy is updated from time to time to take account of changes in our business activities, legal requirements and to make sure it is as transparent as possible, so please check back here for the current version.

    The new modified or amended Privacy Policy will apply from that revision date. Therefore, we encourage you to review this Privacy Policy periodically to be informed about how we are protecting your information.

    You can see when this Privacy Policy was last updated by checking at the beginning of this page.

Please wait