About Us 

Drive Back is authorised and regulated by the Solicitors Regulation Authority (‘SRA’). Drive Back is authorised and regulated by the Financial Conduct Authority for insurance mediation activity. Company Registration No. 13476252. Data Protection Registration No. ZB263988. Drive Back is authorised and regulated by the Solicitors Regulation Authority under registration No. 827230. We take the privacy and confidentiality of our clients, potential clients, ex-clients, and their affiliates very seriously and are committed to protecting it. This Privacy Policy explains the type of information we collect, why we collect it, how we use it, who we might share it with, and how to correct or modify it.

Data Privacy Access Request 

Most of the personal information we handle is provided by you in connection with a legal claim or legal advice. We may collect this information from you through various means, such as our website (e.g., our online enquiry form), over the phone, or via email. Depending on how you reach out to us, we might use one of our business partners to onboard you. The personal information you provide may include your name, address, contact details, date of birth, details of any claim or incident and any resulting damage, injury, or loss, National Insurance number, employment details, and GP information. 

Information required for identity verification (for Subject Access Requests (SARs)), which may include two official forms of ID such as a Birth Certificate, a valid Driving Licence, Passport, or an official utility bill showing proof of address. Please note that official ID documents will not be stored after verification. However, we will keep a record of the ID documents provided to demonstrate compliance with a valid request. Additionally, any other personal data you consider relevant to your request may be collected.

For SARs, the department will conduct reasonable and proportionate searches across its estate to locate the requested personal information. During these searches, any data held by the department about you may be identified and processed to ensure comprehensive identification and capture of the requested information. Personal data refers to any information about an individual that can be used to identify them. This does not include data where identifiers have been removed (anonymous data). All personal data is handled according to Government Security protocols for Official data, and non-personal data may be retained in accordance with the Public Records Act 1958.

Indirect Collection of Personal Information

  • By liaising with third parties regarding the services we render to you, including medical professionals or other specialists;
  •  If a claimant or third party mentions you in correspondence or documentation pertaining to a legal claim;
  • From our suppliers, including introducers or referrers;
  • From Credit Reference Agencies (for more information about Credit Reference Agencies, please click here);
  • From public authorities, regulatory bodies, or law enforcement agencies; or
  • If an employee of ours provides your contact information as an emergency contact or referee. 

Please be advised that if you are a third party and we are processing your information in connection with legal proceedings, and/or if legal professional privilege applies, it is likely that we are exempt from any obligation to inform you that we are processing your information. 

Utilisation of Your Personal Information

  • To provide legal or other services
  • To perform credit reference or other regulatory checks
  • To engage the services of a third party (when instructed)
  • For the purposes of operating our business (such as management information); To comply with legal and regulatory obligations
  • To contact you in relation to customer surveys or market research
  • To send you legal updates, or information about products and services that may be of interest to you from Drive Back.

Your Rights and Protections

You have a number of legal rights over the personal information held by us:

  • The right to access your personal information;
  • The right to correct or update any personal information;
  • The right to object to further processing;
  • The right to restrict the processing of your personal information;
  • The right to ask us to delete your personal information (please note we will only be able to accommodate this request where it is no longer necessary for the purpose(s) for which it was provided or where we no longer have a lawful basis to process your personal information); and
  • The right to receive the personal information we hold about you in a portable format, however, this need only be provided in limited circumstances where the processing has been done by automated means.

You may contact us if you wish to access this information or to update or complete any of our records pertaining to your personal data.

Drive Back

01618502948

info@drivebackfinancial.co.uk

Manchester Business Park, 3000 Aviator Way, Manchester M22 5TG 

Disclosure of Your Personal Information

We may need to share your personal information with other individuals or organisations to facilitate our legal services. For instance:

  • Medical experts for the purpose of obtaining medical reports or acting as expert witnesses;
  • Car rental companies for arranging a replacement vehicle;
  • Insurance underwriters for assessing and validating your claim or to enable them to provide cover under an insurance policy, such as legal expenses insurers;
  • Insurance companies, brokers, or third-party introducers who referred your claim to us to comply with our contractual obligations regarding claim details;
  • Credit hire companies you may have engaged;
  • Any employer who has paid sick pay to be recovered as part of your personal injury claim;
  • Any supplier by whom you were introduced to us (such as a Union) for management information purposes; and/or
  • Other members of the Drive Back and associated offices for legal advice and/or specialist services necessary to facilitate our legal or other services.

We may also transfer your information to third parties providing support and administrative or funding services in connection with the legitimate business purposes of operating a law firm.

If, after providing us with your personal information, it becomes clear that we cannot offer our services to you, we may, with your consent, pass your details to another legal services provider who may be able to assist you.

External Websites

This website may include links to external websites. This Privacy Policy is applicable solely to this website, so please make sure to review the privacy policy of the other website provider as well. We accept no responsibility for the functioning, content, or policies of external websites.

Filing Complaints

For further details regarding this policy or to lodge a complaint about our handling of your personal information, please reach out to us at info@drivebackfinancial.co.uk. We strive to address all concerns promptly. However, if we are unable to satisfactorily resolve your issue, you may contact the Information Commissioner’s Office (ICO).

Amendments to This Privacy Notice

We reserve the right to modify this policy at any time, either by notifying you directly or by posting an updated version on our website. Your continued use of our services following the effective date of any changes will be regarded as your acceptance of the revised policy.

Legal Basis 

The legal foundation we rely upon for processing your data is Article 6(1)(f) of the General Data Protection Regulation (GDPR), which permits us to process personal data for the legitimate interests pursued by us or a third party. Occasionally, we may also rely on Article 6(1)(a) of the GDPR, which allows us to process your personal data with your consent (for example, when we seek your consent for the optional cookies we use). When processing special categories of personal data, we rely on Article 9(f) of the GDPR if the processing is related to a legal claim. Additionally, we may at times rely on other legal bases for processing special category personal data, such as Article 9(b) if you are an employee. 

Data Retention Periods 

We will retain your personal information in compliance with applicable laws, typically in line with the statutory limitation period. Should you contact us without proceeding with a claim, we may keep your personal information for a brief period. This measure ensures we can effectively track and monitor any attempted fraud and assists us in distinguishing between service calls and new enquiries.

Automated Decision-Making Processes

We may utilise the personal information you provide to conduct automated decision-making processes to verify your identity and perform other legally and regulatory required checks (such as a credit history check or sanctions applicability). Should any issues arise from these checks (for instance, if your identity cannot be verified or other checks indicate potential impediments to continuing our legal services to you), a human-led forensic analysis will be undertaken. Any decision not to act on your behalf will not be made solely by automated means.

Transferring Personal Data Internationally

To deliver our services, we may need to transfer your personal data to locations outside the UK, as outlined in this privacy policy. This could involve moving your information from within the European Economic Area (EEA) to outside the EEA, or vice versa. The level of data protection in countries outside the EEA may be lower than within the EEA. When this occurs, we will implement appropriate measures to ensure your personal information remains protected and secure, in compliance with applicable data protection laws. If our third-party service providers process personal data outside the EEA while providing services to us, our written agreements with them will include appropriate safeguards, typically standard contractual clauses.

For further information or any questions about our privacy policy or practices, please contact us. 

Data Security

Rest assured that we will maintain the confidentiality of your personal information and implement suitable measures to protect it from loss, theft, or misuse, ensuring your privacy is safeguarded. If you are provided with any confidential information, such as a user ID or password, it is imperative that you do not disclose it to any third party.