Privacy Notice for Single Commercial Vehicle Policies

Last Updated: 28 September 2023

About This Notice

This Privacy Notice sets out how (Humn, we, our, us) will process personal data in relation to our single commercial vehicle products and services. This includes personal data relating to the policyholder and any drivers on the policy.

How We Receive This Information

Where you provide personal data about other third-party individuals, such as drivers of vehicles, where appropriate, you should direct these individuals to this Notice to ensure they understand how we collect and use their personal data. 

We collect personal information from a number of different sources. These include:
  • Directly from you in person, by telephone, email, surveys or via our website and app;
  • From other third parties involved in your insurance policy or claim such as another insurer, claimants, defendants, or witnesses;
  • From other third parties who provide a service in relation to your insurance policy or claim such as claims service     providers, loss adjusters, claims handlers, medical experts, healthcare providers, emergency assistance personnel, legal counsel, and other professional service providers;
  • From publicly available sources such as internet search engines and social media sites;
  • From data contributors such as software houses and intermediaries;
  • From risk analysis, fraud prevention, credit reference agencies and identity verification companies;
  • From insurance industry fraud prevention and detection databases and sanctions screening tools;
  • From providers of demographic and vehicle data;
  • From call recordings when interacting with us;
  • From our website and app including through the use of cookies and web analytics. Please see our Cookies Policy for further information;
  • From third party telematics providers and OEM’s;
  • From government agencies such as the DVLA, DVSA, MID and HMRC and from professional regulators;
  • From local authorities;
  • From brokers and insurance intermediaries;
  • From other insurers;
  • From third parties in connection with any acquisition or merger of a business by us.

The Personal Information We Collect

We collect a range of different personal information in order to provide or offer our services to you.

Basic Categories Data

  • Biographical information such as your name, title, date of birth, age, occupation and years resident in the United Kingdom;
  • Personal contact information such as home address, personal email address, telephone number;
  • Financial information such as bank details, payment details and information obtained as a result of credit checks;
  • Online and transactional information such as details of your IP address and interactions that you have with our websites and digital platforms. Please see our Cookies Policy for more information;
  • If you have a telematics policy, telematics data such as GPS location, time and date, direction of travel, speed, accelerometer data, safety events as processed and detected by the telematics service provider, CAN bus data;
  • Vehicle data such as registration, VIN, make and model;
  • Driver licence related information such as related data such as type of licence held, licence date and licence number;
  • Dashcam data such as images captured by the dashcam device(s);
  • Diagnostic data such as vehicle fault codes, better health status etc;
  • When you have a telematics device fitted as part of your policy, telematics data such as GPS location, time and date, direction of travel, speed, accelerometer data, safety events as processed and detected by the telematics service provider, CAN bus data.
The provision of your telematics data allows us to track your vehicle in real-time, map and analyse your trips in order to calculate your risk score.

Special Categories Data

Special Categories data that we process include:
  • Medical information such as your current or former physical or mental health and historic confirmed personal claims information;
  • Information relating to criminal convictions and motoring offences such as endorsements on your licence.

What we use Your Data For

Whenever we process personal data we must have a legal basis in order to do so. Please refer to the sections below to find out more about our processing activities.


  • In order to process any application you make for policy cover;
  • Providing you with policy cover, including underwriting and claims handling;
  • Administering and managing your motor insurance policy;
  • Providing any additional services to you as agreed such as top up products. For example, policy checks for fleets;
  • Providing you with risk management insights and driver behaviour data;
  • Managing any disputes or complaints in relation to our contractual relationship with one another.

Legal or Regulatory Obligation

  • Contacting the policyholder during the renewals process;
  • To fulfil our obligations as an entity regulated by the Financial Conduct Authority (FCA) such as the information we process in order to fulfil our obligations for Know you Customer (KYC) checks and our obligations towards the Financial Ombudsman Service;
  • To fulfil your data rights under data privacy laws, handle complaints about data privacy or our insurance products and services and to comply with other legal requirements.
In this respect, please note that we may have to process your data to comply with other legal obligations such as requests from law enforcement agencies or other international and national governmental and regulatory bodies. This will be covered more fully in the section below regarding “Who we share your data with”.

Legitimate Interest

  • Facilitate the provision and maintenance of the telematics device and receive information captured about the status of the device and your driving behaviour;
  • Provide support services for telematics devices if there are any issues with fitting the device, keeping the device operational and replacement devices, if required;
  • In furtherance of our commercial activities such as to maintain and manage our business operations, management reporting information and internal process requirements;
  • To develop and improve our products and services;
  • To communicate with you regarding additional product offerings, awareness campaigns, research projects and surveys you may wish to participate in and to facilitate marketing campaigns and events;
  • To monitor your use of our platform and subsequently provide you with any help or support in relation to our products and services;
  • To send out promotional materials and/or gifts;
  • To offer additional services to drivers such as our incentive programme and driver coaching;
  • For the purposes of reinsuring and the insurance renewal process;
  • In order to facilitate Driver ID so that we accurately identify the driver for any given trip in order to provide our products and services;
  • To send you (the driver) reports about your driving and training materials;
  • To communicate with you regarding any queries you raise via the website.
Where we rely on this lawful basis, we conduct a balancing exercise to ensure that our interests are proportionate and do not override your rights and interests as a data subject. In some instances, you also have the right to object to this kind of use. If you wish to object to this type of processing please contact the Data Protection and Privacy Office details of which can be found below.

Establishment, Exercise or Defence of Legal Claims.

  • ·We may process your personal information for the establishment, exercise, or defence of legal claims or if we proceed with a claim against you.


  • Where we have obtained consent to collect and process your data for a particular purpose. If we rely upon your consent you will be presented with a consent statement prior to you submitting your data to us. An example of this is our use of Cookies in order to monitor the usage of our app and websites to better understand our customer base and their use of our services. Please see our Cookies Policy for further information.
Please note that if consent is the legal basis upon which we process your personal data then you may withdraw your consent at any time. In order to affect this right please contact the Group Data Protection Officer whose details can be found below.

If you would like further details regarding our processing activities please contact the Data Protection and Privacy Office details of which can be found below.

Automated Decision Making and Profiling for the Purposes of Underwriting

We may use personal data in processes that involve automated decision making and profiling for the purposes of assessing whether or not you meet our underwriting criteria, to determine premium pricing and assessing the risk of the policy as a whole.

If you feel that the outcome of this processing has been unfair you have the right to contest any decision produced by a solely automated means and request for human intervention. In order to affect this right please contact the Data Protection and Privacy Office details of which can be found below.  

Automated Decision Making and Profiling for the Purpose of Driver Behaviour Scores

If you have a telematics device fitted as part of your insurance policy, systems including Rideshur allow Driver Behaviour Scores to be calculated based on recorded telematics data and other publicly available data such as speed limits. The calculation of Driver Behaviour Scores is a form of profiling under Data Protection Legislation.

Driver Behaviour Scores are calculated using a combination of recorded telematics data, speed limit or similar data and system thresholds that may be defined within our systems by The Contracting Entity. These thresholds typically relate to legal speed limits (speeding events), acceleration rates(harsh acceleration events), deceleration rates (harsh braking events) or other driving behaviours (such as harsh cornering). uses the Driver Behaviour Score profiling as key metrics in automated decision-making processes to calculate dynamic insurance premium prices.

You have the right to contest any decision produced by a solely automated means and request for human intervention. In order to affect this right please contact the Data Protection and Privacy Office details of which can be found below.  

Data Sharing

  • For those drivers that wish to work with Uber we will share your data with Uber via our established Instadoc verification mechanism in order to confirm your status as an insured driver;
  • Our insurance partners and reinsurers. If you require further details regarding these companies then please contact us directly on the details provided below;
  • Other insurers who provide us with our own insurance;
  • Other third parties who assist in the administration of insurance policies such as loss adjusters, first notification of loss providers, claims handlers, accountants, auditors, lawyers and other experts;
  • Where you have opted to pay your insurance by instalments with our Finance Partners;
  • Fraud detection agencies and other third parties who operate and maintain fraud detection registers including but not limited to the Claims and Underwriting Exchange, Insurance Fraud Register, Motor Insurance Anti-Fraud and Theft Register and other centralised insurance industry applications/databases investigative firms we ask to look into claims on our behalf in relation to suspected fraud;
  • Motor Insurance Database managed by the Motor Insurance Bureau;
  • Regulators who govern how we operate, including the FCA, PRA, FOS, HMRC, ICO and the Advertising Standards Authority;
  • The police, courts and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime;
  • Government agencies and regulatory bodies including the DVLA, DVA, DVSA, DWP and the Motor Insurance Bureau;
  • Any personal representatives appointed by you to act on your behalf;
  • Industry bodies;
  • Debt collection, credit reference and fraud prevention agencies or any organisations we instruct to commence legal proceedings against you;
  • Legal advisers, accountants, auditors, financial institutions and professional service firms who act on our or your behalf, or who represent a third-party claimant;
  • Our third-party services providers such as IT suppliers, actuaries, auditors, marketing agencies, providers of market research services, including customer feedback surveys, referral administrators, document management providers and tax advisers;
  • Third parties in connection with any sale, transfer, or disposal of our business;
  • Other entities within the Humn Group;
  • We may also disclose your personal information to other third parties where the disclosure is required by law or by a regulator with authority over us on the grounds of substantial public interest.