Lawshield UK Ltd (referred to as "We”, “Our” or “Us") is committed to protecting the privacy and security of your personal information. We take care to protect the privacy of our clients that communicate (online or offline) with us, over the phone, via our website, helpdesk, and social media platforms.

We have therefore developed this privacy policy to inform you of the data we collect, what we do with your information, what we do to keep it secure, as well as the rights and choices you have over your personal information.

Throughout this document we refer to Data Protection Legislation which means the Data Protection Act 2018, GDPR (United Kingdom General Data Protection Regulation) (UK GDPR), the Privacy and Electronic communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the aforementioned legislation. This policy should be read together with our Cookie Policy that can be found on our website.

If your hold a policy with Velosure or Carbon Insurance Brokers, please refer to the privacy notice on their respective website.

Data Controller

Lawshield UK Ltd is the data controller for the personal information we process, unless otherwise stated. We are registered with the Information Commissioner’s Office (the ICO) under registration number Z5685935.

Lawshield UK Ltd is part of the Connexus Group of companies, (a private limited company registered in England with the company number 03433312).

You can contact us either by phone, email, or post.

  • By phone: 01925 444 847
  • By email: please use the Contact us page of the website
  • By post: 1210 Centre Park Square, Warrington, WA1 1RU

Our Data Protection team can be contacted at the above address or by emailing

How we collect your personal information

Prospective Insureds and Insured Persons

We may collect information about in different ways: - directly when you apply for a policy, information about you may also be provided to us by an insurance broker, Insurers, your employers, family member or any third person who may be applying for a policy which names or benefits you.

This may include name, address, email address, date of birth, occupation, vehicle details, no claims bonus, driving history, property details and sensitive data including medical history and reports, criminal data- driving offences, convictions.


We will collect information from you when you notify us of a claim. You might make a claim to us directly or through your representative or through your broker or one of your representatives who manage claims on your behalf.

We may also collect information about you if the claims is made by another person who has close relationship with you or otherwise linked in the claim- for example if the policyholder is your employer, or you are the subject of a third party claim.

This may include name, address, email address, and date of birth, occupation, vehicle details, property details, driving convictions and in certain circumstances medical records. Incident date and time, incident details, details of loss, injury details, claims history third party details and any representatives, sensitive data including medical history and records, criminal data- driving offences, convictions.

Business Partners

If you are a business partner, we may collect your business contact details, we may collect your details if you visit our website, register for a newsletter or attend one of our events.

How we use your information

Prospective Insureds and Insured Persons

We may collect information about you in different ways: - directly when you apply for a policy, information about you may also be provided to us by an insurance broker, Insurers, your employers, family member or any third party who may be applying for a policy which names or benefits you.

We only collect personal information that we know we will genuinely use and in accordance with the Data Protection Legislation. The type of personal information that we will collect about you, from third party organisations or that you have voluntarily provided to us on this website or from enquiry/contact forms, or other contact methods includes:

Identity Data includes first name, maiden name, last name, marital status, title, date of birth, gender, National Insurance Number, Driving Licence information or other identification information, accident/incident details, vehicle details. This includes details of additional drivers.

Contact Data includes address, email address or telephone numbers.

Employment Data includes the name of your employer and contact details

Financial Data includes payment card details, bank account details and basic credit information

Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Website. Records of conversations. (Calls may be recorded for training and monitoring purpose)

Vehicle operation and Location data- Our vehicles are equipped with a vehicle telematics system. All telematics system functionality may or may not be active during rental periods. Telematics systems may provide us with use of, disclosure of, or access to; (1) location information; (2) crash notification and related crash data; and (3) operational condition, mileage, diagnostic and performance reporting of vehicles, as permitted by law.

Profile Data includes information you provide us, services offered and used, your marketing preferences, feedback, and survey responses.

Other Personal Data you voluntarily provide, which may include people appointed to act on your behalf and special category personal data, for example data which you provide about your health where this relates to your ability to meet your obligations under the agreement.

Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.

However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

Searches such as carrying out a Hire Purchase Investigation (HPI) check to see if there is any outstanding finance on the vehicle, Motor Insurance Database (MID) check to review the vehicle Insurance details and/or Motor Insurance Anti-Fraud and Theft Register to monitor written off vehicles and help trace stolen vehicles. CUE checks provide access to the Motor, Home and Personal Injury databases viewed to verify/add or update individual claims history, and DVLA Keeper records which may be viewed to identify the registered Keeper for a given vehicle. Driving Licence checks may be carried out to verify all motoring convictions have been correctly advised.

CCTV if you visit our offices.

Business Partners- if you are a business partner, we may collect your business contact details, we may collect your details if you visit our website, register for a newsletter, or attend one of our events.

How we use your information and Legal basis

We must have a legal basis (lawful reason) to process your personal data. In most cases, the legal basis will be one of the following.

  • Performance of a contract: the processing is necessary to enter into a contract you have with us.
  • Legal obligation: the processing is necessary for us to comply with the law. For example, Money Laundering Regulation and associated laws.
  • Consent: where we have obtained appropriate consents to collect or use your Personal Information for a particular purpose.
  • Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. For example, to understand how customers use our services so we can develop new services and improve the services we currently provide.

When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you and your rights under data protection laws.

Where we need to collect personal information by law, or under the terms of a contract we have with you, and you choose not to provide it, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.

Purpose/ Processing activity Lawful basis or bases for processing your personal data
To contact you, following your enquiry or to reply to any questions. Performance of a contract
Customer Service enquiries: reply to suggestions, issues, or complaints you have contacted us about. Legitimate interest
For the purposes of providing vehicle hire, handling claims and any other related purposes. This is for the performance of a hire agreement between you and us. Performance of a contract
Taking payment from you or giving you a refund. Performance of a contract
Helping us understand more about you as a client, the services you consume, so we can serve you better. Legitimate interest
To verify your identity for fraud prevention purposes and security of the vehicle. Legitimate interest
Legal obligation
Marketing/analytics from our website using cookies. Consent
For the purposes of arranging medical appointments with medical experts and obtaining such medical reporting either from the medical expert and your General Practitioner. Performance of a contract
To verify if there is any outstanding finance on a vehicle and/or details of the vehicle/s Insurance and/or tracing stolen or written off vehicles. Legitimate Interest
Performance of a contract
To review your financial situation to consider the course of action to take to recover any outstanding costs. Legitimate Interest

Who we might share your information with

We may share your personal data with other organisations in the following circumstances:

  • If the law or a public authority says we must share the personal data.
  • If we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk).
  • Insurers- where we act as Third-Party Administrators
  • Premium finance providers and other third parties involved (directly or indirectly) in the administration of your insurance and its associated benefits
  • Payment Card providers to verify you and authorise payment
  • Solicitors/Legal Advisors who act to recover any uninsured losses
  • Loss Adjusters to investigate a claim
  • External Auditors who audit our business
  • Police/ Fraud Detection Agencies in their investigation of an alleged crime/investigation.
  • Financial crime, fraud or uninsured detection agencies, databases and sanctions lists, including the Motor Insurers' Bureau (MIB) who are the data controller for the Motor Insurance Database (MID) and Motor Insurance Anti-Fraud Theft Register (MIAFTR).
  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If the company or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • To protect the rights, or safety of our clients or others.

If consent is necessary to facilitate this sharing, we will ensure it is obtained prior to processing. These include: -

Our Group of Companies including:

  • Connexus Insurance Solutions- who may handle any uninsured loss recovery claims
  • Connexus Vehicle Assessors- who may assess the damage to your vehicle
  • Performance Car Hire- who may agree to hire a vehicle to you
  • Connexus Car Hire- should we arrange a hire vehicle from one of our carefully selected partners
  • KLS Law/Specters- should we require to instruct solicitors to recover any losses for you following an accident/loss
  • Connexus Medical Appointments- should you require medical assistance
  • Brokers, Insurers, Re- Insurers and Third-Party Administrators, Insurers- who work with us to administer policies and manage claims.
  • Assistance Providers- who can help provide assistance in the event of a claim.
  • Fraud Detection Agencies and Organisations working to prevent fraud in financial services.
  • Medical Service Providers- To obtain medical records.
  • Loss Adjustors and Claims Experts who help us assess and manage claims.
  • Solicitors and professional services firms.
  • External Auditors
  • Regulatory Authorities- FCA, ICO, as well as other regulators and law enforcement agencies in the EU and around the world.
  • Service Providers- who help manage our IT and back-office systems.
  • Finance Houses- where requested to do so, can facilitate monthly finance payments.

How we keep you updated on our services

We will send you relevant news about our services in a number of ways including by email, but only if we have a legitimate interest to do so and we have completed a legitimate interest assessment for the processing activity. Newsletters and marketing communications might be sent from our own domain (

Each email communication will have an option to object to the processing, if you wish to amend your marketing preferences, you can do so by calling us on the number displayed on our website and update your preferences.

Your rights over your information

Your personal information is protected under data protection law and you have several rights (see below) available to you depending on our reason for processing. Please contact our Data Protection team should you wish to exercise these rights. We may need to verify your identity before we can act on your request.

You have the right to: Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you, subject to certain exceptions.

Request rectification of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Request erasure of your personal data. You may ask us to delete information we hold about you in certain circumstances, this is often referred to as the ‘right to be forgotten’. This right is not absolute and only applies in certain circumstances. It may not always be possible for us to delete the information we hold about you, for example, if we have an ongoing relationship with you or we are required to retain information to comply with our legal obligations.

Object to processing of your personal data when it is based upon our legitimate interests or for the purpose of statistical analysis, profiling, or direct marketing.

Request restriction of processing of your personal data. This is not an absolute right and only applies in certain circumstances. For example, where you contest the accuracy of your personal information, it may be restricted until the accuracy is verified, or where the processing is unlawful but you object to it being deleted and request that it is restricted instead.

Request data portability of your personal data to you or to a third party. You have the right to receive, move, copy, or transfer your personal information to another controller.

We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent for us to process your personal data at any time when we are relying on your consent. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.

For more information about your privacy rights. The Information Commissioner’s Office (ICO) regulates data protection and privacy matters in the UK. They make a lot of information accessible to consumers on their website and they ensure that the registered details of all data controllers, such as us, are available publicly. You can access them here. Your data matters.

You can make a complaint to the ICO at any time about the way we use your information. However, we hope that you would consider raising any issue or complaint you have with us first. Your satisfaction is extremely important to us, and we will always do our very best to solve any problems you may have.

How long we keep your information for

We retain a record of your personal information in order to provide you with a high quality and consistent service. We will always retain your personal information in accordance with the Data Protection Legislation and will never retain your information for longer than is necessary. Unless otherwise required by law, your data will be stored for a period of seven years after our contract with you expires or two years after our last contact with you or some other identifiable action, at which point it will be deleted.

We may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you. If your information is transferred to a third party their Data Retention Policy may differ to ours.

Automated Processing

We do not automate any of our services.


Data security is of great importance to Lawshield UK Ltd and, to protect your data, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure your collected data. We take security measures to protect your information including:
  • Limiting access to our buildings to those that we believe are entitled to be there by use of passes.
  • Implementing access controls to our information technology; and
  • We use appropriate procedures and technical security measures (including strict encryption, anonymisation and archiving techniques) to safeguard your information across all our computer systems, website, and offices.

Transferring your data abroad

We do not transfer your personal data outside the UK and the European Economic Area (EEA) and, should we require to do so, we will ensure we have standard contractual clauses in place.

Keeping your information accurate

It is important that the personal data we hold about you is accurate and current. Please keep us informed of any changes during your relationship with us. This should include any change of address, telephone numbers and health matters that may affect the management of your account.


If you have any questions about how we treat your personal data and protect your privacy, please email or call us on 01925 444847.

You also have the right to make a complaint to the Information Commissioner’s Office (ICO) make-a-complaint or call 0303 123 1113.

Changes to this Privacy Policy

This version was last updated on 17 February 2022 and historical versions can be obtained by contacting us at

If changes to this privacy notice have a major effect on what we do with your personal data or on you personally, we will give you enough notice to allow you to exercise your rights (for example, to object to the processing). We recommend that you check this policy regularly to keep up to date.