1 Introduction
1.1 Who we are
Welcome to Rivr Cover Limited's Privacy and Data Protection Policy ("Privacy Policy").
At Rivr Cover Limited ("we", "us", or "our") we are committed to protecting and respecting your privacy and Personal Data in compliance with the United Kingdom General Data Protection Regulation ("GDPR"), the Data Protection Act 2018and all other mandatory laws and regulations of the United Kingdom.
This Privacy Policy explains how we collect, process and keep your data safe. The Privacy Policy will tell you about your privacy rights, how the law protects you.
This Privacy Policy applies to all our employees and staff members and all Personal Data processed at any time by us.
1.2 Your Data Controller
Rivr Cover Limited is your Data Controller and responsible for your Personal Data. Therefore, any inquiries about your data should either be sent to us by email to [email protected] or by post to 124 City Road, London, EC1V 2NX, United Kingdom.
We are registered with the UK's Information Commissioner's Office (ICO) under number ZB578659.
You have the right to make a complaint at any time to the ICO, the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
1.3 Data we may collect about you
"Personal Data" means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together below. Not all of the following types of data will necessarily be collected from you but this is the full scope of data that we collect and when we collect it from you:
Personal and contact data: This is data that you provide when you purchase an insurance policy or interact with our support team and includes your name, date of birth, email address and phone number.
Insurance policy details: When you purchase a policy or obtain a quote from us we will keep a record of the policy, and will collect information about the insurance risk necessary to provide a quote.
Website usage: such as details of visits to our websites and information collected through cookies and other tracking technologies.
Financial data: These are your banking details such as your account number and sort code. These are passed to our premium finance partner. We do not store any other financial details such as credit or debit card details.
1.4 The Legal Basis for Collecting That Data
There are a number of justifiable reasons under the GDPR that allow collection and processing of Personal Data. The main avenues we rely on are:
"Consent": Certain situations allow us to collect your Personal Data, such as when you tick a box that confirms you are happy to receive email newsletters from us.
"Contractual Obligations": We may require certain information from you in order to fulfil our contractual obligations and provide you with the promised service.
"Legal Compliance": We're required by law to collect and process certain types of data, such as fraudulent activity or other illegal actions.
"Legitimate Interest": We might need to collect certain information from you to be able to meet our legitimate interests.
2. How we use your personal data
2.1 Our data uses
We will only use your Personal Data when the law allows us to. The type of things we use your data for are:
To provide our services effectively: Like selling you insurance, helping us manage your account or improving our services.
To carry out necessary compliance and fraud checks: To ensure that you fall within our acceptable risk profile and to assist with the prevention of fraud.
To inform you of changes to our services: Our legal basis for this is our 'legitimate interests' to conduct our business.
2.2 Marketing and content updates
You will receive marketing and new content communications from us unless you specifically request that you would not like to receive these communications.
2.3 Change of purpose
We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
3 Your rights and how you are protected by us
3.1 Your legal rights
Under certain circumstances, you have the following rights under data protection laws in relation to your personal data:
Right to be informed.
Right of access.
Right to rectification.
Right to erasure.
Right to object.
Right to restrict processing.
Right to data portability.
If you wish to make a request under any of these rights, please contact us at [email protected].
3.2 Your control over Rivr Cover Limited's use of your Personal Data
We do not guarantee the ability to delete all stored data. If you would like us to delete/correct personally identifiable data, let us know and we will action your request as soon as practicable.
3.3 How Rivr Cover Limited protects customers' Personal Data
We are concerned with keeping your data secure and protecting it from inappropriate disclosure. We implement a variety of security measures to ensure the security of your Personal Data on our systems.
3.4 Opting out of marketing promotions
You can ask us to stop sending you marketing messages at any time by unsubscribing from any marketing communications.
3.4 How to request your data and the process for obtaining it
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, if your request is clearly unfounded, we could refuse to comply with your request.
4 Your data and third parties
4.1 Sharing your data with third parties
We may share your Personal Data with subcontractors or affiliates, subject to confidentiality obligations.
Data controllers (who process your personal data independently and under their own policies):
Intercom: Any data you share using our customer support service is accessible by Intercom.
Mailchimp: We may provide personal data for the purpose of sending marketing emails.
Insurance and claims handling: We may provide companies in the Bspoke Group and HDI Group with your personal data.
Premium finance providers: We may pass your data to companies that provide premium financing.
Compliance: We may also pass your data to companies that perform fraud and crime checks.
Partners: We may share your data with anyone who you give us explicit permission to share with.
Data processors (who process your personal data on our behalf and under our instruction):
Technology providers: We use various cloud and technology providers to offer our service.
4.2 Third-party links
This Site may include links to third-party websites, plug-ins and applications. We do not control these third-party websites and are not responsible for their privacy statements.
4.3 Other people's consent
If you choose to share someone's information with us, it's your responsibility to ensure they consent or someone with parental responsibility for them consents.
5 How long we retain your data
We will only retain your Personal Data for as long as reasonably necessary to fulfil the purposes we collected it for.
6 International transfer of data
We store all your data within the European Economic Area ("EEA"), but it may be processed or viewed by staff or companies outside the EEA who work for us or one of our partners.
7 Notification of changes and acceptance of policy
We keep our Privacy Policy under review and will place any updates here. This version is dated 1 December 2025.
8 Interpretation
All uses of the word "including" mean "including but not limited to" and the enumerated examples are not intended to in any way limit the term which they serve to illustrate.