Privacy Policy


Privacy Policy

Who are we?

The website is made available to you by Pikl.

Pikl Services Limited has a registered address at First Floor, 13-15 St Georges Street, Norwich NR3 1AB, with company registration number 10449346.

Pikl Insurance Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) and our FCA registered number is 773457. You can check our registration on the FCA’s register by visiting their website

We offer an online quotation service and an online cover service for insurance by means of the website. The types of insurance products featured on the website are arranged and administered by, or on behalf of, Pikl Insurance Services Limited.

Upholding your rights is important to us. We’ve made an effort to make sure our Privacy Policy is clear and simple.

For any questions regarding the Privacy Policy, please contact us at or 0800 254 5171.

Our Privacy Policy describes:

  • The types of information we collect and how we use the data.

  • The steps we take to make sure your data is secure and handled appropriately.

  • The rights you have to your data and how you can manage the data we collect.

    Information we collect:


    When you access our website, we automatically collect certain information through the use of cookies and similar technologies. Here’s what we may collect and why:

  • IP address: helps us identify your device so we can save your preferences and protect our site from cyber-attacks.

  • Location data: helps us know which language we should use and whether there are additional national data protection laws we have to comply with.

  • Pixel tags: helps us know whether you have accessed our website, or (if relevant) whether you have received an email we sent you.

    We may take the general information about how you use our website or interact with our services and use it to help us improve our services. The information we collect may be anonymized and combined with other information about the use of our services.

    Managing Your Cookie Consents

    If you want to opt-out of analytics and tracking services, contact us at

    Alternatively, you can download a browser plug-in to manage cookies or disable cookies in your browser.

    Managing Your Browser’s Cookie Settings

    You have the option to opt-out of analytics and tracking services by managing your browser’s cookie settings. You can download a browser plug-in to manage cookies or disable cookies in your browser.


Other Information We Collect

We only collect information from you to provide our services. In GDPR terms, that means we have legitimate interests in collecting personal data in order assess your risk to provide an insurance quotation, if you purchase an insurance policy then your personal data is retained for the performance of this insurance contract, we use your personal data as part of the contract in providing you our services. For advertising or tracking cookies on our website, we only place them with your explicit consent.

If we do process personal data (e.g. name, email address, IP address), we make sure such processing is in accordance with the General Data Protection Regulation (GDPR) and any other applicable regulations.

If we need any additional personal data or wish to use the personal data we already have for a different purpose than originally intended, we will make sure that we inform you that the original use of your personal data has changed and/or re-notify you of our privacy policy and terms at the time the new data is collected.

Storage and Security

We use and store the personal data collected for as long as reasonably necessary to provide our services, in particular to fulfil our obligations under the Insurance contract and to meet legal requirements. The particular timeline depends on the relevant service, but generally we will not retain personal data more than 6 years. Personal data that is stored is either secured through encryption and/or industry standard access controls (to make sure such access to your personal data is provided only to the people required to provide our services).

Third Parties

Some of the technologies we use for storage, analytics and marketing include third-parties such as DoubleClick. We take reasonable precautions to prevent personal data from being provided to third- parties unless the services require certain personal data such as an email address. If we do share your personal data with third-parties, we will ensure that it is lawful (e.g. through consent or based on legitimate interests) and reasonably verify that the third-party data handling processes are compliant with the General Data Protection Regulation (GDPR).

Your rights to your data

We want to make it easy for you to understand your rights and empower you to use them. Under the GDPR, you have the right to:

  1. Access any personal data we have on you

  2. Rectify any personal data that may be incorrect

  3. Object to processing

  4. Restrict processing

  5. Request to Erase any of your personal data

  6. Withdraw Consent (if applicable)

  7. Data Portability: the right to a copy of your personal data in a machine-readable format and transfer it easily and freely from us to another company

  8. If you feel like we’ve infringed upon your rights and you wish to lodge a formal complaint about us, please contact our Supervisory Authority at the information commissioner’s office


Upon reviewing your personal data, if you determine that certain information is not correct please contact us. When you make requests for restriction, erasure, or rectification, we will notify you when we have made the necessary corrections or deletions.

While we will make every reasonable effort to comply with your requests, in some cases we will be unable to comply due to other, overriding concerns such as establishing or exercising legal claims, or to comply with an outstanding legal obligation.

If you have any questions or concerns about the personal data we collect, or to exercise your rights under the GDPR, please contact

If you believe we have not adequately addressed your concerns and you wish to make a formal complaint, please contact our Supervisory Authority at the information commissioner’s office

Compliance and Changes

We regularly review our compliance with our Privacy Policy and will update it following any changes in applicable privacy regulation. As a result, our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any privacy policy changes on this page and, if the changes are significant, we may send a notice via email or other method of contact.

Age Restriction

Our services and products are not knowingly directed at, nor do we knowingly collect any information from persons under the age of seventeen. If you are under sixteen years old, please do not use this website or its applications. If you learn that your minor child has provided us with personal data without your consent, please contact us at

Key Terms


A cookie is a small file containing a string of characters that is sent to your computer when you visit a website. When you visit the website again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some website features or services may not function properly without cookies. Cookies also come in different forms. Single-session cookies are erased after a visit to a website and help with navigation. Persistent (multi-session) cookies remain until they are manually deleted or expire. Cookies can also be placed by either a first party (i.e. the website you visit) or by a third party that has permission from the first party to place a cookie.

Explicit Consent

For us to get your consent under the GDPR, that consent has to be informed (it has to be plainly written so you understand what you’re consenting to), freely given (as in we can’t coerce you by withholding some information), and unambiguous (both sides need to be sure what each doing and agreeing to, meaning it can’t be wrapped into other activities). Consent also has to be a clear affirmative action (like ticking a box or choosing particular technical settings), and you have to be able to withdraw that consent at any time.

IP address

Every device connected to the Internet is assigned a number known as an Internet protocol (IP) address. These numbers are usually assigned in geographic blocks and can either be static (i.e. your computer always has the same IP address) or dynamic (i.e. it is assigned to you by your network when you connect). An IP address can often be used to identify the location from which a device is connecting to the Internet.

Legal or Similarly Significant Effects

A processing activity has legal effects if it could impact your rights – like your freedom to associate with others, vote in an election, or take legal action – or affect your legal status or rights under a contract – like being denied housing or entry into the country. “Similarly significant effects” are ones that could affect your circumstances, behavior, or choices. This could include decisions that affect your job prospects, or even targeted advertisements that play on particular stereotypes or biases towards minority or vulnerable groups.

Non-personally identifiable information

This is information that is recorded about users so that it no longer reflects or references an individually identifiable user.

Personal data

This is information that you provide to us which personally identifies you, such as your name, email address or billing information, or other data which can be reasonably linked to such information by Pikl Insurance Services Limited

Pixel tag

A pixel tag is a type of technology placed on a website or within the body of an email for the purpose of tracking activity on websites, or when emails are opened or accessed, and is often used in combination with cookies.

Processing (of data)

“Processing” means doing anything to your data. In more legal terms, according to GDPR Article 4, this can refer to collecting, manipulating, storing, disclosing, or erasing data, among other actions.


Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person. See GDPR Article 4(5).

Special Categories of Personal Data

GDPR Article 9(1) defines special categories of personal data as data that could identify your racial or ethnic origin, political opinions, sex or sexual orientation, religious or philosophical beliefs, trade union membership, genetic information, biometric data and other health data.

Supervisory Authority

A Supervisory Authority is an independent public authority established by an EU Member State. It’s in charge of handling your complaints and making sure that all businesses in its purview are acting in accordance with the GDPR. We are based in the United Kingdom, our lead Supervisory Authority is:

The information commissioner’s office
For more information, see GDPR Article 4(22) or Article 51.

© This wording is fully protected by the laws of copyright. No unauthorised use or reproduction is permitted.