Privacy & Cookies Policy

Lines are open
Mon/Fri: 8.30am - 6pm

0800 038 0830

For any other query click here


Privacy & Cookies Policy

Data Protection Notice

The protection of your personal data is important to the BNP Paribas Group, which has adopted strong common principles in relation to data protection for the entire Group and which are reflected in its Group Privacy Policy.

This Data Protection Notice provides you with detailed information relating to the protection of your personal data by:

Pinnacle Insurance plc (trading as helpucover)

Cardif Pinnacle Insurance Management Services plc (trading as Everypaw)

Cardif Pinnacle Insurance Management Services plc (trading as BNP Paribas Cardif)
Registered Address:

Pinnacle House
A1 Barnet Way

("we", "us", "our"). The above companies are part of BNP Paribas Cardif and the BNP Paribas Group (both "Group companies").

We are responsible for the collecting and processing of your personal data in relation to our activities. The purpose of this Data Protection Notice is to tell you which personal data we collect and process about you and why, who we share your data with and why, how long we keep it and how you can exercise your rights.

Where necessary, further information may be provided to you when you apply for, purchase, renew or make a claim in relation to a specific insurance product or service.


Depending on the data that is required from you for the type of insurance product or service we provide to you and to enable us to provide and improve our services, we may collect any of the following types of personal data about you including but not limited to any of the following types:

  • identification information (e.g. name, address, date of birth, gender, national insurance number)
  • contact information (e.g. postal and email address, telephone numbers)
  • other household information (e.g. marital status, number of occupiers, number of vehicles, number of pets, other types of pet products you have purchased)
  • financial information (e.g. bank account or payment card details, income)
  • education and employment information (e.g. level of education, type of employment, employer's name)
  • data relating to your insurance contract(s) (e.g. policy number, methods of payment, duration, premium amounts, payments, discounts, claim history, complaint history)
  • data necessary to assess your risk (e.g. your locality, information relating to your pet, loan, vehicle, electronic device, purchases and travel)
  • data relating to your lifestyle and the insured assets (e.g. hobbies, interests, sports, vehicle use, occupation)
  • data from your interactions with us (e.g. our websites, our apps, our social media pages, personal meetings, telephone calls, emails, interviews, correspondence, SMS, web chats);
  • CCTV (e.g. where you visit our premises);
  • data relating to the locality and geolocation of the insured person or asset or our services (e.g. vehicle geolocation)
  • connection and tracking data (e.g. cookies, connections to online customer service, replies to online surveys)
  • data relating to your participation in competition and promotional activities? (e.g. date of participation, your answers, your pictures and the type of prizes)
  • data necessary to prevent insurance fraud, money laundering and terrorist financing

Where necessary and subject to your explicit consent, we may collect the following special categories of data for the reasons stated below:

  • biometric data: (e.g. voice recognition)
  • health data: data that is required to underwrite your insurance cover or to process your claim.

We do not collect or process any data relating to your racial or ethnic origin, political beliefs, religious or philosophical beliefs, trade union membership, genetic data or sexual orientation unless we have a legal obligation to do so.

The personal data that we use may be collected directly from you or obtained from the following sources for the purposes of verifying or enriching our data:

  • official public records (e.g. census data, electoral roll);
  • our service providers;
  • third parties such as fraud prevention agencies or data brokers (in accordance with data protection legislation);
  • websites and social media containing publicly available information;
  • data bases made public by third parties;


In certain circumstances, we may also collect and process information about you where you have no direct relationship with us. This may happen where your personal information is provided by, for example:

  • A legal representative / executor / person with power of attorney / insolvency practitioner;
  • The policyholder and/or other family members where you are a beneficiary of an insurance policy;
  • A co-insured or co-insurer;
  • An employer;
  • Our commercial partners.


a. To comply with our legal and regulatory obligations

We use your personal data to comply with various legal and regulatory obligations, including:

  • prevention of insurance fraud, money-laundering and financing of terrorism;
  • compliance with legal and financial legislation and regulations;
  • prevention of tax fraud, fulfilment of tax control and tax notification obligations;
  • risk monitoring and reporting;
  • responding to an official request from a duly authorised public, regulatory or judicial authority.

b. To perform a contract with you or to take steps at your request before entering into a contract

We use your personal data to enter into and perform our contracts, including:

  • evaluating the details of the insurance risk in order to determine your premium or renewal premium (e.g. your expected claims frequency, claim cost and expected loyalty);
  • handling your claims or complaints;
  • providing you with information about your insurance contract;
  • respond to your enquiries including a request to update your personal data when your circumstances change;
  • evaluating if we can offer you insurance products or services and if so on which terms.

The above processes may include the making of automated decisions, where necessary, for the entering into or the performance of the contract.

c. To fulfil our legitimate interests

We use your personal data in order to offer and develop our insurance products and services, to improve our insurance risk management and to defend our legal rights for the following reasons:

  • to prove purchase and premium payments (including the follow-up of rejected payments);
  • to prevent fraud;
  • to defend or pursue legal claims;
  • for IT management, including infrastructure management, business continuity and IT operations and security;
  • to establish individual statistical models allowing us to generate competitive premiums or offer you relevant products and services;
  • to establish aggregated statistics, for research and development, in order to monitor risk and the performance of our businesses, improve existing products and services or create new ones;
  • where we record calls for the purposes of staff training and monitoring, administering your policy, handling complaints, detecting or preventing fraud and other crimes, and to improve the quality of our services;
  • to provide customer advisory services relevant to your quote and insurance product (e.g. pet healthcare advice, pothole reporting service, quote reminders and anniversaries);
  • to personalise our and other BNP Paribas Group companies' product offerings to you by:
    • improving the quality of our insurance products or services (e.g. customer satisfaction surveys);
    • advertising our products or services that might be of interest to you according to your situation and profile which we can assess by:
      • segmenting our potential customers and policyholders;
      • analysing your habits and preferences in the use of communication channels (e.g. our website and social media apps, emails or messages);
      • sharing your data with another BNP Paribas Group company and, in particular, if you are or will become a customer of that other Group company; and
      • combining data about your existing insurance products or services or those for which you have obtained a quote with other data that we already hold about you (e.g. where we identify that you have a pet but do not have pet insurance or you have a car but do not have warranty insurance);
    • organising prize competitions and promotional campaigns.

d. Respecting your choices where we have requested your consent

In certain cases, we require your consent to process your data, for example:

  • to send you communications for direct marketing purposes (e.g. emails, newsletters, SMS, telephone calls) unless you tell us you want to opt out of receiving any further communications by contacting us using the details set out in Section 9 below or by unsubscribing. If you do not exercise this right, you may continue to receive communications from us whether you hold an insurance product with us or not;
  • Unless we can rely on another legal ground, where the above purposes lead to automated decision-making, which produces legal effects or which significantly affects you. At that point, we will inform you about the logic involved, as well as the significance and the envisaged consequences of such processing;
  • Where we need to process your health data for the purposes of administering your claim - we will ask you to confirm your consent when completing your claim form;
  • If we need to carry out further processing for purposes other than those above in Section 3, we will inform you and, where necessary, obtain your consent.


For the purposes above, we only share your personal data with the following individuals or entities:

  • the Group companies named above and their employees for the purposes of providing our services to you;
  • independent agents, intermediaries, introducers or brokers (e.g. price comparison websites);
  • co-insurers, re-insurers and our corporate insurers;
  • any other party who has a legitimate interest in your insurance contract (e.g. your next of kin, a beneficiary or a third party claimant, and their representatives);
  • social security agencies when involved in insurance claims or where we provide benefits complementary to social security benefits;
  • BNP Paribas Group companies to offer the full range of products and services;
  • service providers who perform services on our behalf;
  • banking, commercial partners and brokers;
  • financial or judicial authorities, arbitrators and mediators, state agencies or public bodies, upon request and to the extent permitted by law (e.g. Financial Ombudsman Service, Financial Services Compensation Scheme, HM Revenue & Customs);
  • certain regulated professionals such as healthcare professionals, lawyers, notaries, trustees and auditors;
  • debt collecting and credit reference agencies;
  • fraud prevention agencies.


Where we transfer your data to a country outside the European Economic Area (EEA), where the European Commission has recognised that non-EEA country as providing an adequate level of data protection, your personal data will be transferred on this basis without your specific authorisation.

For transfers to non-EEA countries whose level of protection has not been recognised as adequate by the European Commission, we will either rely on an exemption from a rule or law that is applicable to the specific situation (e.g. if the transfer is necessary to perform our contract with you) or use one of the following safeguards to ensure the protection of your personal data:

  • Standard contractual clauses approved by the European Commission; or
  • Binding corporate rules (for inter-group transfers), where applicable.

To obtain a copy of these safeguards or details on where they are available, you can send us a written request as set out in Section 9.


Your personal data is retained by us in digital format for as long as we need to comply with our legal and regulatory obligations and for the defence of complaints and claims against us. This includes being able to provide evidence in the case of any legal or regulatory investigations, disputes or claims regarding the provision of our products or services to you. In the case of personal information contained in paper format, the document will be recorded in digital format and retained on our systems; the paper format will then be securely destroyed.


In accordance with applicable regulations, you have the following rights:

  • to access: you can obtain information relating to the processing of your personal data and a copy of the personal data held.
  • to rectify: where you consider that your personal data are inaccurate or incomplete, you can require that such personal data is updated.
  • to erase: you can require the deletion of your personal data, to the extent permitted by law.
  • to restrict: you can request the restriction of the processing of your personal data.
  • to object: you can object to the processing of your personal data, on grounds relating to your particular situation. You have the absolute right to object to the processing of your personal data for direct marketing purposes, which includes profiling related to such direct marketing.
  • to withdraw your consent: where you have given your consent for the processing of your personal data, you have the right to withdraw your consent at any time.
  • to data portability: where legally applicable, you have the right to have the personal data you have provided to us be returned to you or, where technically possible, transferred to a third party. -->

If you wish to exercise the rights listed above, please contact us using the details in Section 9 below.

In accordance with data protection legislation, in addition to your rights above, you are also entitled to make a complaint to:

The Information Commissioner's Office
Head Office:

Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Tel: 0303 123 1113

2nd Floor, Churchill House, Churchill Way, Cardiff CF10 2HH
Tel: 029 2067 8400

45 Melville Street, Edinburgh EH3 7HL
Tel: 0303 123 1115

Northern Ireland:
3rd Floor, 14 Cromac Place, Belfast BT7 2JB
Tel: 028 9027 8757 or 0303 123 1114


In the context of constant technological evolution we may have to update this Data Protection Notice. Please check the latest version of this Data Protection Notice on our website. We will inform you of any changes through our website or through our other usual communication channels with you..


To exercise your rights or if you have any questions regarding our use of your personal data please contact us at:

Data Protection Correspondent
Pinnacle House, A1 Barnet Way, Borehamwood, Hertfordshire WD6 2XX

So that we can answer your requests as quickly as possible, please indicate the right(s) you wish to exercise. An acknowledgement of receipt will be provided.

We are required to answer all requests within one month but we are allowed to extend this period by one further month depending on the complexity of the request. We will contact you in writing if we are unable to reply to your request within one month.

If you have a separate enquiry related to the BNP Paribas Group then you may contact the Group's Data Protection Officer at:
Jerome Caillaud - Data Protection Officer, BNP Paribas CARDIF, 8, rue du Port, 92728 Nanterre, France


The BNP Paribas Group is committed to delivering the best possible service to you while maintaining the confidence that you place in us. As part of this, we have adopted strong principles across the Group to ensure the protection of your personal data

We set out below information about how we place, use and store cookies on your device when you use our website and/or our mobile application [] (the "Website" and/or "Application") and you select the option to manage and delete cookies.

1. What is a cookie?

Cookies are small text, image or software files that are placed on your device when you access our Website. The word “device”, when used in this Cookies Policy, refers notably to computers, smartphones, tablets and all other devices used for accessing the internet.

Cookies may be either: (i) session specific, meaning that they are deleted from your device once the session and browser are closed; or (ii) persistent meaning that they will remain on your device until they are removed.

Cookies perform a number of useful functions, such as to:

  • Authenticate and identify you on our Website and/or Application in order to provide you with services that you have requested;
  • Enhance the security of the Website and/or Application, including to prevent fraudulent use of login credentials and protect user data from access by unauthorised parties;
  • Send you personalised advertising based on your browsing history and your preferences on line;
  • Monitor your use of our Website and/or Application in order to improve them;
  • Enhance your user experience by adapting and tailoring the content on the Website and/or Application to your interests and providing more relevant BNP Paribas ads and content to you on non-BNP Paribas websites and non-BNP Paribas applications.
  • Remember information that you provided to us (e.g. to automatically populate forms with information that you have previously provided to us so that you can log on more quickly);
  • Keep track of your preferences and settings in your use of our Website (e.g. time zone);

2. What kind of information can be stored in a cookie?

The information stored by the cookies on your device may relate to the following, subject to its retention period:

  • the webpages you have visited on that device;
  • the advertisements you have clicked on;
  • the type of browser you use;
  • your IP address;
  • and any other information that you have provided on our Website.

Cookies may contain personal data. Where we use cookies which collect your personal data, such collection is covered by our Data Protection Notice above.

3. What kinds of cookies do we use and for what purpose?

Cookies used on our Websites are classified into different categories:

3.1 Strictly necessary cookies (mandatory)

These cookies are necessary for the Website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

3.2 Functional cookies

These cookies enable the Website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

3.3 Performance cookies

Performance cookies collect information about how you use our Website. For example, which pages you visit and if you experience any errors. These cookies are essential to us being able to operate and maintain our Website.

3.4 Targeting cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

4. Who places the cookies on your device (the companies of BNP Paribas Group or a partner)?

When you select which types of cookies you allow on your device, the cookies may be deposited directly by us or by one of our partners

This means that when you authorise the installation of certain so-called "third-party" cookies on your device, our partners will also be able to access the information they contain (such as, for example, your browsing statistics when you allow third-party analysis cookies) within the limits of our Data Protection Notice and those of our partners.

5. How can you manage cookies?

To see the different categories of cookies that we use on the Site and/or Application and configure your choices, you can consult the cookie management module accessible here. You can modify at any time your preferences, withdraw or re-provide your consent at any time.

Please note that the use of strictly necessary cookies” for the proper functioning of the Site does not require your consent. This is why the option “strictly necessary cookies is pre-checked in our cookie management tool and is not optional.

By refusing certain types of cookies (preference cookies for example), we will not be able to optimize your user experience on our Website and some parts may not function properly.

By default, we save your cookie choices on a device for a maximum of 6 months. If you change your mind about the preferences you have expressed regarding cookies, you can update your choices at any time, by following the below link. We will ask you to repeat your choice every 12 months.