Privacy Policy


This document explains the collection, usage and disclosure policies pertaining to the personal information obtained on this website operated by Cover Genius Pty Ltd (Australian Company Number 159 983 598) of Level 19, 45 Clarence Street Sydney 2000, Australia, and it affiliates, including Cover Genius Limited (UK company Number 09408621) of 4 Ravey Street, London EC2A 4QP, United Kingdom, Cover Genius Insurance Services, LLC and Cover Genius Warranty Services, LLC, of 27 East 28th Street, New York, NY 10016, and Cover Genius Canada, Inc., 40 King Street West, Suite 2100, Toronto, Ontario M5H 3C2 ("we" or "us"). We may amend this policy from time to time.

1. Our Privacy Commitment.

We are committed to protect your personal information. This document outlines how we collect, use and disclose personal information.

2. General Data Protection Regulation (GDPR)

We are committed to complying with the UK’s Data Protection law and the EU General Data Protection Regulation (GDPR) for the protection of personal information, as well as the principles of data security in the configuration of our services. If you have any questions about this privacy policy or how we use your personal information, please contact our compliance team:

In Writing: Cover Genius Unit 6, 4 Ravey Street, London EC2A 4QP United Kingdom
By Email: [email protected]

3. What is personal information?

Personal information is information that can identify you. This includes but is not limited to your name, age, phone number or email address.

4. Why do we collect personal information?

In order to enter into an agreement with us, we will collect, store and use elements of your personal information. The processing of this personal information is a contractual requirement and is necessary by us in order to administer your account and to provide a suitable plan for your trip. It is held and used to:

  • Identify you;
  • Offer you a suitable product;
  • Give you support with an existing booking;
  • Assist you with your claims (only claim-relevant information);
  • Issue you booking reminders for your convenience;
  • Maintain training & quality purposes over the phone.
Should you choose not to provide us with details of your personal information we may not be able to carry out the services we have stated in the clause.

We may also collect and process your personal information to send you direct marketing communications and other non-transactional communications in accordance with your marketing preferences, for our legitimate interests in conducting direct marketing or to the extent you have provided your prior consent (see Section 10 below for further information).

5. What personal information is collected?

We collect and keep information, which may include:

  • Trip details,
  • first name(s), surname or company name (including representation as the case may be),
  • address (street, street number, postal code, city and country/region),
  • email address,
  • date of birth,
  • telephone and mobile number,
  • bank details (account number, account holder and card number) for claim purposes,
  • Other information pertaining to your use of this website including but not limited to your IP Address and Browser information.

We will also monitor, record, store and use any telephone, email or other electronic communications with you for training purposes so that we can check any instructions given to us and to improve the quality of our customer service.

Personal information we collect from you will be accessed by trusted third-parties who are outside the European Economic Area. However, additional security and contractual arrangements are in place to ensure the protection of the data accessed. The countries involved in the processing include; Australia and the Philippines.

6. How is your personal information collected?  

We collect information through different means:

  • Directly from you - this happens when you create a quote on our website, request support or submit a claim. It may happen over the phone, via email or our chat box when communicating with our agents/representatives.
  • Through our partners - this happens when you book one of our plans through one of our partner’s website or when our partners create quotes and book plans through our travel agent portal on our website.
  • Through third parties - this may happen through our underwriters, your representatives (family members), service providers, marketing partners and data providers, social media platforms, claim investigators and handlers, and our other third party partners. Please see below for more information about our third party marketing partners and data providers.

7. How do we protect your personal information?

In order to protect the personal information collected from you, we are dedicated to preventing any accidental or deliberate manipulation, loss, destruction of personal information, or any unauthorised access to or unauthorised disclosure of personal information. Technical and organisational security measures are constantly improved as part of our technological development. In addition, our employees, subcontractors and other support staff are obligated to observe confidentiality and data privacy.

Procedural safeguards:

  • Only our authorised personnel has access to your personal information. If an employee leaves the company, his/her access to our database is restricted.
  • We only disclose personal information once an individual has met all the identification requirements.
  • We constantly train our staff on how to handle personal and sensitive information.

Technical safeguards:

  • Our website supports “Secure Socket Layer” or SSL encrypted 256-bit SSL which prevents other computers to impersonate your computer & access or modify from other third parties while it travels around the Internet.
  • Our payment gateways are encrypted to enable safe transfer of credit card details.
Wherever possible, we have tried to create a secure and reliable website for our users. However, you recognise that your use of the Internet and our website is entirely at your own risk and we have no responsibility or liability for the security of personal information transmitted via the Internet.

All passwords and usernames allocated to you must be kept secret and must not be disclosed to anyone without our prior written authorisation. You must not use any false identity in email or other network communications and you must not attempt or participate in the unauthorised entry or viewing of another user’s account or into another system.

8. Sharing of data with other approved parties

Cover Genius is a ‘data controller’ within the meaning of the GDPR and determines the purposes and means of the processing of your personal information. Cover Genius uses ‘data processors’ which process your personal information on behalf of Cover Genius. 

Here at Cover Genius we take your privacy seriously and the information we hold about you is confidential. In order to administer your contract, we may need to share some of your personal information with other approved parties. This processing is necessary for the purposes of delivering specific services to you. 

Your personal information is not disclosed without your consent unless it is sold as part of the business. It may however be disclosed to parties within business operation, in accordance to the Privacy Act 1988 (Cth), the Data Protection Act 1988 and the General Data Protection Regulations (GDPR) (EU 2016/ 679) such as:

  • government authorities;
  • contractors;
  • our agents and representatives;
  • our insurers;
  • our claims handlers;
  • our partners,
  • our suppliers.

We may disclose it outside Cover Genius when: 

  • you have given us your consent to do so,
  • it is necessary for the performance of an agreement/contract of which you will be made aware,
  • in order to obtain professional advice (e.g. legal advice),
  • we or others need to investigate or prevent crime (e.g. to fraud prevention agencies)
  • the law permits or requires it,
  • regulatory or governmental body requests or requires it, even without your consent, or
  • there is a duty to the public to reveal the information.

Other data processors which we may share your personal information with may include:

  • Credit reference agencies, 
  • Claims handling and fraud prevention agencies (to investigate or prevent crime). 

9. How do we use cookies?

Cookies are small files that are downloaded to your computer and anonymously accumulates your personal information and our website’s usage, enabling us to recognize when your computer goes on our website in the future. Cookies do not damage your computer and you can deactivate them if you do not wish to receive them on your computer.

We use cookies to store your favorite settings on our website to make your experience more convenient. They are also used to monitor how your internet browser behaves.

You can change your cookie settings by reading the help section for your browser for the latest instructions.

If you want to learn more about cookies or how to control, disable, or delete them, please visit for detailed guidance and instructions on how to delete cookies and to opt-out from advertising.

10. Direct marketing communication

We may also collect and use your personal information (such as your business contact information) to send you direct marketing communications and other non-transactional communications in accordance with your marketing preferences, including information about our (or selected third parties) products, promotions, events, and services, which may be of interest to you.

To help make our emails more interesting and relevant, we often receive a confirmation when you open an email from Cover Genius if your computer supports such capabilities.

To support our marketing and lead generation activities and in order to enhance our ability to provide more relevant marketing, offers and services to you, we may also receive or collect certain personal information about you (such as your business contact information) from our third party marketing partners and data providers,, but only where we have checked that these third parties have either obtained your consent or are otherwise legally permitted to disclose your information to us. The types of information we collect from third party sources include basic business contact information (such as your name, email address and country) and professional information (such as your job title, institution or company). Please be aware the privacy practices of these third parties are governed by their own privacy policies, not this Privacy Policy.

You have a right to opt-out of our direct marketing communications at any time. You can opt-out by following the Unsubscribe instructions at the bottom of the communication or by emailing [email protected]

11. Links to websites of other providers’ third parties

Please note that this Privacy Policy only applies to Cover Genius and we are not responsible for, and have no control over, information that is submitted to or collected by third parties, such as those where our website may provide links and banner advertisements to third party sites. Since we do not control those websites, you are responsible for reviewing and abiding by the privacy policies of these third-party sites to ensure they comply with the applicable data protection regulations.

12. How long will your personal information be stored for? 

Where possible, we will take steps to erase any personal information that is no longer necessary for the purposes for which it is collected or otherwise processed, or if you have withdrawn consent for its processing and retention.

As a general rule, if you enter into or took steps to enter into a contract with Cover Genius, we will store the data in accordance with other regulations and compliance with our general legal obligations and for the exercise or defence of any legal claims.

Under the GDPR, you have the right to ‘block’ or request the deletion or removal of personal information to prevent further processing. This right to erasure is also known as ‘the right to be forgotten’. Specific circumstances in which you can request the deletion or removal of personal information includes:

  • where the personal information is no longer necessary for the purposes for which it is collected or otherwise processed,
  • where you withdraw consent,
  • when you object to the processing and there is no overriding legitimate interest for continuing the processing,
  • where the personal information was unlawfully processed (i.e. otherwise in breach of the GDPR),
  • where the personal information has to be erased in order to comply with a legal obligation.
  • In case a deletion is not possible due to legal, statutory or contractual retention periods, or if it requires disproportionate efforts or prejudices your legitimate interests, the data will be blocked instead of deleted.
13. Your expanded rights under the GDPR

Right to Object
Under the GDPR you have the right to object at any time to the processing of your personal information (including profiling). If you make an objection Cover Genius must generally stop the data processing. However, this right only applies to certain types of processing, such as:
  • where the legal basis for processing is legitimate business interests; or
  • where we are processing your personal information for our direct marketing purposes.  
Right to Data Portability
You have the right to receive your personal information that you provided to Cover Genius in a ‘structured, commonly used, machine-readable format’ and to transmit that data to another entity where the data is processed electronically.

Your right to Data Portability applies:
  • to personal information that you have provided to Cover Genius;
  • where the processing is based on your consent or the performance of a contract; and
  • where processing is carried out by automated means. 
Right to Restriction of Processing
You may have a right to obtain a restriction on processing of your personal information from Cover Genius. Where processing is restricted, personal information may only be processed in certain circumstances including with your consent. For example, if you contest the accuracy of your personal information, there may be a temporary restriction on processing to enable Cover Genius to verify the personal information.

14. Fraud Prevention

If you give us false or inaccurate information and fraud (in any form) is identified, details will be passed to the fraud prevention agencies. We and other organisations may also share, access and use this information to prevent fraud and money laundering, for example when:
  • managing credit and credit related accounts or facilities,
  • recovering debt,
  • checking any details that may be provided to us during the course of engaging in business with us.
  • In addition, law enforcement agencies may access and use this information.
15. Breaches

If at any time we become aware that your data has been compromised, or that a breach of our systems and controls has occurred, which has an impact on the security of your data, we will notify the Information Commissioner’s Office, and you, without undue delay.
In case a data breach is likely to be a high risk to your rights and freedoms, we will notify you, as well as the relevant supervisory authority under the GDPR within 72 hours of becoming aware of the breach.

16. Subject Access Requests

You have the right to request access to a copy of the personal information that we hold about you. This is also known as a ‘Subject Access Request’. This information is provided to you free of charge however, we can refuse to respond or charge a ‘reasonable fee’ when a request is manifestly unfounded, excessive or repetitive.

We will provide this information in a structured, commonly used and machine-readable form such as a CSV file or PDF file where possible. This allows you to move, copy or transfer personal information easily from one IT environment to another in a safe and secure way, without hindrance to usability. Where possible, we will provide this information via remote access to a secure self-service system, such as our Customer Account area, which would provide you with direct access to your information.

If you would like to submit a Subject Access Request, please contact our compliance team in writing to:

Compliance Officer
Cover Genius 18 Finsbury Square London EC2A 1AH United Kingdom

By Email: [email protected]

We will respond to your request without delay and at the latest, within 1 month of receipt of your request.

17. What if your personal information is inaccurate?

If you believe the personal information we hold about you is inaccurate or incomplete, you have the right to rectification. You can log into your account and update this information at any time. Similarly, you can contact us anytime to discuss your personal information.

Where possible, we will also inform any third parties to whom we have disclosed the personal information in question to so they can rectify their records.

18. Withdrawing Consent

If we are processing any of your data by using consent as the lawful basis for processing, you have the right to withdraw your consent for us to collect, process and store this data at any time. If you wish to withdraw your consent, please confirm this in writing to our Data Protection Officer:

Compliance Officer
Cover Genius 18 Finsbury Square London EC2A 1AH United Kingdom

By Email: [email protected]

Please note, by withdrawing consent, we may be unable to execute the contract that you have entered into with us and will result in termination of our services. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

19. Complaints

If you have any concerns or complaint about how we collect, manage and use your personal information, or want to discuss our Privacy Policy further, please email us on [email protected].


Get a quote for your next trip

Coverage for vehicles with less than 9 seats (including driver). Excludes luxury/exotic cars.*