Part 2 - myRAC
Purpose for using your information
MyRAC is a self-service portal in which RAC Members can register to use for the purpose of viewing and managing their personal details, policy and documentation in relation to their breakdown cover.
This notice explains the personal data we collect and how we use that personal data in order to deliver myRAC.
Legal basis for using your information
Under the UK Data Protection regulation and the General Data Protection Regulation, we’re required to tell you our legal basis for using your data. When we use your data for the purpose of delivering myRAC, we rely on our ‘legitimate interest’ as our legal basis (see Article 6(1)(f) of the UK Data Protection regulation and the General Data Protection Regulation).
The information we use
The information which we use about you will depend on if you choose to use the myRAC Self Service Portal. Your email and membership number will be used to set up an account and your account will be activated upon registration to myRAC.
The portal is a membership benefit to enable self-service access to view and manage your personal information and policy documentation if you have chosen to not receive paper.
We use the following information to deliver myRAC to our members:
- Your membership information: policy number, lead member, key dates, membership type, breakdown products and extras, my vehicle and vehicle reminders
- Your vehicle details: make, model, vehicle registration
- Your personal details: name of lead member, date of birth, address, email address, additional member, phone numbers and Device ID
- Your membership policy documentation: renewal pack, confirmation of changes to membership; welcome confirmation pack and rescue policy booklet
- Account settings: email address and password for registration and authentication, update communication and document preferences
- Refer a friend: name and email of non-member (used in conjunction with offer only and consent of non-member before referral)
- MOT date: If you use our MOT reminder notification service.
- Information regarding your MOT: Details of your vehicle’s MOT can be accessed through myRAC.
How we get your information
When you take out a breakdown policy the data you provide to RAC will be used to set up your membership and create your myRAC account.
We receive Information about your vehicle’s MOT from the Driver and Vehicle Standards Agency.
How long we keep your information
The RAC keeps your personal information for as long as the law requires, according to the rules and regulations.
MyRAC accounts are deleted 60 days after cancellation/non-renewal of membership policies. It is your responsibility to ensure you have downloaded any documentation you require after cancellation or non-renewal of your policy.
If you require access to your information or documentation after this time it can be requested as per Your Data Protection Rights which can be found in this Privacy Policy or by contacting the Data Protection Team at [email protected].
Who we share your information with
We may share your data with third parties who are instructed by us, such as:
- IT providers: for the purposes of hosting, administration and management of the myRAC platform and provision of the service.
- RAC group companies: for the purpose of customer experience, usage analysis and management reporting.
- Advertising providers: we collect your Device Advertising ID when using the myRAC app and share it with third parties (e.g. Google and Facebook) for the purpose of personalised advertising. You can reset your IDFA on an Android device or turn off personalised ads on an iOS device.
Automated decision-making
Automated decisions are decisions which are made about you using only technology and which aren’t made with the direct input of an actual person. MyRAC does not make automated decisions about you.
Where your information is held
We are a UK based organisation and your data is primarily hosted in a secure RAC domain within the European Economic Area. The data is held in Microsoft Azure cloud hosting services.
It is possible that we may transfer your personal information outside of Europe, for example, where one of our service providers has operations outside of Europe and such transfer is necessary. Where your data is transferred outside of Europe, we will ensure that suitable safeguards are in place to make sure that your data is protected. The safeguard will usually be reliance on standard contractual clauses.