Looma Privacy Policy (v2)

Effective Date: 01/07/2025

Entity Responsible: One Looma Ltd

Registered Office: Mynshull House, 78 Churchgate, Stockport, England, SK1 1YJ

Contact: privacy@go-looma.com

1. Introduction

Looma exists to rebalance the scales. Insurers, credit agencies, and official databases hold huge amounts of information about you. We believe you should be able to access it, understand it, and benefit from it.

This Privacy Policy explains how we collect, use, and protect your data. It is written to be clear, transparent, and on your side.

By visiting www.go-looma.com and using our apps and services, you acknowledge that you have read and understood this Privacy Policy and the practices it describes. One Looma Ltd is the data controller of your personal data.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

We only collect information that helps you see, understand, and use your driving, insurance, and credit profile. Nothing more.

a) Information You Provide

When you create and use a Looma account, you will provide us with:

  • Identity and Contact Data: Name, email address, current address (including previous addresses), proof of address, phone number, date of birth, driver’s licence.
  • Account Data: Username, password, and security verification details.
  • Communications: Messages, support requests, feedback, or other information you choose to share.

b) Information We Obtain from Third Parties (with your authorisation)

With your explicit authorisation, we retrieve information from trusted third parties to build your dashboard and calculate your Looma Score. These include:

  • Insurers and Brokers: Data obtained via Data Subject Access Requests (DSARs), such as policy details, accident history, no claims discount and claims history and any other data relating to you as an individual as held by these organisations.
  • Credit Reference Agencies (e.g. Experian, Equifax, TransUnion): Information from your credit report, such as credit accounts, repayment history, balances, and credit scores.
  • DVLA (Driver and Vehicle Licensing Agency): Driving licence information, endorsements, vehicle registration(s) and status, and related driver record data.
  • MIB (Motor Insurers’ Bureau): Claims records and information relating to your current or past insurance.

We never access these sources without your authorisation. The data always remains yours. Looma simply helps you access, view and use it.

c) Technical and Usage Data

When you use Looma, we automatically collect:

  • Technical Data: IP address, browser type, operating system, device identifiers, cookies, analytics data, and log files.
  • Usage Data: How you interact with our Services, including login activity, dashboard usage, and feature preferences.

3. How We Use Your Information

We use your data only for clear, fair, and transparent purposes:

  • To provide you with our Services: Building your dashboard, retrieving third-party data with your consent, and calculating your Looma Score.
  • To improve accuracy and trust: Detecting anomalies, spotting errors, and flagging potential fraud.
  • To give you insights and value: Offering tailored insights and running Looma Co-Driver (continuous market scanning for better deals).
  • To keep you informed: Sending service updates, account notices, and, where you’ve not opted out, marketing like newsletters.
  • To improve Looma itself: Analysing usage so we can make things clearer, faster, and more useful.
  • To comply with the law: Meeting regulatory obligations and cooperating with authorities when legally required.

We use artificial intelligence and automated decision-making to calculate your Looma Score, to detect anomalies, and to generate insights about your insurance and driving data. These processes are designed to give you clearer information and highlight areas where you may benefit from better deals or improved data accuracy.

We regularly review our AI systems to ensure they are accurate, fair, and transparent. Automated outputs are not the final word. They are tools to help you make more informed decisions.

We may also use anonymised or pseudonymised data to train our systems, share insights, and improve insurance models. This information cannot identify you.

4. Legal Basis for Processing

Under UK GDPR, we process personal data based on:

  • Contract: To provide you with the Services you request.
  • Legal obligation: To comply with laws and regulations.
  • Legitimate interests: For fraud prevention, service improvement, analytics, and some marketing (balanced against your rights).
  • Consent: For direct marketing (where required) and non-essential cookies.

5. Sharing Your Information

We only share your personal data where it’s necessary and fair:

  • Cloud hosting providers (AWS) to run and store our Services securely.
  • Analytics providers (e.g. Google Analytics) to help us understand usage.
  • Insurers and related organisations when retrieving DSAR data for you.
  • Credit reference agencies, DVLA, and MIB where you have authorised access.
  • Regulators or authorities where the law requires it.

We do not sell your personal data. If we don’t need it, we don’t share it.

6. Data Retention

We keep your personal data only as long as it’s useful and legally required, generally up to seven years.

If you delete your account, we delete your data. We don’t keep copies “just in case.”

7. Security

We use strong safeguards to protect your data:

  • Encryption at rest and in transit.
  • Strict access controls.
  • Identity verification and two-factor authentication.

No system is perfect, but we continuously monitor, test and improve our defences.

8. Your Rights

The law gives you strong rights over your data, and we make them simple to use:

  • Access – request a copy of your personal data.
  • Rectification – fix inaccurate or incomplete data.
  • Erasure – delete your account and data at any time.
  • Restriction – limit processing in certain cases.
  • Opt-out – stop receiving marketing at any time.

Please note:

  • Export/download of all raw data isn’t currently available.
  • Automated decision-making (like the Looma Score) cannot be restricted.

To enact your rights, just email dpo@go-looma.com. You’ll always get a straight answer from us, not legal jargon.

9. Cookies and Tracking

We use cookies for:

  • Essential functions – logging in, keeping sessions secure.
  • Analytics – understanding usage.
  • Advertising – providing relevant marketing.

You can manage or disable cookies in your browser. Essential cookies are required for Looma to work.

10. Children’s Privacy

Looma is for drivers and riders only, so you must be 16 or older to use our Services. We do not knowingly collect data from anyone under 16.

11. Changes to This Policy

If we update this Privacy Policy, we’ll post a new version with a revised “Effective Date.” For significant changes, we’ll notify you directly.

12. Contact

If you have questions, concerns, or suggestions, contact us:

One Looma Ltd

Mynshull House, 78 Churchgate, Stockport, England, SK1 1YJ

Email: privacy@go-looma.com

One Looma Ltd is registered with the Information Commissioner’s Office (ICO) under registration number ZB943277. If you have concerns about how we handle your data, you can contact the ICO directly at www.ico.org.uk, though we’d always encourage you to speak with us first.

13. Our Commitment

At Looma, we’re not just ticking compliance boxes. Our purpose is to give you back control of your data. If anything here isn’t clear, challenge us. Transparency isn’t just a legal requirement; it’s our core value.

By using Looma, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, you should not use our Services.