PRIVACY POLICY

1. Introduction

This is a privacy policy for MCE Insurance Limited this includes any trading names and is designed to help you understand how we process your personal data.

At MCE, we are committed to ensuring we protect your privacy and security and will process personal information in accordance with the General Data Protection Regulation, the Data Protection Act 2018 and any other applicable privacy laws.

If you are providing us with another person’s data you should ask them to also read this privacy policy. By giving us information about another person you are confirming that they have given you consent to provide the information to us. Our preferred method of communicating with you is by e-mail. It is your responsibility to ensure the e-mail contact you have given is monitored regularly. If you are a policyholder, buyer or seller we will deal with you. If you would like someone else to be able to deal with your account for you, you will need to give us your consent before we can release any information.

In our Privacy Policy we have compiled all essential information about our handling of your personal data and your rights.


How we may collect your information


2. What personal information will be collected, and how is it collected

Depending on your relationship with us (for example, as a consumer policyholder; non-policyholder, appointed representative; or other person relating to our business). In order for us to provide insurance quotes, purchase and sell vehicle, and deal with complaints, we need to collect and process personal data about you. The types of personal data that are processed may include:

Types of Personal Data Details
Individual details Name, address (including proof of address), other contact details (e.g. email and telephone numbers), gender, marital status, date and place of birth, nationality, employment details, and family details, including their relationship to you
Identification details Identification numbers issued by government bodies or agencies, including Your national insurance number, passport number, tax identification number and driving licence number, driving licence details
Financial information Bank account or payment card details, income or other financial information
Risk details Information about you which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to your health, criminal convictions, or other special categories of personal data. For certain types of policy, this could also include telematics data
Policy information Information about the quotes you receive and policies you take out
Credit and anti-fraud data Credit history, credit score, sanctions and criminal offences, and information received from various anti fraud databases relating to you
Previous and current claims Information about previous and current claims, (including other unrelated insurances),which may include data relating to your health, criminal convictions, or other special categories of personal data and in some cases, surveillance reports
Special categories of personal data Certain categories of personal data which have additional protection under the GDPR. The GDPR categorises these as health, criminal convictions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric, or data concerning sex life or sexual orientation
Location Information If you have a Subscribe & Ride Policy we will collect location data when riding your motorcycle through the MCE – Subscribe & Ride app


We will take all reasonable steps to ensure that we only collect the minimum personal information that is necessary to achieve our objectives and will not use it for any other purpose not envisaged in this privacy policy or as otherwise notified to you. If we do not collect the personal information we need it will severely restrict our ability to provide our services to you.

Personal Information can be collected in a variety of ways, for example, through one of our websites or the website of one of our business partners, or completion of an application form, and sent by various methods including by email, telephone, and post.

We may also collect your personal data via multiple social networks such as Autotrader, Gumtree, eBay, and Facebook who you will hold an account with. You can determine the personal data that we can access when authorising the connection with the single sign-on service.

Please note that this privacy policy applies only to the personal information MCE collect and cannot be responsible for personal information that third parties may collect.

Information from other sources:

We may also acquire your personal information from reputable third party companies who operate in accordance with EU data protection legislation. We will only take receipt of such personal information where they have a lawful basis to pass it on. We may also obtain information from other sources such as:

  • Credit reference agencies
  • Other insurance market participants
  • In the event of a claim, third parties including the other party to the claim (claimant / defendant), witnesses, experts (including medical experts), loss adjustors, solicitors, and claims handlers
  • Anti-fraud databases (eg, Motor Insurance Anti Fraud and Theft Register , Experian, Cue)
  • Sanctions lists, court judgments
  • Government agencies such as the DVLA and HMRC
  • Public sources
  • Social media

3. Cookie policy

What are cookies?

A "cookie" is a small piece of data that is stored on your web browser or hard disk by a web server. This data usually contains encoded information that informs the web server how and when you used the site. Cookies are commonly used on the Internet and do not harm your computer system.

The cookies used on this site do not include any information that others could read and understand about you, such as your name or any account or policy number. They contain no personal Information about you.

Cookies we use:

  • Google Analytics - We use this to monitor the total number of users visiting the MCE Insurance website, and the links they have clicked on to arrive at the site.
  • Mobile Website Cookie - A temporary cookie is used to enable the mobile version of the MCE Insurance website; it allows the user of a mobile device to return to the full site once they have been redirected to the mobile version of the website.

How we may use your information


4. What We Use Personal Information For, Categories Of Personal Information, Lawful Basis For Processing, And Recipients Of Your Personal Data

Data Protection law says that we are allowed to use personal information only if we have a proper reason to do so. This includes sharing it outside MCE Insurance. The law says we must have one or more of the following “lawful basis” to use personal information:

  • Performance of our contract
  • Compliance with a legal obligation
  • In the substantial public interest (eg. to assist with the prevention of crime and fraud)
  • Where processing is necessary to protect a vital interest of an individual
  • Where there is a legitimate interest (eg. when we have a business or commercial reason to use your information, but even then, it must not unfairly go against what is right and best for you.
  • Your consent

If we rely on our legitimate interest, we will tell you what that is.

If you provide data that is specified as special category, we will rely on one of the “lawful basis” above and an additional processing condition “in the substantial public interest for insurance purposes”

Please find below a list of all the ways that we may use your personal information, and which of the reasons we rely on to do so. This is also where we tell you what our legitimate interests are, where this is one of our reasons.

What We Use Your Personal Information For Categories Of Data Lawful Basis Recepients
Inception & Policy Administration
  • Collection or refunding of premium
  • Collection of purchase payment for vehicle
  • Credit check following your consent when paying via a payment plan
Personal data:
  • Individual details
  • Financial information
Personal data:
  • Performance of our contract with you
  • Legitimate interests (to recover debts due to us)
  • Business partners providing administration
  • Payment and delivery
  • Credit lending provider
Policy Administration
  • General client care, including communicating with you regarding administration and requested changes to the insurance policy
  • Sending you updates regarding your insurance policy
  • Communicating with you regarding the purchase of a vehicle
  • Complaints
Personal data:
  • Individual details
  • Policy information
Special categories of personal data:
  • Risk details
Personal data:
  • Performance of our contract with you
  • Legitimate interests (ensuring your contract remains up to date for the risks insured, to correspond with you, nominated beneficiaries and claimants in order to facilitate the placing of and claims under insurance policies)
Your consent Special categories of personal data :
  • In the substantial public interest
  • Business partners providing administration
  • Financial Ombudsman
  • Reinsurers
  • Your employer, if the policy is being used for hire or reward
Throughout The Insurance Lifecycle
  • Complying with our legal or regulatory obligations including renewals
Personal data:
  • Individual details
  • Identification details
  • Financial details
  • Policy information
Special categories of personal data :
  • Credit and anti-fraud data
  • Risk details
Personal data:
  • Compliance with a legal obligation
Special categories of personal data :
  • In the substantial public interest
  • Prudential Regulatory Authority, Financial Conduct Authority, Information Commissioner’s Office and other regulators
  • Police
  • Other insurers (under court order)
  • Insurance Fraud database
Throughout The Insurance Lifecycle
  • To develop and carry out marketing activities (You are classed as a customer for 2 years from when a policy is lapsed, cancelled, or after the transaction date, whichever is later)
Personal data:
  • Individual details
  • Identification details
  • Financial details
  • Policy information
Personal data:
  • Legitimate interests (to inform you about new products, special offers or other information which we think you may find interesting)
  • Consent
  • Business partners providing administration

This list is not necessarily exhaustive as changing business needs or external factors may influence the use of the information we hold.


5. Sharing your data

We may pass to Cambrian or Orchard Funding or any associated company of Cambrian information which you have provided to us in connection with your application for credit unless you ask us not to, which you may do by phoning or e-mailing us. In considering whether to enter into the Credit Agreement, they may search your record at credit reference agencies. They will add details of the search and your application to their records about you and this will be seen by other organisations that make searches.

This and other information about you and those with whom you are linked financially may be used to make credit decisions about you and those with whom you are financially linked.

We may disclose the information that we hold about you to Associated Premium Funding Limited and other agents for the purposes of recovering any debt that you owe and, where necessary, tracing you. If we propose to transfer, charge or assign, or agree to transfer or assign, our rights under your agreement to a third party or if we employ a third party to manage any aspect of your agreement, we will pass relevant information about you to such third parties. Any assignee of such rights or third party manager may hold your information and use it in the same ways as us, as described above. Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law or where otherwise permitted under the Data Protection Act 2018.


6. MCE Subscribe & Ride App

For our Subscribe & Ride customers where a MileMate beacon and mobile application is mandatory the following terms also apply.

The MCE Subscribe & Ride App collects and transmits data on location and mileage ridden. The app collects location data whilst you are riding even when the app is closed or in the background. This data is processed to help identify driver mileage. We will communicate this mileage information to you in the MCE Subscribe & Ride App.

For further information we may:

  • Collect GPS location information every second during an active journey using the GPS sensor in your phone
  • Record Raw Trip Data which consists of the date and time for each one second GPS data point as well as a measurement of the GPS Horizontal Precision at that point in time.
  • Capture photographs of your vehicle odometer associated with your policy.
  • Collect a GPS location fix for each photograph taken by the app including a date and time stamp.
  • Process each photograph taken on our platform and electronically read and store the text within the photographs.

Raw Trip data is anonymised and retained indefinitely and may be used by our Telematics provider and their associated partners for the purposes of improving systems.


Data Retention


7. Where will your personal Information be held?

It may be necessary for us to undertake some of the processing of your personal data in other countries outside of the European Economic Area where data protection safeguards may not be as high as they are in the UK. However, where this is necessary we will ensure that your personal information is treated with the same level of protection as required by the data protection regulations in the UK and EU.

It is also possible that some of our service providers will process your data in other countries. They are also responsible for ensuring your personal information is treated with the same level of protection as required by the data protection regulations in the UK and EU.

If you would like further details of how your personal data would be protected if transferred outside the EEA, please contact our Data Protection Officer at datacontroller@mceinsurance.com in the first instance.

8. How long will Personal Information be held for?

As part of our commitment to your privacy, we will not hold your personal information for any longer than is necessary. Your personal information will be retained in accordance with our retention policy, This is based on the relevant legal and business requirements and, accordingly, the retention periods for personal information will vary according to the nature of the information held.

9. Consent

We will still treat an individual as an MCE customer for 2 years from when a policy is lapsed, cancelled, or after the transaction date, whichever is later.

In most cases when we process your personal information, we will not contact you for consent, for example:

  • When we are under a contract with you to provide our services.
  • When we are complying with a legal obligation.
  • When processing is in the substantial public interest.
  • When we believe it is in our legitimate interests and proportionate to our objective, and that the use of the personal information is not overly intrusive.

10. Marketing

From time to time we may send you marketing communications, new promotions, ask for feedback and provide other information about our products, where we feel this may be of interest to you. This will be by e-mail, phone, or SMS. We may also work with carefully selected partners to bring you offers and information related to other products.

You will always have full control of your marketing preferences. If you do not wish to continue receiving marketing information from us (or any third party, if applicable) at any time :

  • You can unsubscribe or opt out by sending a request via email to datacontroller@mceinsurance.com.
  • Contacting our Customer Experience Team to make the request on 01933 351361.

We will process all opt-out requests as soon as possible, but please note that due to the nature of our IT systems and servers it may take a few days for any opt-out request to be implemented.

11. Security

We are committed to ensuring that your personal Information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal information we collect.

12. Keeping Personal Information up to date

Please let us know if your personal information changes as it is important that the information we hold about you is accurate and up to date. We will not be responsible for any errors or personal information losses because of not being informed of a change in personal information.

13. Your rights regarding Personal Information

You have the following rights under current legislation:

  • The right to be informed – This privacy policy provides our obligation to provide “fair processing information”. We may also provide information to you during a telephone call, notes as part of an application form, and prompts during an e commerce journey
  • The right of access - Access to personal data and supplementary information we hold on you
  • The right to withdraw consent – Where we require explicit consent to process your data, you are able to withdraw this
  • The right to rectification and data quality - To have personal data rectified if it is inaccurate or incomplete
  • The right to erasure including retention and disposal – To request the deletion or removal of personal data where there is no compelling reason for its continued processing, provided that we do not need to retain the personal information to provide you with the services
  • The right to restrict processing – Where you have highlighted an issue with the data
  • The right to data portability – This allows you to request certain categories of data we hold
  • The right to object – Where you have an objection on grounds relating to a situation particular to you

* In certain circumstances, we may need to restrict the above rights in order to safeguard the public interest (e.g. the prevention or detection of crime)

When exercising your rights regarding personal information, we will request that you submit a copy of your photo card driving licence or passport in order to confirm your identity. This provides us with an additional level of security to ensure we are sending personal information to the correct person

If you wish to exercise any of your rights, please email datacontroller@mceinsurance.com

14. Complaints

In the event of a complaint regarding the Personal Information we hold, please refer to our Complaints Procedure, which can be found at https://www.mceinsurance.com/content/mce-complaints/.

If you are not satisfied with our use of your personal data or our response to any request by you to exercise any of your rights, or if you think that we have breached the GDPR, then you have the right to complain to the ICO. Their contact options can be found at https://ico.org.uk/concerns/ .

15. Data Controllers and Data Protection Officers

The Data Controller for MCE Insurance is its Executive Committee who can be contacted on datacontroller@mceinsurance.com.

The insurance lifecycle involves the sharing of your personal data between insurance market participants, some of which you will not have direct contact with. Where data is provided to our business partners in relation to the service you have requested, they may also be acting as Data Controllers and Data Processors. If you would like more information about how any of our partners process data, please contact our Data Protection Officer through datacontroller@mceinsurance.com in the first instance. We will then notify you of the business partners for your data and their contact details, if required