Privacy Policy

1. ABOUT THIS POLICY

1.1 We appreciate your interest in our products and services and your visit to this website. Your privacy is important to us and we want you to feel comfortable with how we use and share your personal information.

1.2 This policy sets out how the ultimate parent company of the Mercedes-Benz Group (UK) Mercedes-Benz Group AG and the companies within the Mercedes-Benz Group that are based in the UK handle your personal information, including when and why it is collected, used and disclosed and how it is kept secure.

1.3 You will find our contact details at the end of this policy which you can use if you have any questions, including how to update or access your personal information or to make a complaint.

1.4 This policy may change, so please check this page from time to time to ensure that you’re happy with any changes.

1.5 This policy was last updated on 30th October 2023.

2. WHO WE ARE

2.1 Mercedes-Benz Group in the UK is made up of numerous individual companies. For further details, including a full list of these companies, please visit About Mercedes-Benz Group in Section 16. Whenever you deal with one of these companies, the ‘controller’ of your personal information will be the company in our group that you are interacting with or with whom your information has been shared. A ‘controller’ is a company that decides why and how your personal information is processed.

2.2 Where this policy refers to "we", "our" or "us" below, unless it mentions otherwise, it’s referring to the particular company that is the controller of your personal information.

3. HOW AND WHAT PERSONAL INFORMATION WE COLLECT

3.1 We may collect and process the following personal information about you:

Personal information you give to us: This is information about you that you give to us by entering information via our websites or our social media pages or by corresponding with us by phone, email or otherwise and is provided entirely voluntarily. The information you give to us includes your name, contact details (such as phone number, email address and address), enquiry details and your opinion of our products.

In addition to the above we will also store personal information only if you share that information; for instance, by filling out a registration form, contact form, survey, contest entry or to execute a contract In such cases we will, store only the data we are allowed to keep based on consent given by you or in accordance with applicable legal regulations.

Personal Information we collect about you: We store certain information about the browser and operating system you are using; the date and time of your visit; the status of interaction (e.g. whether you were able to access the website or received an error message); the usage of features on the website; any search phrases you entered; how often you visit individual websites; the names of files you access; the amount of data transferred; the Web page from which you accessed our website; and the Web page you visited after visiting our website, whether by clicking on links on our websites or entering a domain directly into the input field of the same tab (or window) of the browser in which you have our websites open. In addition we store your IP address and the name of your internet provider for seven days. This is for security reasons; in particular, to prevent and detect attacks on our websites or attempts at fraud.

Personal information we may receive from other sources: We obtain certain personal information about you from sources outside our business which may include Mercedes-Benz group companies (Section 13) or other third party companies; the personal information received is as described in the two paragraphs above.

3.2 Please see further How we use your personal information in Section 4 for details of the purposes for which we use the personal information we obtain from these sources and the legal basis on which we rely to process that information. The remaining provisions of this policy also apply to any personal information we obtain from these sources.

3.3 You are neither legally nor contractually obligated to share your personal information. However, certain features of our website may depend on the sharing of personal information. If you do not provide your personal information in such cases, you may not be able to use those features, or they may be available with very limited functionality.  

3.4If telematics software is installed in the vehicle, the vehicle manufacturer or telematics services provider may share vehicle location data with Mercedes-Benz Group (UK) in order to satisfy internal asset audit requirements or retake possession of the vehicle if it reasonably suspects that the vehicle has been abandoned (or that you have otherwise breached any term of an agreement with Mercedes-Benz Group (UK)) and you do not respond satisfactorily despite attempts to contact you or if the data is requested by law enforcement agencies.  No behavioural or vehicle usage data is shared with Mercedes-Benz Group (UK).  Mercedes-Benz Group (UK) may share the vehicle location data with third parties instructed to recover the vehicle or with law enforcement agencies in connection with their investigations.

3.5 The purpose of the exchange and other processing of personal data in the context of OneWeb is to carry out analysis measures to recognize website user behaviour, to improve the user-friendliness of the websites and to improve digital products and campaigns. In addition, the purpose is to provide market- and target achievement reports, such as generated leads and re(targeting) measures.

4. HOW WE USE YOUR PERSONAL INFORMATION

4.1 Where you have provided CONSENT

We may use and process your personal information where you have consented for us to do so for the following purposes:

  • to share your personal information with our authorised dealers to arrange test drives or where you have requested a call back;

  • to supply brochures and other material you have specifically requested from us;

  • to contact you via email, text message, post or telephone with marketing information about Mercedes-Benz and Smart vehicles and other products and services (see Marketing section below for further details);

  • to share your personal information with our authorised dealers or our recommended third party partners for them to contact you with marketing information about their products and services. Please see the Marketing section below in this policy to find out more about these third parties;

  • to process payments on your behalf including but not limited to card payments taken over the phone for the purposes of making payment of a deposit related to a vehicle; and

  • to complete other processing activities that you have expressly requested us to complete or you have expressly agreed to us performing.

4.2 You may withdraw your consent for us to use your information in any of these ways at any time. Please see Withdrawing your consent in Section 8.4 for further details.

4.3 Where required to perform a CONTRACT with you

We may use and process your personal information where it is necessary for the performance of a contract with you or in order to take steps at your request before entering into a contract with you including, but not limited to, for the following purposes.

  • To exchange information for warranty/aftersales;

  • To allow for the provision of third party breakdown services by our breakdown provider;

  • If you take a finance or lease agreement with Mercedes-Benz Financial Services UK Ltd – see also section 14;

  • If you take insurance cover or premium financing via Mercedes-Benz Insurance Services UK Ltd – see also section 15;

4.4 Where it is in your VITAL INTEREST

We may use your personal information to contact you if there are any urgent safety or product recall notices to communicate to you or where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any potential harm to you. It is in your vital interests for us to use your personal information in this way.

4.5 Where required to comply with our LEGAL OBLIGATIONS

We will use your personal information to comply with our legal obligations including: (i) to assist HMRC, the Police, the Driver and Vehicle Licensing Agency (DVLA) or any other public authority or criminal investigation body; (ii) to identify you when you contact us; and (iii) to verify the accuracy of data that we hold about you.

4.6 Where there is a LEGITIMATE INTEREST

We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business for the following purposes:

  • for analysis, and profiling to inform our marketing strategy, and to enhance and personalise your customer or visitor experience;

  • for market research in order to continually improve the products and services that we and our authorised dealers deliver to you;

  • to administer our websites and for internal operations, including troubleshooting, testing, statistical purposes;

  • for marketing activities (other than where we rely on your consent) e.g. to tailor marketing communications or send targeted marketing messages via social media and other third party platforms;

  • for the prevention of fraud and other criminal activities;

  • to undertake credit checks for finance;

  • for the processing of your personal data for the purposes of (further) development of risk instruments and the related reporting by the market and Mercedes-Benz Mobility AG as joint controllers

  • to correspond and communicate with you;

  • to create a better understanding of you as a customer or visitor;

  • for network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;

  • to comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);

  • for the purposes of corporate restructure or reorganisation or sale of our business or assets;

  • for efficiency, accuracy or other improvements of our databases and systems e.g. by combining systems or consolidating records we or our group companies hold about you;

  • to enforce or protect our contractual or other legal rights or to bring or defend legal proceedings; and

  • for general administration including managing your queries, complaints, or claims, and to send service messages to you.

  • To provide information to government bodies or agencies for administration purposes.

5. OTHERS WHO MAY RECEIVE OR HAVE ACCESS TO YOUR PERSONAL INFORMATION

5.1 Group companies

We may share your information with other companies within the Mercedes-Benz Group. They may use your personal information in the ways set out in How we use your personal information in Section 4, in connection with products and services that complement our own range of products and services, for example finance or insurance products.

Please visit About Mercedes-Benz Group in Section 16 for the details of our group companies with whom we may share your personal information.

5.2 Our suppliers and service providers

We may disclose your information to our third party service providers, agents, subcontractors and other organisations for the purposes of providing services to us or directly to you on our behalf. Such third parties may include cloud services providers (such as hosting and email management) or advertising agencies, administrative services or other third parties who provide services to us.

When we use third party service providers, we only disclose to them any personal information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.

5.3 Authorised dealers in our network

We may share your information with other companies within our Authorised Dealer Network. They may use your personal information in the ways set out in How we use your personal information in Section 4 or in connection with products and services that complement our own range of products and services, for example finance or insurance products.

5.4 Third parties who provide products and services

We work closely with various third parties to bring you a range of products and services which are complimentary to ours.

When you enquire about or purchase one or more of these products or services through us (e.g. via our websites), the relevant third party may use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them.

These third party product providers may share your information with us which we will use in accordance with this policy. In some cases, they will be acting as a controller of your information and therefore we advise you to read their privacy policy.

5.5 Other ways we may share your personal information

We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. We may also transfer your personal information if we’re under a duty to disclose or share it in order to comply with any legal obligation (e.g. by sharing your personal information with the DVLA), to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and customers.

However, we will always take steps with the aim of ensuring that your privacy rights continue to be protected.

6. WHERE WE STORE YOUR PERSONAL INFORMATION OUTSIDE THE EEA

6.1 All information you provide to us may be transferred to countries outside the European Economic Area (EEA, in particular USA and India. Further countries listed in our Consent Management System under “Cookie Settings” in the footer at the bottom of our website). By way of example, this may happen where any of our group companies are incorporated in a country outside of the EEA or if any of our servers or those of our third party service providers are from time to time located in a country outside of the EEA. These countries may not have similar data protection laws to the UK.

6.2 If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy. These steps include imposing contractual obligations on the recipient of your personal information or ensuring that the recipients are subscribed to ‘international frameworks’ (including but not limited to the use of EU standard contractual clauses, binding corporate rules or other applicable instruments (if any) that aim to ensure adequate protection. Please contact us using the details at the end of this policy for more information about the protections that we put in place and to obtain a copy of the relevant documents.

6.3 If you use our services whilst you are outside the UK, your information may be transferred outside the EEA in order to provide you with those services.

7. HOW LONG WE KEEP YOUR PERSONAL INFORMATION FOR

7.1 If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws.

7.2 We do not retain personal information in an identifiable format for longer than is necessary.

7.3 We may need your personal information to establish, bring or defend legal claims, in which case we will retain your personal information for 7 years after the last occasion on which we have used your personal information in one of the ways specified in How we use your personal information in Section 4.

7.4 The only exceptions to this are where:

  • the law requires us to hold your personal information for a longer period, or delete it sooner;

  • you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted in this section 7, or because we are required under the law (see further Erasing your personal information or restricting its processing in Section 8.6);

  • and in limited cases, the law permits us to keep your personal information indefinitely provided we put certain protections in place.

7.5

  • Where credit checks are completed, we will retain this information for 7 years, from the end of the finance agreement.

8. YOUR RIGHTS

8.1 Your ‘data subject’ rights:

You have a number of rights in relation to your personal information under data protection law. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within 30 days after we have received this information or, where no such information is required, after we have received your request.

8.2 Accessing your personal information

You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address at the end of this policy. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.

8.3 Correcting and updating your personal information

The accuracy of your information is important to us and we are working on ways to make it easier for you to review and correct the information that we hold about you.

In the meantime, if you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us in any of the details described at the end of this policy.

8.4 Withdrawing your consent

Where we rely on your consent as the legal basis for processing your personal information, as set out under How we use your personal information in Section 4, you may withdraw your consent at any time by contacting us using the details at the end of this policy. If you would like to withdraw your consent to receiving any direct marketing to which you previously opted-in, you can also do so using our unsubscribe tool. If you withdraw your consent, our use of your personal information before you withdraw is still lawful.

8.5 Objecting to our use of your personal information and automated decisions made about you

Where we rely on our legitimate business interests as the legal basis for processing your personal information for any purpose(s), as out under How we use your personal information in Section 4, you may object to us using your personal information for these purposes by emailing or writing to us at the address at the end of this policy. Except for the purposes for which we are sure we can continue to process your personal information, we will temporarily stop processing your personal information in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data.

You may object to us using your personal information for direct marketing purposes and we will automatically comply with your request. If you would like to do so, please use our unsubscribe tool.

You may also contest a decision made about you based on automated processing by contacting the data protection department.

8.6 Erasing your personal information or restricting its processing

In certain circumstances, you may ask for your personal information to be removed from our systems by emailing or writing to us at the address at the end of this policy. Unless there is a reason that the law allows us to use your personal information for longer, we will make reasonable efforts to comply with your request.

You may also ask us to restrict processing your personal information in the following situations:

  • where you believe it is unlawful for us to do so,

  • you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings.

In these situations, we may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.

8.7 Transferring your personal information in a structured data file

Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with your contract, as set out under Section 4 How we use your personal information, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file.

You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.

8.8 Complaining to the UK data protection regulator

You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed your personal information. Please visit the ICO’s website for further details.

9. SECURITY / COOKIES / LINKS / SOCIAL PLUGINS

9.1 Security measures we put in place to protect your personal information

All companies within the Mercedes-Benz Group use technical and organisational security measures to protect the personal information supplied by you and managed by us against manipulation, loss, destruction, and access by third parties. Our security measures are continually improved in line with technological developments.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information whilst in transit to our website and any transmission is at your own risk.

Where we have given (or where you have chosen) a password which enables you to access an account, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

9.2 Use of 'cookies'

'Cookies' are small pieces of information sent to your device and stored on its hard drive to allow our websites to recognise you when you visit. Information on the cookies that we use and their features can be found in the cookies section.

9.3 Links to other websites

Our website may contain links to other websites run by other organisations which we do not control. This policy does not apply to those other websites and Apps‚ so we encourage you to read their privacy statements. We are not responsible for the privacy policies and practices of other websites and Apps (even if you access them using links that we provide) and we provide links to those websites solely for your information and convenience. We specifically disclaim responsibility for their content, privacy practices and terms of use, and we make no endorsements, representations or promises about their accuracy, content or thoroughness. Your disclosure of personal information to third party websites is at your own risk.

In addition, if you linked to our website from a third party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.

9.4 Third Parties and Social plugins

Our websites may also contain third-party offers. If you click on any such offers, we will transfer the amount of data required to the appropriate provider (e.g. the fact that you found the offer in question on our website and, if applicable, additional information that you have already provided for this purpose on our websites). 

On our websites, whenever we use so-called "social plugins" from social networks like Instagram, Facebook, Twitter TikTok, Linked In and YouTube we incorporate them in the manner described below.

When you visit our websites, social media plugins are deactivated. That means no information whatsoever is transferred to the operators of those networks. If you wish to use one of the networks, click on the appropriate plugin in order to be connected directly to that network's server.

If you have a user account with that network and are logged in at the moment you activate the plugin, the network will be able to detect your visit to our websites and assign it to your user account. If you wish to prevent that, please log off from the network before activating the social plugin. A social network will not be able to detect that you have visited other Mercedes-Benz websites unless you have activated its social plugin on those sites as well.

When you activate a social plugin, the network transfers the content thus made available directly to your browser, which incorporates it into our websites. In that situation, data transfers initiated and controlled by the respective social network may also take place. Your connection to a social network, the data transfers that take place between the network and your system, and your interactions on that platform are governed exclusively by the respective network's data protection provisions.

The social plugin will remain active until you deactivate it or delete your cookies.

Further information on cookies can be found at:- https://www.mercedes-benz.co.uk/passengercars/content-pool/tool-pages/legal/cookies.html

Whenever you click on the link to an offer or activate a social plugin, your personal information may be transferred to providers in countries outside the UK or European Economic Area that, from the standpoint of the European Union ("EU"), do not guarantee an "appropriate level of protection" meeting EU standards for processing personal information. Please keep these circumstances in mind before you click on a link or activate a social plugin, thereby causing your data to be transferred.  

10. ANALYSIS OF USER DATA AND USE OF ANALYTICS TOOLS

10.1  We want the content of our websites to match your preferences as closely as possible, thereby improving what we offer you. To identify especially popular areas of our websites, we use the following analysis tools: Google Analytics and Adobe Analytics.

10.2  When we employ these analytics tools, information may be transferred to servers located in the US and processed there. Please note the following: From the standpoint of the European Union, the United States does not provide an "appropriate level of protection" meeting EU standards for the processing of personal information. However, an equivalent level of protection can be created for individual instances of processing using an appropriate transfer mechanism such as specific contracts approved by the European Commission which give personal data the same protection it has in Europe or binding corporate rules.

10.3  If you do not wish us to use the above named analytics tools to collect and analyse information about your visit to our websites, you may permanently object to the practice (opt out) at any time.

We will comply with your rejection by placing an opt-out cookie in your browser. This cookie will only indicate that you have opted out. Please note that, for technical reasons, an opt-out cookie affects only the browser in which it has been installed. If you delete the cookie or use a different browser or device, you will need to opt out again.

10.4  Below you will find information about the providers of the analytics tools and the respective opt-out procedures:

i. Google Analytics from Google Inc. ("Google"):

You can prevent your information from being transferred as well as collected and processed by Google. Google provides information about this at the following link: https://tools.google.com/dlpage/gaoptout?hl=gb

ii.    Adobe Analytics from Adobe Systems Inc. ("Adobe")

You can follow this link to opt out of analysis using Adobe Analytics: http://www.adobe.com/gb/privacy/opt-out.html.

iii. Facebook Ireland Ltd (“Facebook”)

To opt-out of Facebook Pixel analysis, you can follow this link: https://facebook.com/ads/preferences

11. Targeting and Retargeting

11.1 We use so-called targeting, retargeting and cookie-less technologies in order to tailor our online marketing (e.g. banner ads) more specifically to your needs and interests. Adobe Target, Flashtalking by Simplicity Marketing Limited, Google Search Ad, Google Display & Video 360, Facebook Pixel, Salesforce Data Management Platform, Trade Desk from The Trade Desk Inc. These are monitored and used when you visit other websites that work together with the providers of these (re-)targeting technologies, so as to inform you while meeting your interests as closely as possible.

When the above technologies are used, cookies on our websites and (in the case of retargeting) on the websites of others register your interest in our products and services. In the process, random identifiers (so-called cookie IDs) are used which are not brought into connection with your name, your address or similar information, even if this information is known to us (e.g. from an existing contractual relationship), unless you have consented to this.

Further information about the above technologies from the respective providers, and the associated processing of personal data, can be found at the following links:

Adobe: https://www.adobe.com/uk/privacy.html

Google: https://policies.google.com/technologies/partner-sites

Simplicity Marketing Limited: https://www.flashtalking.com/consumer-privacy

Salesforce Data Management Platform (DMP): https://www.salesforce.com/uk/company/privacy/

Trade Desk from the Trade Desk Inc. https://www.adsrvr.org/

Facebook Ireland Ltd., Dublin, Ireland: https://www.facebook.com/about/privacy/update and https://help.instagram.com/519522125107875

You can manage and deactivate the use of cookies on the following websites for the technology providers listed there or in your browser as explained in our cookie statement:

https://www.youronlinechoices.com/uk/your-ad-choices

https://optout.aboutads.info

During the retargeting process, we may also collect information about your interest in the products and services of our retargeting partners.

When these targeting and retargeting tools are used, some data may be transferred to servers located in the United States and processed there.

For legal reasons, the use of tracking and (re-) targeting technologies is sometimes only possible with your express consent (so called opt in see 11.2). In other cases you can object to the use of such technologies if you wish (so called opt out see 11.3),

11.2     Use of online marketing products – Opt-in

We only use online marketing products from Google (e.g. Search Ad, Display & Video 360) and Facebook (so-called “Facebook Pixel”) with your express consent, which you can grant by clicking on the "Agree" button in the so-called Cookie Information Layer ("Opt-in"). We store this consent in a cookie on your device so that you are not asked for consent again each time you visit our websites, and for legal reasons, also on our servers with the IP address and a time stamp; we delete this information or restrict its processing if you withdraw your consent or 6 months at the latest after your last visit to our websites.

Should you change your mind at any time, you can withdraw your consent by clicking on the following link:

Withdraw consent to online marketing products from Google and Facebook.

To delete cookies set with your consent when visiting our websites after your consent to these online marketing products is withdrawn, please visit the following websites or delete the cookies in your browser as explained in our cookies statement:

Google: https://adssettings.google.co.uk/anonymous

Facebook and Instagram: http://facebook.com/ads/preferences

12. MARKETING

12.1 We may collect your preferences to send you marketing information directly from us by email/SMS(where applicable) including:

  • if you register an account with us online; or

  • if you book a test drive or request a call back.

We will only do so if you have consented to receiving such marketing information directly from us.

12.2 We may contact you with targeted advertising delivered online through social media and platforms (operated by other companies) by using your personal information,or use your personal information to tailor marketing to improve its relevance to you, unless you object.

12.3 We will only share your personal information with recommended third parties for them to contact you with marketing information about their products and services where you have indicated that you would like us to do so. Please use the link on the page requesting your consent to find out more about these third parties. Once shared, the relevant third party’s privacy policy will apply to their processing of your personal information, not ours. If you’d like to opt-out of receiving marketing from a third party after providing your consent, you can do so at any time by contacting the relevant third party directly.

12.4 If you opt-in to receiving marketing from our recommended third parties, you will receive marketing from the third parties listed in the table below via your preferred communication methods indicated by you:

Our group companies (see About Mercedes-Benz Group in Section 16 below).

Our Authorised Agents:

(Legal name / Trading as):

Arnold Clark Automobiles Limited / Arnold ClarkCity West Country Limited / City West CountryCruickshank Motors Limited / SytnerDerwent Vehicles Limited / PendragonDrayton Group Limited / DraytonEsplanade Limited / EsplanadeFalcon of Hull & Lincolnshire / ListersG. F. Evans and Sons Limited / Regent Garage Mercedes-Benz Authorised RepairerGerard Mann Limited / InchcapeGreenoaks (Maidenhead) Limited / Vertu MotorsHughes of Beaconsfield Limited / Vertu Motors

Hedin Automotive / HedinIsaac Agnew / Isaac AgnewJAM300 Limited / Europa Mercedes-Benz Authorised RepairerJCT600 Limited (South Yorkshire) Limited / JCT600Jacksons (C.I.) Limited / Jackson (C.I.)L&L Inc Limited / L&LLSH Auto UK Limited / LSHLancaster Plc / LancasterMB South Limited / LookersMarshall North West Limited / Marshall North WestMertrux Limited / Mertrux Mercedes-Benz Authorised RepairerPentagon Limited / Marshall SouthRobinsons Autostar Garage Limited / Group 1 AutomotiveSandown Dorset and Wiltshire Limited / Sandown (Dorset & Wiltshire)Sandown Surrey and Hampshire Limited / Sandown (Surrey & Hampshire)Sinclair Garages (Newport) Limited / SinclairWaterhouse Limited / Waterhouse Mercedes-Benz Authorised RepairerWestern Automobile Company Limited / Western Automobile Co Limited

Whitestone Garage Limited / Mercedes-Benz of MannArthur Spriggs & Sons Ltd / Arthur Spriggs & Sons LtdAuto Services Perth Ltd / Auto Services Perth Ltd

Automania Garage Services Limited / AGSBell Truck Sales Limited / Bell Truck & Van

BLS Commercials Limited / BLS Truck and VanCiceley Commercials Limited / Ciceley CommercialsCity West Commercials Limited / City West Commercials

eStar Truck and Van Limited / eStar Truck and VanEuro Commercials (South Wales) Limited / Euro CommercialsIntercounty Truck & Van Limited / Intercounty Truck & Van

JCB Medway Limited / Mercedes-Benz Van Centre MedwayM-B Truck and Van (NI) Limited / Mercedes-Benz Truck and Van (NI)Midlands Truck & Van Limited / Midlands Truck & Van

Motus Group (UK) Limited / Motus Truck and VanNorthside Truck & Van Ltd / Northside Truck & VanPentagon Limited / Marshall Truck and VanRossetts (UK) Limited / Rossetts CommercialsRygor Commercials Limited / Rygor Commercials

S&P Garages Ltd / S&P Garages LtdSnows Motor Group Ltd / Snows Motor Group LtdSparshatts of Kent Limited / Sparshatts of Kent LimitedWestern Automobile Company Limited / Western CommercialsWestern Truck Rental Limited / Western Truck Rental Limited

12.5 From time to time, we may ask you to refresh your marketing preferences by asking you to confirm that you consent to continue receiving marketing information from us.

12.6 You have the right to opt-out of our use of your personal information to provide marketing to you in any of the ways mentioned above. Please see Withdrawing your Consent in Section 8.4 and Objecting to our use of your personal information and automated decisions made about you in Section 8.5 above for further details on how you can do this.

13. MERCEDES-BENZ AG’S CENTRAL REGISTRATION SERVICE

With the Central Registration Service offered by Mercedes-Benz AG, you can sign up for every website and application belonging to the Mercedes-Benz Group and its brands that are connected to the service. The terms of use for the Central Registration Service contain special data protection provisions. Those terms of use can be found on the registration pages of affiliated websites and applications under "Terms and Conditions of Registration."

14. CHANGES TO THIS POLICY

We may review this policy from time to time and any changes will be notified to you by posting an updated version on our website and/or by contacting you by email. Any changes will take effect 7 days after the date of our email or the date on which we post the modified terms on our website, whichever is the earlier. We recommend you regularly check for changes and review this policy when you visit our website. If you do not agree with any aspect of the updated policy, you must promptly notify us and cease using our services.

15. CONTACT US If you have any questions, suggestions or complaints about the processing of your personal information or wish to contact us to amend/update your marketing preferences with a UK company within the Mercedes-Benz Group, please contact the Mercedes-Benz UK Data Protection Co-ordinator.

Mercedes-Benz UK Data Protection Co-ordinator:

Mercedes-Benz Group UK Ltd Legal Department Tongwell, Milton Keynes MK15 8BA

Email: datacompliance@Mercedes-Benz.comTelephone: 0080097777777

Provider – Mercedes me Connectivity Services

The following company is the provider of those parts of these web pages which concern vehicle-related Mercedes me connect and Mercedes me assist services and their basic functions (e.g. log-in, profile, inbox, settings, connected vehicles):

Mercedes-Benz AG

Mercedesstrasse 137

70327 Stuttgart

Germany

Tel. no.: +49 7 11 17-0

Email: dialog@Mercedes-Benz.com

Represented by the Board of Management:

Ola Källenius (Chairman), Jörg Burzer, Renata Jungo Brüngger, Sabine Kohleisen, Harald Wilhelm, Markus Schäfer, Britta Seeger, Hubertus Troska

Chairman of the Supervisory Board:

Bernd Pischetsrieder

Commercial Register at Stuttgart District Court, no. HRB 19360

Responsible in accordance with the General Data Protection Regulation (GDPR) for Mercedes me Connectivity Services: For the purposes of data protection law, the following company is the provider of those parts of these web pages which concern vehicle-related Mercedes me connect and Mercedes me assist services and their basic functions (e.g. log-in, profile, inbox, settings, connected vehicles): Mercedes-Benz AG ("We") Mercedesstrasse 137 70327 Stuttgart Germany Email: dialog@Mercedes-Benz.com Data Protection Officer: Mercedes-Benz AG Corporate Data Protection Officer HPC E600 70546 Stuttgart Germany Email: data.protection@Mercedes-Benz.com

Mercedes-Benz Mobility AG can be contacted at the following address:

Mercedes-Benz Mobility AG Corporate Data Protection Officer HPC E600 70372 Stuttgart Germany Email: data.protection@Mercedes-Benz.com


Responsible in accordance with the General Data Protection Regulation (GDPR) for Mercedes me Connectivity Services:

For the purposes of data protection law, the following company is the provider of those parts of these web pages which concern vehicle-related Mercedes me connect and Mercedes me assist services and their basic functions (e.g. log-in, profile, inbox, settings, connected vehicles):

Mercedes-Benz AG ("We"), Mercedesstrasse 137, 70327 Stuttgart, Germany 

Email: dialog@mercedes-benz.com

Data Protection Officer:

Mercedes-Benz AG, Corporate Data Protection Officer, HPC E600, 70546 Stuttgart, Germany

Email: data.protection@mercedes-benz.com  

Mercedes-Benz Mobility AG can be contacted at the following address:

Mercedes-Benz Mobility AG, Corporate Data Protection Officer, HPC E600, 70372 Stuttgart, Germany

Email: data.protection@mercedes-benz.com

16. ABOUT MERCEDES-BENZ GROUP and UK COMPANIES

Mercedes-Benz Group Company (UK companies): Mercedes-Benz UK Limited

Registered Address: Tongwell, Milton Keynes, MK15 8BA

Company registration Number: 2448457 Associated Brands: smart and Mercedes-Benz World

Website: Click here


Mercedes-Benz Group Company (UK companies): Mercedes-Benz Parts Logistics UK Limited

Registered Address: Tongwell, Milton Keynes, MK15 8BA

Company registration Number: 10304278 Associated Brands: -


Mercedes-Benz Group Company (UK companies): Mercedes-Benz Financial Services UK Limited

Registered Address: Tongwell, Milton Keynes, MK15 8BA

Company registration Number: 2472364 Associated Brands: -

Website: Click here


Mercedes-Benz Group Company (UK companies): Mercedes-Benz Insurance Services UK Limited

Registered Address: Tongwell, Milton Keynes, MK15 8BA

Company registration Number: 03510012 Associated Brands: -

Website: Click here


Mercedes-Benz AG: Mercedes-Benz AG

Registered Address: Mercedes straße 137 , 70327 , Stuttgart , Germany

Company registration Number: - Associated Brands: -

Website: Click here


Mercedes-Benz AG: Mercedes-Benz Financial Services AG

Registered Address: Siemenstr.7, 70469, Stuttgart, Germany

Company registration Number: HRB 737788 Associated Brands: -

Website: Click here


Mercedes-Benz AG: Mercedes-Benz Mobility AG

Registered Address: HPC E600, 70372, Stuttgart, Germany

Company registration Number: - Associated Brands: -

Website: Click here

17. FINANCE AND LEASING BY MERCEDES-BENZ FINANCIAL SERVICES UK LTD (MBFS)

Mercedes-Benz Financial Services UK Limited Privacy Notice

Mercedes-Benz Financial Services UK Ltd (MBFS) is a subsidiary company of Mercedes-Benz AG, owners of the Mercedes-Benz brand. MBFS works with other subsidiary companies which includes our Agent partners and Dealer Network in the UK to provide finance, leasing and related services to Mercedes-Benz and smart customers.

How your Personal Information is used

MBFS takes your privacy seriously. Unless you have agreed otherwise, your personal information will only be used to provide the financial services you have requested from us and to administer your agreement.

Your details will be shared with third parties who include our agents, credit reference and fraud agencies, group companies and the Mercedes-Benz Agent / Dealer supplying the vehicle.

Details may be transferred out of the European Economic Area and will at all times be held securely and handled with the utmost care. Your details will be stored, but will not be retained longer than necessary. Your personal data is protected by legal rights which are detailed later in this document.

MBFS may disclose the data provided by or about you to a third party in connection with our corporate finance purposes, which may include granting such third parties the right to receive amounts you owe us.

For the purposes of (further) development and reporting, the data from past credit checks over the last three months before the final credit decision is processed in pseudonymous form. The credit checks that are performed for corporate customers during the term of the agreement in order to review or adjust the line of credit is also processed in pseudonymous form for this purpose. During the term of the financing agreement, for the purposes of (further) developing risk instruments and reporting, pseudonymous information about your payment history will be processed. This information on your actual payment history during the term of the agreement will be paired with the data from the credit checks

Your Eligibility for Credit

In order to process your eligibility check, we will perform credit and identity checks with one or more Credit Reference Agencies (CRAs). We will supply your personal information to CRAs and they will provide us with information about you.

MBFS uses CRAs to help make its lending decisions and to identify its customers by supplying public and shared credit information. Public information includes: information from the electoral register to help confirm names and addresses, information on County Court Judgments, Scottish Decrees, Bankruptcies, Individual Voluntary Arrangements and Administration Orders. Shared credit information includes information relating to both your current financial situation and history, in addition to information used for the purposes of fraud prevention.

We will use this information to:

Assess your creditworthiness, such as assessing how you have maintained previous and current credit commitments; and

Trace you at your supplied address(es) using publicly available information.

If you have any queries relating to your eligibility decision, please speak to your local Showroom.

You can also contact the Credit Reference Agency directly for a copy of your statutory credit report; they may charge a fee for this. Our information provider is :

Equifax Ltd

Customer Service Centre

PO Box 10036

Leicester

LE3 4FS

www.equifax.co.uk

Your Application for Credit

In order to process your application, we will perform credit and identity checks with one or more Credit Reference Agencies (CRAs). We may also make periodic searches at CRAs to manage your agreement with us.

We will supply your personal information to CRAs and they will provide us with information about you. CRAs will supply public (such as the electoral register) and shared credit information. This will include information relating to both your financial situation and history in addition to information used for the purposes of fraud prevention.

We will use this information to:

  • Assess your creditworthiness and determine whether you can afford to take the vehicle

  • Verify the accuracy of the data you have provided to us

  • Prevent criminal activity, fraud and money laundering

  • Manage your account(s)

  • Trace and recover debts

  • Ensure any offers provided to you are appropriate to your circumstances.

We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs.

When CRAs receive a search from us, they will place a search footprint on your credit file that may be seen by other lenders.

If you are making a joint application, or inform us that you have a spouse, partner or financial associate, we will link your records together. Please ensure you discuss this with the relevant parties, and share this information with them, before lodging the credit application. CRAs will also link your records together and these links will remain on your and their files until such time as you or any other individual involved in a joint application successfully files for a disassociation with the CRAs.

If you are making this application as a partner in a firm or as the director of a limited company, MBFS may also carry out searches with credit reference and/or fraud prevention agencies in respect of other partners and directors. By making this application you warrant that your partners or directors understand that MBFS will be carrying out such searches and using their personal information.

The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail in the Credit Reference Agency Information Notices (CRAIN). CRAIN is accessible from each of the three CRAs listed below:

Call Creditwww.callcredit.co.uk/crain

Equifaxwww.equifax.co.uk/crain

Experianwww.experian.co.uk/crain

The personal information we have collected from you will also be shared with fraud prevention agencies. It will be used to prevent fraud and money-laundering and to verify your identity. These checks require us to process your personal data. If fraud is detected, you could be refused certain services, finance or employment. The Fraud prevention agencies used are:

CIFAS – https://www.cifas.org.uk/contact-us

National Hunter - https://nhunter.co.uk/contact-us/The personal data provided will be used to prevent fraud and money laundering, and to verify your identity. This includes but is not limited to your name, address, date of birth, contact details, financial information, employment details, device identifiers including IP address and vehicle details. We, and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.

We process your personal data because we have a legitimate interest in preventing fraud and money laundering, and to verify your identity to protect our business, and to comply with the law. Such processing is also a contractual requirement of our provision of financial services.

Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.

Data is also shared with Mercedes-Benz Mobility AG for credit checking. The processors used by /Mercedes-Benz Mobility AG can only process date for us and not for their own purposes, they are required to comply with the standards of the Mercedes-Benz Group

Automated Decisions

As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if our processing reveals your behaviour to be consistent with that of known fraudsters or money launderers, or is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity.

Consequences of Processing

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the financial services you have requested, or we may cease to provide existing services to you.

A record of any fraud or money laundering risk will be retained by fraud prevention agencies, and may result in others refusing to provide services, finance or employment to you. If you have any questions about this, please contact us on the details below.

Transfer of Data

Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data. This protects your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to 'international frameworks' intended to enable secure data sharing.

Your Legal Rights

Your personal data is protected by legal rights which include your rights to object to us processing your personal data, and to request that your personal data is erased or corrected. You may request access to your personal data. To exercise your data protection rights, please contact us using the contact details below. You also have a right to complain to the Information Commissioner's Office which regulates the processing of personal data. Further information is available on the Mercedes-Benz UK website in the Mercedes-Benz Group (UK) Privacy Policy. You may also contact the Data Protection Officer, Mercedes-Benz Financial Services UK Ltd, Tongwell, Milton Keynes MK15 8BA. Tel: to 0808 208 1701 or email MBFSUK.DPA@Mercedes-Benz.com

18. INSURANCE AND PREMIUM FINANCING VIA MERCEDES-BENZ INSURANCE SERVICES UK LTD (DIS)

DIS is an insurance intermediary working with a panel of insurers. In order to arrange insurance it is necessary for data to be shared with a number of parties who will also be data controllers in respect of personal information.

Personal data may be obtained directly from individuals (including data submitted on-line or by telephone calls); from family members (with appropriate authority), employers, credit reference agencies, anti-fraud databases and other market participants.

The following tables endeavour to clarify the categories of data, the purpose of the processing and the legal basis of processing.

The categories of data collected about you:

Category: Individual details

Details: Name, address (and proof of address), other contact details (e.g. email and telephone details), gender, marital status, family details, date and place of birth, employment history, relationship to the policyholder, insured or claimant

Category: Identification details

Details: Identification numbers issued by government bodies or agencies, that is social security or national insurance number, passport number, tax identification number, driver licence number

Category: Financial information

Details: Payment card number, bank account number and account details, income and other financial information

Category: Insured risk

Details: Information about the insured risk, which contains personal information and may include:

  • Health data

  • Criminal records data

  • Other sensitive data

Category: Policy information

Details: Information about the quotes you receive and policies you take out

Category: Credit and anti-fraud data

Details: Use information relating to you and your vehicle or home in order to obtain information from third parties including a credit report for the purpose of providing a quotation.

Adding of information about you to the Motor Insurance Database (“MID”) managed by Motor Insurance Bureau (“MIB”). MID and the data stored on it may be used by certain statutory bodies including the Police, the DVLA, the DVANI and the Insurance Fraud Bureau.

Information may include:

  • Personal information

  • Vehicle information

  • Criminal records data

  • Other sensitive data

Category: Previous claims

Details: Information about previous claims, which may include:

  • Health data

  • Criminal records data

  • Other sensitive data

Category: Current claims

Details: Information about current claims, which may include:

  • Health data

  • Criminal records data

  • Other sensitive data

  • Health data

Category: Health data

Details: Current or former physical or mental medical conditions; health status; injury or disability information; medical procedures performed; relevant personal habits (for example, smoking or consumption of alcohol); prescription information; and medical history

Category: Criminal records data

Details: Unspent convictions including driving offence 


Purposes for which data is used, legal basis for processing and disclosures.

= Automated decision making

P = Profiling

SD = may contain sensitive personal data

Broker - Mercedes-Benz Insurance Services UK Limited

Set up as a client, incl fraud, credit, AML and sanctions checks - AP

Categories of data:

  • Individual details

  • Marketing data

  • Identification

  • Payment details

  • Credit and anti-fraud data (SD)

Legal grounds:

  • Perform contract

  • Legitimate interests

Sensitive data:

  • Substantial public interest

  • Conditional consent

Disclosures:

  • Group companies providing admin 

  • Credit reference agencies 

  • Anti-fraud databases

  • Service providers

Evaluate risks you need covered & matching to appropriate policy/premium - AP

Categories of data:

  • Individual details

  • Identification

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Credit and anti-fraud data (SD)

  • Criminal records (SD)

Legal Grounds:

  • Perform contract

  • Legitimate interests

Sensitive data:

  • Conditional consent

Disclosures:

  • Group companies providing admin

  • Service providers

General client care

Categories of data:

  • Individual details

  • Insured risk (SD)

Legal Grounds:

  • Perform contract Legitimate interests

Disclosures:

  • Group companies providing admin

  • Service providers

For general risk models

Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

  • Criminal records (SD)

Legal Grounds:

  • Legitimate interests

Sensitive data:

  • Conditional consent

Disclosures:

  • Group companies providing admin

  • Service providers

Payments to and from individuals

Categories of data:

  • Individual details

  • Financial Information

Legal Grounds:

  • Perform contract

  • Legitimate interests

Disclosures:

  • Group companies providing admin 

    Banks

  • Service providers for insurance claims

For insurance claims

 Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

Legal Grounds:

  • Perform contract Legitimate interests

Sensitive data:

  • Conditional consent

  • Establish legal rights 

 Disclosures:

  • Group companies providing admin 

  • Claims handlers 

  • Solicitors 

  • Loss adjusters 

  • Experts 

  • Third parties involved in the claim

  • Service providers

To defend or prosecute legal claims

Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk(SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

Legal Grounds:

  • Perform contract

  • Legitimate interests

Sensitive data:

  • Conditional consent

  • Establish legal rights 

  Disclosures:

  • Group companies providing admin 

  • Claims handlers

  • Solicitors

  • Loss adjusters 

  • Experts

  • Third parties involved in the claim

  • Service providers to investigate & prosecute fraud

To investigate & prosecute fraud

 Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Health data (SD)

  • Criminal records data (SD)

  • Other sensitive data (SD)

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

Legal Grounds:

  • Perform contract Legitimate interests

Sensitive data:

  • Conditional consent

  • Legal claims

  • Detection of an unlawful act

Disclosures:

  • Group companies providing admin 

  • Solicitors 

  • Private Investigators

  • Police 

  • Experts

  • Third parties involved in the investigation or prosecution

  • Other insurers

  • Anti-fraud databases

As required by law or regulatory duties

Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

  • Marketing data

Legal Grounds:

  • Legal obligation

  • Sensitive data 

Disclosures:

  • FCA, ICO and other regulators

  • Police

  • Other insurers (under court order)

  • Service providers' transfer of books of business

Transfer of books of business

 Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

  • Marketing data

  • Criminal records (SD)

Legal Grounds:

  • Legitimate interests

  • Legal obligation (under a Part VII transfer)

  • Sensitive data

Disclosures:

  • Group companies providing admin

  • Courts

  • Purchaser Group companies providing admin

  • Courts

Sale or re-organisation of a business

Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

  • Marketing data

  • Criminal records (SD)

Legal Grounds:

  • Legitimate interests

  • Legal obligation (under a Part VII transfer)

  • Sensitive Data

Disclosures:

  • Group companies providing admin

  • Courts

  • Purchaser

Marketing analytics and direct marketing

Disclosures:

  • Individual details

  • Policy Information

  • Marketing data   


INSURERS & Administrators*

*Ageas UK Ltd, Allianz Worldwide Partners SAS, Alllianz Insurance Plc, AmTrust at Lloyds, AmTrust International, ANV Syndicates Limited, Arc Legal Assistance, Astrenska Insurance Limited, AutoProtect MBI Ltd, Auxillis Limited, Auxillis Service Ltd, Aviva Insurance Ltd, AWP Assistance UK Ltd, AXA Insurance Ltd, Covea Insurance Plc, ERS Syndicate Management Ltd, Liverpool Victoria Insurance Company Ltd, Lloyd Latchford Group Ltd, Markerstudy Insurance Company Ltd, NCI Insurance Services Limited, Premium Credit Limited, TFP Schemes Ltd, Zenith Insurance Ltd.

Set up as a client, incl fraud, credit, AML and sanctions checks

  • Evaluate risks you need covered & matching to appropriate policy/premium

  • General client care

  • For general risk models

  • Payments to and from individuals

  • For insurance claims

  • To defend or prosecute legal claims

  • To investigate & prosecute fraud

  • As required by law or regulatory duties

  • Transfer of books of business

  • Sale or re-organisation of a business  

Set up as a client, incl fraud, credit, AML and sanctions checks - AP

Categories of data:

  • Individual details

  • Marketing data

  • Identification

  • Payment details

  • Credit and anti-fraud data (SD)

Legal grounds:

  • Perform contract

  • Legitimate interests

Sensitive data:

  • Conditional consent

Disclosures:

  • Group companies providing admin 

  • Credit reference agencies 

  • Anti-fraud databases

Evaluate risks you need covered & matching to appropriate policy/premium - AP

Categories of data:

  • Individual details

  • Identification

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Credit and anti-fraud data (SD)

  • Criminal records (SD)

Legal Grounds:

  • Perform contract

  • Legitimate interests

Sensitive data:

  • Conditional consent

Disclosures:

  • Group companies providing admin

  • Service providers

General client care

Categories of data:

  • Individual details

  • Identification

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Credit and anti-fraud data (SD)

  • Current claims (SD)

Legal Grounds:

  • Perform contract

  • Legitimate interests

Sensitive data:

  • Conditional consent

Disclosures:

  • Group companies providing admin

  • Service providers

For general risk models

Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

  • Criminal records (SD)

Legal Grounds:

  • Legitimate interests

Sensitive data:

  • Conditional consent

Disclosures:

  • Group companies providing admin

  • Service providers' payments to and from individuals

Payments to and from individuals

Categories of data:

  • Individual details

  • Financial Information

Legal Grounds:

  • Perform contract

  • Legitimate interests

Disclosures:

  • Group companies providing admin 

  • Banks

  • Service providers

For insurance claims

 Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

Legal Grounds:

  • Perform contract Legitimate interests

Sensitive data:

  • Conditional consent

  • Establish legal rights 

 Disclosures:

  • Group companies providing admin 

  • Claims handlers 

  • Solicitors 

  • Loss adjusters 

  • Experts 

  • Third parties involved in the claim

  • Service providers

  • To defend or prosecute legal claims

To defend or prosecute legal claims

Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk(SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

Legal Grounds:

  • Perform contract

  • Legitimate interests

Sensitive data:

  • Conditional consent

  • Establish legal rights 

  Disclosures:

  • Group companies providing admin 

  • Claims handlers

  • Solicitors

  • Loss adjusters 

  • Experts

  • Third parties involved in the claim

  • Service providers

  • To investigate & prosecute fraud

To investigate & prosecute fraud

 Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Health data (SD)

  • Criminal records data (SD)

  • Other sensitive data (SD)

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

Legal Grounds:

  • Perform contract Legitimate interests

Sensitive data:

  • Conditional consent

  • Legal claims

  • Detection of an unlawful act

Disclosures:

  • Private Investigators

  • Police 

  • Experts

  • Third parties involved in the investigation or prosecution

  • Other insurers

  • Anti-fraud databases

As required by law or regulatory duties

Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

Legal Grounds:

  • Legal obligation

  • Sensitive data 

Disclosures:

  • FCA, ICO and other regulators

  • Police

  • Other insurers (under court order)

  • Service providers

Transfer of books of business

 Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

Legal Grounds:

  • Legitimate interests

  • Legal obligation (under a Part VII transfer)

  • Sensitive data

Disclosures:

  • Group companies providing admin

  • Courts

  • Purchaser

Sale or reorganisation of a business

 Categories of data:

  • Individual details

  • Identification details

  • Financial information

  • Credit and anti-fraud data (SD)

  • Insured risk (SD)

  • Policy information

  • Previous claims (SD)

  • Current claims (SD)

Legal Grounds:

  • Legitimate interests

  • Legal obligation (under a Part VII transfer)

Sensitive data

  • Contest

Disclosures:

  • Group companies providing admin

  • Courts

  • Purchaser