1. How can you contact us?
MBIS is responsible for processing the personal information you provide to us and is registered with the Information Commissioners Office in the UK under the UK Data Protection Act 1998.
2. What information we collect
We will need to ask you for certain personal information to give you the best possible experience when you engage with us (via our websites and apps or otherwise) and when you use our products and services.
We will also collect other information about you and the devices you use to access our website, or we may ask third parties to do this for us, in these cases we do so by using technologies such as cookies.
When you apply for MBIS services we will ask you to provide some contact information. Contact information may include some or all of the following: full name, previous names, residential address, previous residential addresses, date of birth, landline phone number, mobile phone number and email address.
Where the services you select carry a cost, we will ask you to provide some payment information. Payment information may include credit card, debit card details and Bank details
For the web monitoring services that are available to some customers, we will ask you to provide your chosen information to be monitored. This may include some or all of the following: passport number, driving licence number, national insurance number, credit card details and any other information you choose to have us monitor.
_ga, _gali, _gat, _gid, _utm*
These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in a way that does not directly identify anyone, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited.
Civic Cookie Control
This cookie is used to remember a user’s choice about cookies on this site. Where users have previously indicated a preference, that user’s preference will be stored in this cookie.
wordpress_*, wp-*, PHPSESSID
WordPress uses session cookies in order to provide a better experience for the user. They will allow users to navigate the site easier and quicker by keeping the user logged in. There are cookies for regular users, logged in users and for commenters.
This cookie is native to PHP and enables websites to store serialized state data. It is used to establish a user session and to pass state data via a temporary cookie, which is commonly referred to as a session cookie. As the PHPSESSID cookie has no timed expiry, it disappears when the client is closed.
We may gather information from agencies. This may include (but is not limited to) some or all of the following: details of credit accounts held and repayment performance as well as public information such as inclusion on the electoral roll, bankruptcies and county court judgements.
3. How we use your information
We use your personal information in lots of ways to make our products and services as effective as possible.
To enable you to access our website and use our services
We will use your information to accept you as a new/returning customer and continue to provide you with our products and services.
So for example, if you get a new payment card with a later expiry date to the one you currently pay with (but all the other details stay the same), we may update your payment card expiry date accordingly
To send you service communications
We will use your information to contact you to tell you about changes to or issues affecting the services you are taking.
When opted-in we will use your information for marketing purposes such as if we think one of our products, services or offers may interest you, we or they may contact you about them by email, SMS, on the phone, through app notifications or through the post.
You can opt out of marketing communications at any time by following the instructions in the email or SMS or by contacting us email@example.com You can turn off app notifications at any time using the tools provided in your mobile operating system.
Internal training purposes
We will use your information to ensure that our team has the knowledge and expertise they need to ensure we provide the best possible experience to our customers when interacting with us.
To maintain our records and other administrative functions
Like any business, we need to ensure that we maintain comprehensive and up to date records of the ways we process your personal information and other operational activities and therefore we will process the information you provide for record-keeping, updates and general administrative purposes.
Complaint and dispute resolution
Whilst we will try to make sure that you are happy with the service we provide and do not feel the need to complain, if you do complain to us, we will use the information we have about you to help us manage your complaint.
To comply with the law
Like any other business, we are required to comply with many laws and regulations. We will, where necessary, use your personal data to the extent required to enable us to comply with these requirements.
To improve data accuracy and completeness
Personal information you provide to us may be used to improve the information we already hold about you in our role as a General Insurance Broker.
MBIS may use performance tracking technology within our emails to improve our future interactions with you. This means we are able to capture information including (but not limited to) the time and date you open our e-mails and the type of device used to open the email.
We use this information primarily to understand whether our e-mails are opened and what links are clicked on by our customers. We then use this information to improve the emails that we send to you and the services that we provide.
We may share this information with other organisations to help them improve their own interactions with you. Your personal data will not be passed to any third party for marketing purposes unless you already have an existing relationship with them. You will not receive marketing emails from such third party organisations unless you have given your prior consent to them to send emails to you
What are the legal grounds for handling personal information?
Data protection laws require that, where we process your personal data, we must satisfy at least one prescribed condition for processing. These are set out in data protection law and we rely on a number of different conditions for the activities we carry out.
Necessary for performance of a contract or to comply with law
In most cases, the information described above will be provided to us by you because you want to take services from us or engage with us and our use of your information will be governed by our Terms of Business. Giving this information to us is therefore your choice. If you choose not to give all or some of it to us, this may affect our ability to provide the services you want, to you. In particular, we may rely on this condition for processing in the following scenarios:-
- To enable you to access our website and use our services.
- To confirm your identity and authenticate the information you provide.
- To process payments and collect arrears.
- To provide and improve customer support.
- To send you service communications.
- To send you product eligibility alerts.
- Marketing – From time to time, we would like to let you know about products, services and offers from MBIS
Necessary in our legitimate interests or those of a third party.
In the United Kingdom, we can also use personal information where the benefits of doing it are not outweighed by the interests or fundamental rights or freedoms of individuals. The law calls this the “Legitimate Interests” condition for processing. Where we rely on it, the benefits being pursued by us are:-
- Helping to prevent and detect crime such as fraud and money laundering.
- Complying with/supporting compliance with legal and regulatory requirements- we must comply with various legal and regulatory requirements. Additionally, the services we provide help other organisations to comply with their own legal and regulatory obligations. For example, MBIS is regulated by the Financial Conduct Authority.
- Internal training purposes – to enable us to train our staff to better provide services to our customers.
- Running a marketing services and data business – like any commercial organisation, we run a business and process information where necessary to do so. We also provide services to third parties which help them to run their businesses more effectively and efficiently. We have put in place various safeguards to ensure that individuals’ whose personal information we handle are not unduly harmed by the activities we use their personal data for. These include making information available to individuals so that they understand how their personal data will be used by MBIS, explaining their rights to obtain the information we hold and to have their information corrected or restricted and providing information about how individuals can complain if they are dissatisfied.
- Reporting and analytical purposes – to provide management information and information to improve our services.
- To maintain our records and other administrative purpose – to enable MBIS to provide the most accurate data for our customers and clients.
- Complaint and dispute resolution – we will need to use customer data when looking into queries and complaints.
- To improve data accuracy and completeness – when you register for our services you may supply us with additional information about yourself which we will use to improve our data accuracy and completeness.
- Email tracking – in order to improve our communications to our customers.
Who we share your personal information with
We share your personal information only with those persons who need to handle it so we can provide the MBIS products and services you’ve signed up to. We also share it with suppliers, such as Insurers, who provide services to us which require access to your personal information only; and with resellers, distributors and agents involved in delivering the services we provide where necessary for them to do so
We use a number of service providers to support our business and these service providers may have access to our systems and data in order to provide services to us and/or to you on our behalf.
Fraud prevention agencies
We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when
- Checking details on proposals and claims for all types of insurance.
- Checking details of job applicants and employees.
Public bodies, law enforcement and regulators
The police, other law enforcement agencies, regulators, as well as public bodies such as local and central authorities can sometimes request personal information. This may be for the purposes of preventing or detecting crime, apprehending or prosecuting offenders, investigating complaints or assessing how well a particular industry sector is working.
Brokers, lenders and providers of credit and financial products
In some circumstances, we will share credit report information and your personal information (such as name and address) with brokers, lenders and providers of credit and financial products themselves for purposes that may include:
- verifying your eligibility for the products;
- verifying suitability of products;
You can obtain a copy of the information we hold about you. See section Your rights to how we use your personal information for further information on how you can do this.
Your rights to how we use your personal information
It is important that you understand your rights in relation to your personal information and how you can contact us if you have questions or concerns.
- If you’ve given us consent to process your personal information, you have the right to withdraw that consent at any time by contacting us firstname.lastname@example.org
You can also ask for access to the personal information we hold about you and request that we correct any mistakes, restrict or stop processing or delete it. It’s worth noting that in some cases if you do ask us to correct, delete or stop processing it, we won’t always be required to do so. If that is the case, we will explain why.
In certain circumstances (e.g. where you provide your information to us (a) with consent to process it or (b) where the processing is necessary for the performance of our contract with you) you can require that we provide the information we hold about you either to you or a third party in a commonly used format. This only applies if we are processing it using automation only.
We will try to ensure that we deliver the best levels of customer service but if you think we are falling short of that commitment, please let us know by contacting us at email@example.com
If you’re still unhappy with any aspect of how we handle your personal information you also have the right to contact the Information Commissioner’s Office (ICO), the supervisory authority that regulates handling of personal information in the UK. You can contact them by:
Going to their website at https://ico.org.uk.
Phone on 0303 123 1113.
Post to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.
You may also see our full complaints handling procedure and how to make a complaint. If we cannot resolve things under that procedure, then you may have the right to refer your complaint, free of charge, to the Financial Ombudsman Service. The contact details for the Financial Ombudsman Service are: Telephone: 0300 123 9 123, or from outside the UK +44 20 7964 1000 E: firstname.lastname@example.org W: www.financial-ombudsman.org.uk Financial Ombudsman Service Exchange Tower London E14 9SR .
How we keep your personal information secure
Online privacy and security is the most important aspect of any customer service and we take it extremely seriously. We use a variety of the latest technologies and procedures to protect your personal information from unauthorised access, destruction, use or disclosure.
- We restrict access to your personal data to those employees, and third parties, who need to know that information to provide products or services to you. We maintain physical, electronic, and procedural safeguards to protect your personal data.
How long we keep your personal information for
We’ll keep your personal information for as long as we need it to provide the MBIS products and services you’ve signed up to. We may also keep it to comply with our legal obligations, resolve any disputes and enforce our rights. These reasons can vary from one piece of information to the next and depend on the products or services you’re signed up to, so the amount of time we keep your personal information may vary.
We will normally not keep information for more than 6 years after termination or cancellation of a product, contract or service we provide. In certain cases, we will keep your information for longer, particularly where a product includes liability insurances or types of insurance for which a claim could potentially be made by you or a third party at a future date, even after your contract with us has ended.
In all cases, our need to use your personal information will be reassessed on a regular basis, and information which is no longer required for any purposes will be disposed of.