MCIA Ltd Privacy Policy

  1. General intro
    • We are committed to ensuring that we manage your personal data professionally and in compliance with all applicable data protection laws. Part of this commitment is to ensure that there is transparency about how we process personal data.  This policy includes an explanation of:
      • what data we are processing;
      • why we are processing it and what we do with it;
      • whether we will share it with anyone else;
      • whether we will transfer it outside of the United Kingdom;
      • how we keep your data safe; and
      • your rights.
    • We hope that you find this Privacy Policy helpful. If you have any questions, please don’t hesitate to contact us.
  1. About us
    • For the purposes of UK data protection laws, the data controller is MCIA Ltd (MCIA) and we are located at 1 Rye Hill, Office Park, Birmingham Road, Allesley, Coventry CV5 9AB. In this policy we have referred to the MCIA as: we, us, our or the MCIA
    • We also operate under the following trading names: Motorcycle Live.
    • For any queries concerning your data please contact the Data Protection Co-ordinator , at the above address or by email at f.mcallan@mcia.co.uk or by phone on 02476 408020.
  1. Your personal data
    • We will collect, use, store and transfer different kinds of personal information about you.  In this section 3 we provide more detailed information about how we will manage your personal data.
  • What data do we hold about you?
    • Identity data, such as your name, title, date of birth, driver’s license number;
    • Photographic data, such as your image captured either in a photograph or video recording (which may or may not include audio recording);
    • Contact data, such as your address, email address and telephone numbers;
    • Company data, such as your job title, information relating to your position and role within your company, and transactions between us and your company;
  • Financial data, such as bank account and payment card details, purchase order number and company turnover;
  • Transaction data, including details about payments to and from you, and details of products and services you purchase from us;
    • Technical data, including IP addresses, your log-in data, browser type and version, time-zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website, and
    • Profile data, such as information on your driving experience, current ride, clothing and helmet size,
    • Marketing data, such as your preferences in receiving marketing from us and our third parties, and your communication preferences.
  • How do we obtain data about you?

We will obtain information about you through various means, including:

    • Direct interactions. These include:
      • When you attend our annual show, Motorcycle Live, as either an attendee or as an exhibitor ,
      • When you request to subscribe to our newsletter or otherwise enquire about our products or services.
      • If you choose to buy finance or insurance products from us,
      • If you take part in a competition, promotion or survey we are running,
      • If you take part one of our free test rides provided at Motorcycle Live,
    • Automated technologies. These include:
  • If you have visited our website we may automatically collect some personal information including: details of your browser and operating system, the website from which you visit our website, the pages that you visit on our website, the date of your visit, and the Internet protocol (IP) address assigned to you by your internet service. We collect some of this information using cookies – please see Cookies in Section 5 for further information.
  • We may also collect any personal information which you allow to be shared that is part of your public profile on a third party social network via social plugins (buttons) of social networks such as Facebook, Google+ and Twitter
    • Third parties or publicly available sources. These include:
      • Where you have purchased tickets for Motorcycle Live from our ticket partner, The Ticket Factory.
      • Where your employer has requested to book or has booked a stand at our show, Motorcycle Live, and your details have been provided as a company contact for the event.

Sometimes you will have sent your information directly to us, but you may have provided your information to one of our partners or associated companies who, in turn, has provided the information to us (for example, if you have bought finance or insurance products from companies that partner with us).

Typically, the information that we obtain will be your contact details and payment information however if you attend our premises, we may also capture your image on CCTV for security purposes. Our telephone calls are sometimes recorded for training purposes and may also be used to verify any comments that were made during any conversation. We take photographs and video footage at our annual show, Motorcycle Live. It is therefore possible that images of you will be recorded when visiting our show. Additionally, if you participate in our free test rides we will need your driver’s licence and clothing/helmet size.

  • How do we use your personal data and what is the applicable lawful basis?
    • Where you have consented, we may provide you with marketing information about our products and services or the products and services of our selected partners. In addition, we will keep you informed of events that we think will be of interest to you.
    • Where we are required to do so to perform our contract with you, we may process your information for completing services that we are contractually obliged to perform.
    • [Where it is in your vital interests, we may use your information to organise and notify you about safety and product recall notices.]
    • We may process your information to comply with legal obligations including assisting HMRC, the Police and the Driver and Vehicle Licensing Agency
    • We may process your information to allow us to pursue our legitimate interests including for:
      • analysing our performance to further improve our customer services;
      • market research, training and to administer our websites;
      • to administer any competitions or surveys which you have participated in;
      • the prevention of fraud or other criminal acts;
      • undertaking credit checks for finance;
      • complying with requests from you including if you exercise any of your rights noted in this Privacy Policy;
      • the purpose of corporate restructure or re-organisation or sale of our business or assets;
      • enforcing our legal rights or to defend legal proceedings, to collect and recover money owed to us, and for general administration purposes.
  • Will we share your personal data with any third parties?
  • We may share your personal information with the parties set out below:
    • Other companies within our group, these companies include: Motor Cycle Industry Association Limited (MCIA)
    • Third parties involved in the organisation of Motorcycle Live, such as the Ticket Factory, photographers and videographers, the NEC Birmingham,
    • Providers of IT and system administration services to our business, including, QNetworks.
  • Providers of email marketing, web based project management applications and customer engagement platforms to our business, including Motocom and Campaign Monitor.
    • Analytics and search engine providers that assist us in the improvement and optimisation of our website.
    • Advertising agencies or administrative service providers, business partners, suppliers and subcontractors to the extent that we consider it reasonably necessary to provide our goods and services to you.
    • Our professional advisors (including solicitors, banks, auditors and insurers).
    • Credit search and reference agencies, and fraud prevention agencies.
    • Government or other official bodies, such as HMRC, the Police and the DVLA, for the purposes of complying with legal obligations, for enforcing our rights, or for the prevention or detection of a crime.
    • If we sell all or part of our business to a third party, we may transfer your information to that party to ensure that it can continue to provide information that you have requested or for any of the other purposes that we have noted above.

When we use third party service providers, we only disclose to them any personal information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.

  • How long do we keep your data?
    • Where we use or store data because it is necessary for the performance of the contract between you and us or to comply with a legal obligation, we will retain your data for as long as it is necessary for the performance of that contract or to comply with that legal obligation.
    • Where we use or store your data because it is necessary for our legitimate interests, we will retain your data for as long as it is necessary for our legitimate interests, or such earlier time as you ask us to stop. However, if we can demonstrate the reason why we are using or storing your data is more important than your interests, then we will be allowed to continue to use or store your data for as long as it is necessary for our legitimate interests.
    • Where we use or store your data because you have given us your specific, informed and unambiguous consent,  we will retain your data until you withdraw that consent.
    • The periods stated in this section 2.4 may be extended if we are required by law to keep your data for a longer period.
  1. Transferring your data outside of the United Kingdom (‘UK’)
    • The information that you send to us may be transferred to countries outside of the countries outside the UK. By way of example, this may happen where any of our group companies are incorporated in a country outside of the UK or if any of our servers or those of our third-party service providers are from time to time located in a country outside of the UK. These countries may not have similar data protection laws to the UK.
    • If we transfer your information outside of the UK in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected. These measures include imposing contractual obligations on the recipient of your personal information or ensuring that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection. Please contact us if you would like more information about the protections that we put in place.
    • If you use our services whilst you are outside the UK, your information may be transferred outside the UK to provide you with those services.
  1. Cookies
    • We use Cookies on our website. A cookie is a small text file which is placed onto your computer (or other electronic device) when you visit our website.  This enables us to monitor how many times you visit the website, which pages you go to, traffic data, location data and the originating domain name of your internet service provider.
    • You can find out more about the Cookies we use in our Cookies Policy available on the home page of our website.
    • You can set your browser not to accept cookies, however some of our website features may not function as a result.
    • For more information about cookies generally and how to disable them you can visit: www.allaboutcookies.org.
  1. Data security
    • We have adopted the technical and organisational measures necessary to ensure the security of the personal data we collect, use and maintain, and prevent their alteration, loss, unauthorised processing or access, having regard to the state of the art, the nature of the data stored and the risks to which they are exposed by human action or physical or natural environment.  However, as effective as our security measures are, no security system is impenetrable. We cannot guarantee the security of our database.
    • Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk.  Once we have received your information, we will use procedures and security features to try to prevent unauthorised access
    • Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone
  1. Links to other websites
    • Our website may contain links to and from other websites (e.g. social media sites such as Twitter, YouTube and Facebook). Unless we own such websites, we accept no responsibility for the way in which they process your personal data. You are recommended to check the privacy policy of each website before you submit any personal data to it.
  1. Social Plugins
    • We use so-called social plugins (buttons) of social networks such as Facebook, Instagram and Twitter.
    • When you visit our websites, these buttons are deactivated by default, i.e. without your intervention they will not send any data to the respective social networks. Before you can use these buttons, you must activate them by clicking on them. They then remain active until you deactivate them again or delete your cookies. Please see section 4 for further details regarding our use of cookies.
    • After their activation, a direct link to the server of the respective social network is established. The contents of the button are then transmitted from the social network directly to your browser and incorporated in the website.
    • After activation of a button, the social network can retrieve data, independently of whether you interact with the button or not. If you are logged on to a social network, the network can assign your visit to the website to your user account.
    • If you are a member of a social network and do not wish it to combine data retrieved from your visit to our websites with your membership data, you must log out from the social network concerned before activating the buttons.
    • We have no influence on the scope of data that is collected by the social networks through their buttons. The data use policies of the social networks provide information on the purpose and extent of the data that they collect, how this data is processed and used, the rights available to you and the settings that you can use to protect your privacy.
  1. Your rights
    • Your right to access data
      • We always aim to be as open as we can and allow people access to their personal information. Where we hold your personal data, you can make a ‘subject access request’ to us and we will provide you with:
        • a description of it;
        • an explanation of why we are holding it;
        • information about who it could be disclosed to; and
        • a copy of the information in an intelligible form – unless an exception to the disclosure requirements is applicable.
      • If you would like to make a ‘subject access request’ please make it in writing to our contact email address noted in section 2 and mark it clearly as ‘Subject Access Request’.
      • If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
      • Unless you agree a different time, we will complete your subject access request within one month.
  • Right to rectify information
    • You may ask us to rectify any information we hold about you that is inaccurate or incomplete.
  • Right to stop marketing messages
    • You always have the right to stop marketing messages. We will usually include an unsubscribe button in any marketing emails. If you do wish to unsubscribe, please just click the unsubscribe button and we will promptly action that request. Alternatively, you can update your marketing preferences by contacting us at any-time.  Our contact details are shown in section 2.
  • Right to be forgotten
    • If we hold personal data about you, but it is no longer necessary for the purposes that it was collected and cannot otherwise be justified – you have the right to request that we delete the data. Please note that this right can only be exercised in certain circumstances and, if you ask us to erase your information and we are unable to do so, we will explain why not.
  • Right to restrict data
    • You have a right to ask us to stop using your information where: (i) the information we hold about you is inaccurate; (ii) we are unlawfully using your information; (iii) we no longer need to use the information; or (iv) we do not have a legitimate reason to use the information. Please note that we may continue to store your information, or use your information for the purpose of legal proceedings or for protecting the rights of any other person.
  • Right to object
  • Where we use/store your information because it is necessary for our legitimate business interests, you have the right to object to us using/storing your information. We will stop using/storing your information unless we can demonstrate why we believe we have a legitimate business interest which overrides your interests, rights and freedoms.
  • Transferring your personal data
    • You have the right to  ask us to provide you with a copy of your personal information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine-readable form, such as a CSV file. This will only apply to data which is held electronically, and which you have provided to us.
    • You can also ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information
  • Right to complain
    • You always have the right to complain to the personal data regulator, the ICO. You may also be entitled to seek compensation if there has been a breach of data protection laws.
  • Policy updates
    • This policy was last updated on 4th February 2020.