Privacy Policy For MCR EXEC

Key Privacy Summary

1. Identity And Contact Details

1. Manchester Executive Travel Limited, trading as MCR EXEC, is the data controller responsible for your personal data.
2. If you have any questions about this Privacy Policy, your personal data or your rights, you may contact us using the details below.

2. What Personal Data We Collect

1. We may collect and process the following categories of personal data:
   • Contact Information: name, email address, phone number and postal address where relevant
   • Booking Details: collection dates, times, addresses, destinations, itinerary details, passenger information and service requirements
   • Payment Information: billing details and payment method information, although we do not store full card details ourselves where processed by secure third-party payment providers
   • Technical Data: IP address, browser type, device information and website usage data collected through cookies and analytics tools
   • Communication Data: enquiries, messages, quotation requests, service notes and other correspondence
   • Operational Data: chauffeur allocation notes, vehicle details and service support records where relevant to delivering a booking

3. How We Collect Personal Data

1. We collect personal data directly from you when you submit website forms, request quotations, make bookings, contact us by email or phone, or otherwise communicate with us.
2. We may collect information automatically through cookies, analytics tools and similar technologies when you use our website.
3. We may also receive information from third parties where reasonably necessary to arrange or support your requested service, such as payment processors, bookers acting on behalf of passengers, or operational service providers involved in delivering the booking.

4. Purpose And Legal Basis For Processing

1. We process personal data in order to provide quotations, accept and manage bookings, allocate chauffeurs and vehicles, communicate service updates, process payments and deliver chauffeur services. The principal legal basis for this processing is contractual necessity.
2. We may process personal data to respond to enquiries, maintain customer records, prevent misuse, improve our website, monitor service quality and protect our business. The principal legal basis for this processing is legitimate interests.
3. We may retain and process personal data where necessary to comply with accounting, tax, fraud prevention, regulatory, insurance or legal obligations. The legal basis for this processing is compliance with a legal obligation.
4. Where consent is required by law, including for certain marketing activities or optional communication preferences, we rely on consent. Where consent is relied upon, it may be withdrawn at any time, although this will not affect the lawfulness of processing carried out before withdrawal.

5. Data Sharing

1. We may share your personal data with service providers who help us operate our business, including payment processors, website and hosting providers, IT support providers, communication platforms, CRM tools and other operational systems.
2. We may share relevant booking data with subcontractors or service providers only where reasonably necessary to deliver the service you have requested, including chauffeur partners, dispatch operators, payment processors, communication providers and technology platforms that support our operations.
3. We may disclose personal data where required by law, court order, regulatory requirement or where reasonably necessary to establish, exercise or defend legal rights.
4. We do not sell or rent your personal data to third parties.

6. Data Retention

1. We retain personal data only for as long as reasonably necessary for the purposes set out in this Privacy Policy, including legal, tax, accounting, insurance, dispute and operational requirements.
2. Retention periods may include:
   • Booking and transaction data: up to 6 years where required for tax, legal, accounting or business record purposes
   • Communication and enquiry records: typically up to 12 months after the matter is resolved, unless a longer period is reasonably required
   • Technical and analytics data: according to the settings and retention periods of the relevant analytics or website tools
3. We may retain data for longer where reasonably necessary in connection with complaints, insurance matters, fraud prevention, legal claims or regulatory obligations.

7. Your Rights

1. Subject to applicable law, you may have the following rights under the UK GDPR:
   • the right to access your personal data
   • the right to request correction of inaccurate or incomplete data
   • the right to request erasure in certain circumstances
   • the right to restrict processing in certain circumstances
   • the right to object to certain types of processing
   • the right to data portability where applicable
   • the right to withdraw consent where processing is based on consent
2. To exercise your rights, please contact us using the contact details in this Privacy Policy. We will respond in accordance with applicable law and ordinarily within one month, subject to lawful extensions where permitted.

8. Data Transfers

1. Where personal data is transferred outside the United Kingdom, we will take reasonable steps to ensure that appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses or other lawful mechanisms recognised under applicable data protection law.
2. Some of our service providers, software platforms or communication tools may store or process data outside the UK or EEA as part of their normal operations.

9. Automated Decision-Making

1. We do not ordinarily use fully automated decision-making or profiling in a manner that produces legal or similarly significant effects on individuals.

10. Cookies And Tracking Technologies

1. Our website may use cookies and similar technologies to support functionality, analyse website performance, improve user experience and understand how visitors use our website.
2. You may manage or disable cookies through your browser settings, subject to the possibility that some website functions may not operate as intended.
3. Where required by law, cookie choices should be made through the relevant cookie banner or consent tool presented on the website.

11. Security Measures

1. We implement reasonable technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration or disclosure.
2. These measures may include access controls, password protection, system security controls, role-based permissions and appropriate use of secure third-party platforms.
3. No online transmission or storage system can be guaranteed to be completely secure. However, we take data protection seriously and apply safeguards proportionate to the nature of our operations.

12. SMS Privacy And Communication Data

1. If you provide a mobile number to MCR EXEC, we may use that number to send operational, booking-related SMS messages, including booking confirmations, chauffeur details, pickup reminders, arrival notifications and other service-related updates connected to an active booking or transport request.
2. SMS message frequency varies depending on booking activity and the level of communication reasonably required to deliver or support the service.
3. Message and data rates may apply depending on the recipient’s mobile network and tariff.
4. Recipients may opt out of SMS communications in accordance with the instructions provided in the relevant message, including by replying STOP where applicable, or may seek assistance by replying HELP where supported.
5. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes.
6. Text messaging originator opt-in data and consent will not be shared with any third parties, except vendors, aggregators and providers that help us deliver the SMS service.
7. We may use third-party communication providers to send and manage SMS messages on our behalf. Those providers process data only to the extent reasonably necessary to deliver the messaging service.

13. Updates To This Policy

1. We may update this Privacy Policy from time to time to reflect changes in law, regulation, guidance, technology, business operations or our data handling practices.
2. The latest version will be published on this page together with the updated effective date.

14. Complaints

1. If you have concerns about how we use your personal data, we encourage you to contact us first so that we can try to resolve the matter.
2. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data protection rights have been infringed.