This privacy notice describes how Motus Group (UK) Ltd (“we”, “us”, “our”) collects, stores, and processes personal data of our website users, customers, prospective customers and those making and enquiry (“you”, “your”). We are committed to protecting your privacy and personal data and are therefore transparent regarding the data we collect, how the data is collected, where the data is stored, and how the data is processed. The following notice details all of the above, setting out our obligations under both the General Data Protection Regulations 2016/679 (“GDPR”) and the Data Protection Act 2018 (“DPA”).
We will always give you the option not to receive marketing communications from us. We will never send you unsolicited ‘junk’ email or communications, or share your data with anyone else who might. We do not sell your information to third parties, but we do work closely with selected partners who help us to provide you with the information, products and services that you request from us. For example, our manufacture parent provides documentation relating to your vehicle.
The contents of this statement may change from time to time so you may wish to check this page occasionally to ensure you are still happy to share your information with us. Where possible, we will also contact you directly to notify you of these changes.
What information we may collect from you?
We collect information about you and your vehicle when you engage with our website, applications or manufacture partners who ask us to contact you when you make a request. We only collect information that is necessary, relevant and adequate for the purpose you are providing it for.
The information we collect includes some or all of the following:
- Basic personal details including but not limited to your name, email address, contact number(s), postal address, and preferred method of contact.
- Additional personal details including but not limited to your date of birth, driving license number and any endorsements, if you have ever had vehicle insurance declined or cancelled, health information including any disabilities and adjustments we may need to make to a vehicle, CCTV images and video, financial information including account details, salary information and your outgoing expenses, live chat records, voice call recordings when you call our customer service centre and records of electronic communications, including but not limited to the content and attachments of emails. Also, details associated with our vehicles that may be loaned to you (e.g. courtesy/demonstrator vehicles) for use that may possess vehicle tracking devices that will provide details including but not limited to locations visited and driving behaviours.
- Information about your vehicle including but not limited to the registration number, VIN, service history, mileage, warranty repair and recall information.
- Marketing and communication preferences.
- For users of our website your IP address, the pages you visited on our website and how long you visited us for, your GPS location (where you have permitted access to this), the internet browser and devices you are using, cookie, pixels or beacon information and the website address from which you accessed our website.
In line with our overall data protection policy, we do not collect unauthorised data, we will not allow any recording devices from vehicles to compromise the security of our workshop equipment or any other individual vehicle information. All recording equipment inside a customer vehicle if not turned off will be switched off by an appropriate member of staff.
How the data is collected and how we use this information?
Personal data may come from a combination of any of the following sources:
- Information you provide on order and enquiry forms, in email and telephone conversations with our staff and when you visit one of our sites.
- Information provided by third parties such as credit reference agencies and driving licence checking services.
- Information we generate following your interactions with our staff, systems, and processes.
We will only process information that is necessary for the purpose for which it has been collected. You will always have the option not to receive marketing communications from us (and you can withdraw your consent or object at any time). We will never send you unsolicited ‘junk’ email or communications, or share your personal information with anyone else that mi
Information we may generate about you includes
- Financial information including invoices, credit checks and your ability to make payments
- Service and MOT records
- Insurance claims data following an incident in a car loaned or hired to you;
- Order history when you purchase a part for your vehicle, order a vehicle or other product or service from us.
Purposes and lawful basis of processing
We use information held about you in a number of ways, including but not limited to:
- Making an enquire about the purchase of a product or service (our lawful basis for the collection and processing of your personal data is for taking steps to enter into a contract with you)
- The purchase of a product or service from us (our lawful basis for the collection and processing of your personal data is our contract with you)
- To send important reminders and communications to you regarding the servicing of your vehicle, MOT expiry, manufacturer recalls and customer satisfaction surveys (our lawful basis for the collection and processing of your personal data is that it is in our legitimate interest)
- Sending you marketing communications about our products and services by email, text message and post and the repermissioning of your consent to our private customers (our lawful basis for the collection and processing of your personal data is consent)
- Sending you marketing communications about our products and services by email, text message and post to our corporate customers (our lawful basis for the collection and processing of your personal data is legitimate interest)
- Disclosure of your data to third party credit reference agency or driving licence checking service and short term insurance providers for courtesy vehicles (our lawful basis for the collection and processing of your personal data is taking steps to enter into a contract with you or the performance of that contract).
- To understand how you use our website (our lawful basis for the collection and processing of your personal data is legitimate interest)
- The use of CCTV and other security systems (our lawful basis for the collection and processing of your personal data is the prevention and detection of crime and prosecution of offenders)
- Telephone and live chat recording (our lawful basis for the collection and processing of your personal data is legitimate interest)
We may process your personal information to comply with our legal requirements (for example, to register your car with the DVLA).
We will share information upon request with third parties, including civil and public authorities, in regards to motor-related enforcement notices including parking and speeding fines.
Sometimes we will need to process your personal information to contact you if there is an urgent safety or product recall notice and we need to tell you about it.
How do we share this information?
We will not sell your information to third parties. However, we may from time to time disclose your information to the following categories of companies or organisations to which we pass the responsibility to handle services on our behalf: our manufacturer partners, roadside assistance service providers, licence checking agents and short term insurance providers, customer contact centres, mobility and car hire providers, direct marketing communications agencies and consultants, market research and market analytics service providers, our legal and other professional advisors.
We take steps to ensure that any third party partners who handle your information comply with data protection legislation and protect your information just as we do. We only disclose personal information that is necessary for them to provide the service that they are undertaking on our behalf. We will aim to anonymise your information or use aggregated none specific data sets where ever possible.
How the data is stored
All personal data provided, collected, generated, or obtained will be stored on our secure systems.
We take appropriate measures to ensure that all personal data is kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. Within Motus Group (UK) Ltd, we limit access to your personal data to only those who have a genuine need to access it. Those with access to your personal data will do so only in an authorised manner, and are subject to a duty of confidentiality. All of our staff complete regular data protection training and adhere to our data protection policy. As a company, we audit our systems and processes to ensure your data is managed in accordance with data protection legislation.
We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of electronically transmitted data by you to us. Any transmission, therefore, remains at your own risk.
How long we keep your personal data
We will not hold your personal information in an identifiable format for any longer than is necessary. If you are a customer or otherwise have a relationship with us we will hold personal information about you for a longer period than if we have obtained your details in connection with a prospective relationship.
We do not retain personal information in an identifiable format for longer than is necessary.
If we have a relationship with you (e.g. you are a customer or the registered driver of a leased or other vehicle purchased from us), we hold your personal information for 6 years from the date our relationship ends. We hold your personal information for this period to establish, bring or defend legal claims. Our relationship may end for a number of reasons, including where the vehicle warranty or lease expires, or we have been made aware that you no longer own or drive that vehicle.
Where we have obtained your personal information following a request for information, test drive, brochure, quotation or any other information on any of our products or services, we hold your personal information for 1 year and 6 months from the date we collect that information, unless during that period we form a relationship with you e.g. you purchase or lease a vehicle. We will continue to process your data in line with your initial enquiry for 6 months to allow us an opportunity to form a relationship with you. After this, your data will remain dormant for 1 year before being removed, unless a relationship is formed within this time.
In addition, so that we are able to continue to comply with GDPR regulations, your data may be held in a cloud-based SFTP server, where it will be held for a maximum of 30 days before being removed.
The only exceptions to the periods mentioned above are where:
- The law requires us to hold your personal information for a longer period, or delete it sooner;
- Where you have raised a complaint or concern regarding a product or service offered by us, in which case we will retain your information for a period of 6 years following the date of that complaint or query; or
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law.
Supplier and Consultant Data
When you enter a relationship with us as a supplier or consultant we will hold onto your data for the length of our relationship. When our relationship ends we will only hold onto your data long enough to fulfil any contractual or legal obligations.
Most browsers automatically accept cookies. You can prevent cookies from being stored on your hard drive by setting your browser to not accept cookies. The exact instructions for this can be found in the manual for your browser. You can delete cookies already on your hard drive at any time. If you choose not to accept cookies, you can still visit our website, however, this may result in a reduced availability of the services provided by our web site.
These cookies allow us to count page visits and traffic sources so we can measure and improve the performance of our site, using a service provided by Google Analytics.
We may use a number of social media tools to enhance visitor interaction on our site. If you already use these platforms their cookies may be set through our website. Data may then be collected by these companies that enables them to serve up adverts on other sites that they think are relevant to your interests. If you do not use such platforms, then our site will not place these cookies on your device.
Functional (or ‘Necessary’) Cookies
These cookies are used to enable core site functionality. They do not contain any personal information and are automatically deleted when you close your browser.
Force24 Cookies & Tracking
Our organisation utilises Force24’s marketing automation platform.
Force24 cookies are first-party cookies and are enabled at the point of cookie acceptance on this website. The cookies are named below:
They allow us to understand our audience engagement, thus allowing better optimisation of marketing activity.
f24_autoId – This is a temporary identifier on a local machine or phone browser that helps us track anonymous information to be later married up with f24_personid. If this is left anonymous, it will be deleted after 6 months. Non-essential, first-party, 10 years, persistent.
f24_personId – This is an ID generated per individual contact in the Force24 system to be able to track behaviour and form submissions into the Force24 system from outside sources per user. This is used for personalisation and the ability to segment decisions for further communications. Non-essential, first-party, 10 years, persistent.
The information stored by Force24 cookies remains anonymous until:
- Our website is visited via clicking from an email or SMS message, sent via the Force24 platform and cookies are accepted on the website.
- A user of the website completes a form containing an email address from either your website or your Force24 landing pages.
The Force24 cookies will remain on a device for 10 years unless they are deleted.
We also use similar technologies, including tracking pixels and link tracking to monitor your viewing activities.
Device & browser type and open statistics
All emails have a tracking pixel ( a tiny invisible image ) with a query string in the URL. Within the URL we have user details to identify who opened an email for statistical purposes.
All links within emails and SMS messages sent from the Force24 platform contain a unique tracking reference, this reference helps us identify who clicked an email for statistical purposes.
Rights of Access, Correction, and Erasure
Under the GDPR, you have a number of important rights, including the right to access the personal data we hold about you, and to request corrections or partial/full erasure.
To correct any inaccuracies in your personal data held by Motus Group (UK) Ltd, you must make an explicit request to us, clearly indicating which information is in need of amendment, along with the correct information to take its place. We will act on personal data correction requests within 5 working days of receipt, and send a confirmation email to you upon resolution of the issue/s.
To request partial or full erasure of your personal data, you must make an explicit request to us. In the event you desire a partial erasure, you must clearly indicate which data points you would like to be erased. If you do not clearly indicate which data points you would like to have erased in a partial erasure, we reserve the right to delete all personal data we hold about/on you. Motus Group (UK) Ltd reserves the right to escalate any partial erasure request into a full erasure at our discretion; you will be notified of this outcome via email immediately before the erasure if we opt for the escalation. In the event you desire a full erasure, you must clearly indicate this in your request. We will act on partial and full erasure requests within 21 working days of receipt, however, no confirmation email will be sent, following the completion of the request.
Please note that your right to have your personal data erased is not absolute, and we reserve the right to refuse such a request, where there is an appropriate legal justification for doing so. For example, we must retain courtesy car driver data for a period of twelve months. You will be notified accordingly in the event we are unable to process your data erasure request.
Your rights under the GDPR are:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights concerning automated decision making and profiling.
If at any point, you would like to request access, correction, or erasure of your personal data we hold, you should email at email@example.com providing enough information for us to be able to identify you in our system and carry out your request.
We value your privacy, and as such, we implement a clear desk policy, all workstation screens are locked, and any information is stored away in a secure environment.
You can exercise the above rights and/or manage your information by contacting us using the details below:
Post: Database Team, Motus Group (UK) Ltd, Oakingham House, Ground Floor, West Wing, London Rd, Loudwater, High Wycombe, HP11 1JU
If you have any specific data protection concerns or a complaint, you can address it to our Data Protection Team at firstname.lastname@example.org, or the above postal address.
How to Complain
We hope that we can resolve any query or concern you raise about our use of your personal data, however, if you are not satisfied with our processes or approach, the GDPR gives you the right to file a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, live, or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at http://ico.org.uk/concerns/ or on 0303 123 1113.
Motus Group (UK) Ltd’s Data Protection Registration number with the ICO is Z6033829.
Information Commissioner's Office
Water Lane Wilmslow
Cheshire SK9 5AF
Contacting Motus Group (UK) Ltd
If you have any questions, queries, or issues relating to our policies and processes, or how they relate to our adherence to both the GDPR and DPA, then please contact:
The Database Team, Motus Group (UK) Ltd, Oakingham House, Ground Floor, West Wing, London Rd, Loudwater, High Wycombe, HP11 1JU
OEM Specific Privacy Policies