Important information and who we are

Medical & Commercial International Limited (MCI) – MCI is registered in England and Wales under company number 09375775 with its Registered Office at 1st Floor, 145 Leadenhall Street, London, England, EC3V 4QT. MCI is authorised and regulated by the Financial Conduct Authority.

Medical & Commercial International (Europe) GmbH (UK Branch), (company no. HRB165266).  Incorporated as a limited liability company under the Hamburg District court, Germany, The head office is located at Hohe Bleichen 8, 20354, Hamburg, with its UK Branch office situated at 1st Floor, 145 Leadenhall Street, London, EC3V 4QT. Medical & Commercial International Limited (Europe) GmbH (UK Branch) is authorised and regulated by the Financial Conduct Authority, FRN 986663.

Both entities are referred to as “MCI”, “we”, “our” or “us”.

We are committed to protecting your personal data and complying with data protection laws. Please read this privacy policy carefully. It provides information about how we use personal data and the rights available to you under data protection laws.

Your insurance broker should have provided you with their own privacy notice which details how they use your personal data, which includes passing on to other parties involved in the insurance transaction. Please ask your agent if you would like more information about how they use your personal information.

Layered Approach

We use a layered approach to delivering information about data protection through:

  • A brief privacy notice in policy documentation when we issue your policy, which will refer to this more detailed privacy policy;
  • This privacy policy accessible online;
  • The London Market Core Uses Information Notice. This Notice provides further information on how personal data is used within the insurance market.

This privacy policy covers the following areas of our data protection and privacy practices:

1. Information we may collect about you

We may collect and process the following personal data about you:

  • information provided to us through enquiry, application or claims forms, including:
    • information such as your name, address or contact details;
    • sensitive information (e.g. details of any criminal or fraudulent behaviour or medical information) obtained either through you or third parties;
  • we may maintain records of any correspondence with you including phone records;
  • information we collect through cookies. Please see our cookies statement for further information.

2. Why we collect personal data

We are required by data protection laws to have a legitimate reason to process and use your personal data. The main purpose for processing your personal data is for the provision and performance of an insurance contract e.g. reviewing your application, setting you up as a policyholder, administration and maintenance of your insurance policy or in order to process a valid claim.

With regards to ‘Special Category’ data i.e. sensitive information, we must obtain your consent at the point of collecting your personal data (i.e. when you input your details online or when completing a form) in order to process the data unless exemption for insurance purposes is applicable. In some circumstances, if we do not have your consent to process your data, it may impact our ability to issue you with insurance cover or to handle any claims.
We may also gather personal data for the following purposes:

  • in order to prevent, identify and investigate fraud or any activity that is in the public interest;
  • to defend ourselves against or make any legal claims;
  • where we have lawful purpose for processing your data e.g. for maintaining our accounts and records, gathering market intelligence in order to develop and improve our products and services. We will ensure that the processing of your personal data does not affect your rights under applicable data protection laws;
  • to comply with a legal or regulatory obligation e.g. where we are required to maintain records of any transactions with you, or for compliance with international legal and regulatory authorities.
  • where we have an appropriate business need to use your information which does not cause any harm to your interests such as keeping you informed of our product range and providing you with market commentary.

3. Sharing and safeguarding your personal data

All personal data supplied to us is stored on secure servers and only accessed and used in line with our data protection policies and procedures. Your personal data will only be accessed by our employees or authorised third parties who require the information for their business purposes. In circumstances where it is necessary to share your personal data with a third party, there are contractual agreements in place to ensure the security and confidentiality of your personal data and the information will only be used for the specific purpose for which it has been provided to them.

  • Our group companies
    We may share your personal data with our group companies, based in the UK or Germany, but only for the purposes laid out in this privacy policy and we will ensure the security of your personal data.
  • Authorised third parties
    We may also be required to allow authorised third parties, including service providers and suppliers, access to your personal data, for the purposes stated in section 2 of this notice. Any data sharing with third parties will be in compliance with applicable data protection laws.
  • Governmental, legal and regulatory authorities
    It may be necessary for us to share your personal data with financial and regulatory organisations (e.g. the Financial Ombudsman Service, the Financial Conduct Authority, the Information Commissioner’s Office) or law enforcement agencies (including courts) in order to assist them with enquiries, investigations or proceedings and ensure our compliance with our regulatory and legal requirements. As a financial services company, we are required to have certain processes in place with regards to anti-bribery and corruption, money laundering and fraud. If any criminal offence is detected or suspected, we may share data with third parties (e.g. law enforcement agencies, fraud prevention agencies, anti-money laundering agencies) in order to prevent crime or aid investigations if crime is identified. We may also access this data as part of our ‘Know Your Client’ procedures to establish the parties we are dealing with and when assessing a claim payment in order to prevent criminal offences.
  • International transfers
    We (or third parties acting on our behalf) may store or process information that we collect about you in countries outside of the United Kingdom (UK) and the European Economic Area (EEA). Where we make a transfer of your personal information outside of the UK or EEA, we will take the required steps to ensure that your personal information is protected. If you would like further information regarding the steps we take to safeguard your personal information, please contact us.

4. Retention of your personal data

We will only keep your personal data for as long as is reasonably necessary for the relevant purposes set out in this privacy policy or when we are obliged to do so in order to comply with legal or regulatory requirements. The amount of time we retain your data for depends on the nature of the personal data and what we require it for. When your personal data is no longer required, we will ensure it is securely deleted.

5. Your rights

Our policy complies with the UK General Data Protection Regulation. The law requires us to tell you about your rights and our obligations with regards to the processing and control of your personal data, however not all of the following may be applicable in our business dealings:

There are some circumstances where we may be required to restrict your rights in order to safeguard the public or our own interests.
For further information regarding your rights, please visit the Information Commissioner’s Office’s website or click on the links provided above.

6. Contact Us

If you have any questions regarding privacy or how we use personal data, you may contact our Data Protection Officer:

  •; or
  • Data Protection Manager
    Medical & Commercial International Limited
    145 Leadenhall Street
    London, EC3V 4QT

7. Changes to our privacy policy

We may change our privacy policy from time to time and any changes will be displayed on this page. This privacy policy was last updated in September 2021.

8. Cookies Statement

Cookies may be used by the Website to allow us to recognise you and your preferred settings e.g. to store your ID and password for future sessions. This saves you from re-entering information on return visits to the Website. You have the option not to use this feature, in which event no cookies will be retained on your computer.

If the site has a secure log-in for our registered users, it may use a temporary ’session cookie’ in order to perform the secure login to our website. This cookie contains no personal information, just a long random number, and is deleted from your web browser when you exit the Website.

Temporary cookies are used in the transactional part of the Website to authenticate you as an authorised user after you have logged in.

Your browser may be capable of being programmed to reject cookies, or to warn you before downloading cookies, and information regarding this may be found in your browser’s ‘help’ facility.

For an explanation of cookies see the All About Cookies website.

Below is a table of all cookies on this website – their name, type and purpose:

Cookie Type Cookie Name Cookie Purpose
Session & TYPO3 Content Management Cookie Session & fe_typo_user We use session cookies to record an individual users preferences that the user has specified, so that each time the user returns their preferences remain. Commonly this would be language settings, shopping carts, anything where you have indicated a preference. Where forms are used on the site, we hold the information in a session cookie so that we can improve the user experience on the site. Should a user, for example, forget to fill in parts of a form when submitting a form, we can auto-fill the values for those fields that have been filled in, thereby reducing the amount of fields a user needs to amend. This information is stored only in your browser and is destroyed once your browser is closed.
Google Analytics __utmz __utmc
__utmb __utma
These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site for you. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

We use third party companies as suppliers for some of our functions. Their use of the data is controlled by our contract with them and they are only allowed to use the data strictly for the purpose we have stated e.g. the data is not used in connection with data from other companies and we are not tracking user behavior outside our own sites.

9. Your right to complain

Should you have any concerns regarding how we process your personal data, then you have the right to report your concern to the Information Commissioner’s Office. For more information, please visit their website.