MK LUX Concierge

Privacy Policy

(Last updated: January 2026)

1. Who we are

MK LUX Concierge (“we”, “us”, “our”) provides concierge, chauffeur hire, self-drive vehicle hire, personal shopping, event bookings and related services.

We act as a data controller for the personal data we collect.

Company name: MK LUX Concierge

Email: info@mkluxconcierge.co.uk

If you have questions about this Privacy Policy, please contact us at: info@mkluxconcierge.co.uk

You also have the right to complain to the Information Commissioner’s Office (ICO) (see Section 16).

2. The data we collect

We only collect information that is necessary for providing our services, complying with law, and running our business.

We may collect:

Identity & contact details

  • full name
  • date of birth
  • postal address
  • email address
  • phone number
  • nationality
  • driving licence details (and copies)

Booking & service information

  • booking history
  • vehicle hire details
  • chauffeur service details
  • travel, event, and reservation preferences
  • communications with us (calls, emails, messages)

Financial & payment information

  • card details processed securely by Stripe (we do not store full card numbers)
  • bank transfer details (account name, IBAN/sort code, reference)
  • invoices, receipts, and transaction records

Verification & compliance

  • ID documents (passports, licences, proof of address)
  • fraud and risk checks
  • insurance and claims data
  • records required by law (KYC/AML where applicable)

Technical data

  • IP address
  • device type
  • browser and usage information (for analytics, security and site performance)

Vehicle-related data (if using our vehicles)

  • mileage
  • damage/incident reports
  • telematics data where installed (speed, location, usage) — only if necessary and legally permitted

We do not knowingly collect children’s data unless legally required (e.g., for insurance claims) and only with parental consent.

3. How we collect your data

We collect data when you:

  • make an enquiry or booking
  • communicate with us
  • pay via Stripe or bank transfer
  • provide ID or documents
  • interact with our website
  • work with us as a supplier or partner
  • are involved in a booking arranged through us

We may also receive information from:

  • Stripe and other payment providers
  • fraud prevention and credit reference agencies
  • insurance providers
  • our suppliers (e.g., vehicle partners, hotels, clubs, restaurants)
  • publicly available sources where appropriate

4. Why we use your data (lawful bases)

We process your data under the following lawful bases:

a) 

Contract

To provide services you request, including:

  • managing bookings
  • arranging vehicles and reservations
  • processing payments and refunds
  • communicating about services
  • handling deposits and damages
  • customer support

b) 

Legitimate interests

Where it is necessary and does not override your rights, such as:

  • protecting our business and customers
  • preventing fraud and misuse
  • managing disputes and claims
  • keeping records
  • marketing to existing customers (with opt-out)

c) 

Legal obligations

To comply with UK law, including:

  • tax and accounting
  • insurance obligations
  • anti-fraud and KYC checks
  • responding to lawful requests from authorities

d) 

Consent

Where we rely on consent (e.g., marketing to non-customers), you may withdraw it at any time.

5. Payments, Stripe & bank transfers

Stripe

Card payments are processed securely by Stripe.

Stripe acts as an independent controller for payment data.

We do not store full card details.

For more information, see Stripe’s privacy policy: https://stripe.com/privacy.

Bank transfers (in and out)

When you pay or receive money by bank transfer, we may process:

  • your bank account name
  • account number / IBAN / sort code
  • transaction references and records

We only use this to:

  • process payments and refunds
  • reconcile accounts
  • meet legal, tax, and anti-fraud obligations

We do not share bank details with third parties except where required by law or essential service partners (e.g., accountants, banks).

6. Sharing your personal data

We only share data when necessary and lawful, for example with:

  • vehicle suppliers and chauffeurs
  • hotels, restaurants, venues, clubs and partners required to fulfil bookings
  • payment processors (e.g., Stripe, banks)
  • insurers and claims handlers
  • IT and hosting providers
  • professional advisers (accountants, lawyers)
  • fraud prevention and credit reference agencies
  • law enforcement or regulators where legally required

We require all partners to process your data securely and only for permitted purposes.

We never sell your personal data.

7. International transfers

Some partners and systems may be located outside the UK/EEA.

Where transfers occur, we ensure appropriate safeguards such as:

  • adequacy regulations, or
  • UK/EEA Standard Contractual Clauses, or
  • other lawful transfer mechanisms.

You can request details of safeguards at any time.

8. Data retention

We retain data only as long as necessary for the purposes it was collected, including:

  • bookings and contracts: up to 6 years (for tax and legal records)
  • ID and verification records: as required by law
  • marketing data: until you unsubscribe
  • CCTV/telematics (if used): short, justified retention only

When data is no longer needed, we delete or anonymise it securely.

9. Security

We take appropriate technical and organisational measures to protect data, including:

  • encrypted systems
  • secure access controls
  • staff confidentiality obligations
  • regular review of our security practices

However, no system is completely secure — please notify us immediately of any suspected breach.

10. Marketing

We may send marketing to existing customers under legitimate interest.

For others, we rely on consent.

You can opt out at any time by:

  • clicking unsubscribe, or
  • contacting us at info@mkluxconcierge.co.uk

We do not use aggressive profiling or sell marketing lists.

11. Cookies & analytics

We may use cookies for:

  • website functionality
  • security
  • analytics
  • improving user experience

Where required, we obtain cookie consent and provide controls.

See our Cookie Policy for details.

12. Automated decision-making

We do not use automated decisions that significantly affect you.

If we ever introduce such systems, you will be notified and given rights to challenge decisions.

13. Your rights

Under GDPR and UK GDPR you have the right to:

  • access your data
  • correct inaccurate data
  • delete data (where applicable)
  • restrict processing
  • object to processing
  • withdraw consent
  • data portability
  • complain to the ICO

To exercise these rights, contact info@mkluxconcierge.co.uk

We may need proof of identity before responding.

14. CCTV / event security (if applicable)

Some partner venues use CCTV for safety.

Footage is controlled by the venue operator and processed under their policies.

15. Changes to this policy

We may update this policy from time to time.

The latest version will always be published here with an updated date.

16. Complaints

If you are unhappy about how we handle your data, please contact us first.

You can also contact the UK Information Commissioner’s Office (ICO):

www.ico.org.uk

Tel: 0303 123 1113

17. Contact us

For privacy questions or requests:

Email: info@mkluxconcierge.co.uk