object(WP_Post)#17000 (24) {
  string(1) "3"
  string(19) "2019-05-21 15:26:48"
  string(19) "2019-05-21 14:26:48"
  string(0) ""
  string(14) "Privacy Policy"
  string(0) ""
  string(7) "publish"
  string(6) "closed"
  string(6) "closed"
  string(0) ""
  string(14) "privacy-policy"
  string(0) ""
  string(0) ""
  string(19) "2019-11-26 11:35:11"
  string(19) "2019-11-26 11:35:11"
  string(0) ""
  string(38) "http://mcssco.wpengine.com/?page_id=62"
  string(4) "page"
  string(0) ""
  string(1) "0"
  string(3) "raw"
string(68) "https://mcscertified.com/wp-content/uploads/2019/07/news_blocks3.png"

Privacy Policy

Thank you for visiting our website.

This website is owned by the Microgeneration Certification Scheme Service Company Ltd (MCSSCo), trading as MCS.

Your use of our website is subject to the following terms and, by using our website, you agree to be legally bound by them. This applies whether you register your details with us or not. Please read these terms carefully before using our website. If you do not agree to these terms, please do not use our website.


This privacy policy tells you what to expect when the Microgeneration Certification Scheme (“MCS”) Website and the MCS Installation Database (“we”, “us”, “website” and “database”) collects, stores and processes personal information.

It applies to information we collect, store and process about our users and other persons’, whose data is provided to us by users, in particular individuals who own installations installed and certified under the MCS (“users”, “other persons” or all together “data subjects”).

In this privacy policy we inform how we collect and use personal data, what are privacy rights of data subjects and how they are protected by law.


Until April 2018, MCS was operated by the Department for Business, Energy and Industrial Strategy (BEIS). In April 2018, under a process of novation, MCS was transferred to the MCS Charitable Foundation, with the Scheme operated by the MCS Service Company Limited.

The personal data which has been collected under the MCS to date was also transferred to ownership of MCS Charitable Foundation and The MCS Service Company Limited.

The MCS Service Company Limited is incorporated under the Laws of England and Wales with registration number 07759366 and is based at Suite F40, The Innovation Centre, Sci-Tech Daresbury, Keckwick Lane, Daresbury, WA4 4FS.

The MCS Service Company Limited primarily certifies microgeneration products used to produce electricity and heat from renewable sources. The MCS Service Company Limited also certifies installation companies to ensure the microgeneration products have been installed and commissioned to the highest standard for the consumer. The MCS Service Company Limited owns the MCS Installations Database, which enables the creation, amendment, and storage of MCS certificates for systems which have been installed under MCS rules, and the website, which provides for general information regarding MCS, contact details and access to the database.

The MCS Service Company Limited is a data controller of users’ and other persons’ personal data.

The MCS Service Company Limited administers the website, the database and all other matters relevant to MCS.


Personal data is any information about data subjects from which they can be identified. It does not include data where their identity has been removed (it is called anonymous data).

We collect, use, store and transfer different kinds of personal data about data subjects which we have grouped together as follows:


Type of Data Subject Category of Personal Data Personal Data
If you are a user, we collect your: (a)  Identity Data
(b)  Contact Data
(c)   Company Data
(d)  User Account Data
(e)  Technical Data
(f)    Usage Data
(g)  Customer Care Data
(a) Your first and last name
(b) Your email address and phone number
(c) Name of the company that you represent and your job title
(d) Your username, and password
(e) Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website (such as smart phones, laptops or desktops).
(f) Information about how you use our website, including your traffic data
(g) Your correspondence and feedback to us
If you are another person whose personal data was provided to us by users, we process your: (a)  Identity Data
(b)  Contact Data
(c)   Property Data
(d)  Certificate Data
(a) Your first and last name
(b) Your email address and phone number
(c) Property address and postcode
(d) Certificate number and a certificate


Whereby we need to collect personal data from you by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter with you (for example, to provide you with access to the database). In this case, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.

We do not collect any Special Categories of Personal Data about data subjects, nor do we collect any information about criminal convictions and offences.


We use different methods for the collection of users’ data through:

Direct interactions. You may give us your Identity, Contact, Company, User Account and Customer Care Data when you:

register as a database user;
provide documents or information to us;
fill in forms on our website or on hard copies;
correspond with us by telephone, e-mail or otherwise;
complete surveys for research or statistical purposes in relation to the MCS and/or BEIS policy development and research.

Automated technologies or interactions. As you interact with our website, we automatically collect Technical and Usage data about your equipment, browsing actions and patterns. We collect this personal data by using cookies. Please see our Cookie Policy for further details.


If you are a user, we may also receive additional information about you from:

Credit Reference Agency engaged by us to verify the information you have provided and to prevent and detect fraud;
MCS Certification Bodies;
Ofgem as the Administrator of the Renewable Heat Incentive and Feed-in Tariff schemes (Ofgem);
Chartered Trading Standards Institute Approved Consumer Codes (CTSI), including but not limited to:

The Renewable Energy Consumer Code (RECC);
The Home Insulation & Energy Systems Contractors Scheme (HIES);
The Glass and Glazing Federation (GGF).

If you are another person who owns installations that are installed and certified under the MCS, we will receive your personal data from a user who will provide it on our database.

We will only use your personal data when the law allows us to, most commonly, in the following circumstances:

Where we need to deliver services under your request in accordance with specific terms and conditions;
Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests;
Where we need to comply with a legal or regulatory obligation.

Below we have listed the ways, describing reasons, we use your personal data for and the legal basis we rely on to do so.

Please note that we may process your personal data for more than one lawful basis depending on the specific purposes for which we are using your data.

Type of Data Subject Purpose Type of Data Lawful Basis for Processing
If you are a user, we will use your personal data: (a)
To supply services you request, including the registration for the database, its usage and troubleshooting.
To charge for services requested.
To manage our relationship with you, including notification about changes to our privacy policy, Terms and Conditions and services, manage any concerns or requests that you raise to us.
To carry out investigations in relation to compliance and complaints regarding our services, as well as site inspections and audits.
To prevent and detect criminal activities.
To complete a survey for purely research and statistical purposes.
To use data analytics to improve our website, services, customer relationships and experiences, and to secure our website
Identity, Contact, Company, User Account and Customer Care Data.
Identity, Contact, Company, and Customer Care Data
Technical and Usage Data
Performance of MCS Installation Database services in accordance with Terms and Conditions.
Necessary to comply with a legal obligation.
Necessary for our legitimate interests allowing us to provide our customers with requested information and to protect our customers and business from criminal and illegal activities.
Necessary for our legitimate interests allowing us to study how customers use our services and to help us to develop it.
Necessary for our legitimate interest to keep our website updated and relevant to customers.
If you are another person whose data was provided to us by a user, we will process your personal data: As we are requested to do so by law and the contract with a user. Identity, Contact, Property and Certificate Data Necessary to comply with a legal obligation.
Performance of MCS Installation Database services in accordance with Terms and Conditions.

Cookies are small files saved to your computer’s hard drive that track, save and store information about your interactions and usage of our website and database. Cookies allow us to store your preferences to correctly present content, options or functions throughout our website. They also enable us to see information like how many people use our website and database, and what pages they tend to visit.

We do not disclose personal data to anyone, except when we need to share it with:

  • External third parties who provide specific services to us, such as website and database design and management, data storage, online phone helpline and payments processing.
  • Credit Reference Agency for the prevention and detection of fraud or non-compliance with the Domestic RHI and the Feed-in Tariffs schemes.
  • Regulators and judicial authorities who require reporting of processing activities in certain circumstances. More specifically, we may need to disclose personal data of installation companies to:
    • Ofgem for reporting, monitoring, application processing, compliance and complaints handling purposes for the administration of the Domestic and Non-Domestic Renewable Heat Incentive and the Feed-in Tariff Scheme, as well as in support of any criminal or civil investigations carried out by relevant authorities.

    • MCS Certification Bodies for reporting, monitoring, application processing, compliance and complaints handling purposes for the administration of the MCS, as well as in support of any criminal or civil investigations carried out by relevant authorities.
    • Feed-in Tariff Licensees for reporting, monitoring, application processing, compliance and complaints handling purposes for the administration of the Feed-in Tariff Scheme, as well as in support of any criminal or civil investigations carried out by relevant authorities.
    • BEIS for meeting our legal obligations in relation to periodic provision of information to BEIS that will use the information for market research purposes to develop: (i) its understanding of the deployment and performance of renewable energy technologies in relation to the Domestic Renewable Heat Incentive scheme and the Feed-in Tariff scheme, and (ii) the impact of Government policies upon these schemes. In particular, the data will be used to make contact with installers in order to conduct surveys or consensuses and to assist with technical research. Individuals’ personal data may be also disclosed to BEIS for statistical and research purposes in order to conduct research projects, including engineering, social, economic and statistical, for the evaluation and development of policy, to enable delivery partners to effectively identify and investigate potential cases of fraud and non-compliance, and to improve the quality of data which is used in policy development.
    • CTSI, including but not limited to RECC, HIES, and GGF for reporting, monitoring, application processing, compliance and complaints handling purposes for the administration of the MCS, as well as in support of any criminal or civil investigations carried out by the relevant authorities.

We may also provide third parties with aggregate and non-attributable information about installation companies, installation owners, and product companies.

Where applicable, we require all external third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.


All information about you is stored on our secure servers or, in case of hard copies, in locked cabinets. The information is all stored within the United Kingdom.

If you wish to receive more detailed information about your personal data, please send your request to mcshelpdesk@mcscertified.com.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those staff members or other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a strict duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable supervisory authority of a breach where we are legally required to do so.


We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Details of retention periods are as below:

  • MID: recipient data – 25 years
  • MID: certificate data – 25 years
  • MID: user data – 25 years
  • Installer data – 8 years
  • Customer data: documents (e.g. bank statements and electricity bills) – these will be destroyed as soon as possible after use
  • Customer data: call recordings – 1 month or less
  • Customer data: call info recorded in CRM – 1 month or less (unless the issue remains outstanding)
  • Customer data: emails – to be deleted after capture in CRM


Under certain circumstances, you have rights under data protection laws in relation to your personal data which are as follows:

  • Access to your personal data – This enables you to receive a copy of the personal data we may hold about you and to check how we process it.
  • Correction of your personal data – This enables you to have any incomplete or inaccurate data we may hold about you corrected or completed, though we may need to verify the accuracy of the new data you provide to us.
  • Erasure of your personal data – This enables you to ask us to delete personal data where there is no legitimate reason for us continuing to process it.

Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

  • Object to processing of your personal data – This enables you to ask us to terminate the processing of your personal data where we are relying on a legitimate interest. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Restriction of processing your personal data – This enables you to ask us to suspend the processing of your personal data in certain circumstances.
  • Transfer of your personal data – This enables you to ask us to transfer your personal data to you or to another service provider. We will provide to you, or another service provider you have chosen, your personal data in a structured, commonly used, machine-readable format.

Note, however, that this right only applies to automated information which you may have provided under Terms and Conditions to us.

If you wish to exercise any of the rights set out above, please send your request to mcshelpdesk@mcscertified.com

No fee usually required.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Your right to lodge a complaint

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO).

We would, however, appreciate the chance to deal with your concerns first before you approach the supervisory authority, so please do contact us in the first instance.


For compliance questions in relation to this policy, you may contact us at mcshelpdesk@mcscertified.com

If you have any questions or would like to know more about the MCS, there are a number of ways that you can contact us.


This privacy policy applies from 1st July 2019 until such time it is updated again.

We may revise this privacy policy from time to time. Any revision will be brought to your attention by posting changes on the website and the database.

Where appropriate, the changes will be notified to you by email.



In these Terms and Conditions, unless the context otherwise requires:

“Administrator” means a User account with full administration access to the MID;

“Affiliate” means in relation to a body corporate, any subsidiary, subsidiary undertaking or holding company of such body corporate, and any subsidiary or subsidiary undertaking of any such holding company for the time being;

“BEIS” means the Department for Business, Energy and Industrial Strategy;

“Certification Body” means the UK Accreditation Service  accredited body issuing MCS certification who is granted a User account with read and write access to MID data for the maintenance of installer and product certification and partial reporting access in order to view installations and information input by installers they have certified, to allow them to assess and investigate complaints and compliance issues, perform audits and data checks, review performance and volume, assist installers with administrative tasks, provide MCS with accurate data, and assess extended access requests.

“Consumer Codes” means a User account with read only access to MID data and partial reporting access, usually assigned to the Trading Standards Institute approved Consumer Codes associated with the Scheme, who are able to view installations and information input by installers they have certified, to allow them to assess and investigate complaints and compliance issues, perform audits and data checks, review performance and volume, and police insurance-backed warranty details.

“Content” means data, mode of expression, or other material and services found in the MID;

“Data Controller” means the entity which determines the purposes and means of the Processing of Personal Data.

“Data Processor” means the entity which process personal data under the instructions of the Data Controller.

“Data Subject” means the identified or identifiable person to whom Personal Data relates.

“Data Subject Request” means any request made by a Data Subject to assert its rights under the and GDPR, in particular the right to access, correct, amend, restrict, terminate, transfer or delete its Personal Data;

“Installation Certificate” means a certificate issued on registration of an installation on the MID;

“Installation Owner” means the owner of an installation registered on the MID where an Installation Certificate has been generated;

“Installer Master Admin User” or “MAU” means the principal user account assigned to the named Installer contact;

“Installer” means a User account authorised by the Installer MAU and granted to administrators within an MCS certified installation company. These accounts allow their users to submit and amend MCS certificates, purchase credits and review credit transaction history, run reporting related to the installations performed by the company, and review and amend certain account details.

“Intellectual Property” means copyright and related rights, moral rights, trade-marks and service marks, business names and domain names, database rights, rights to use, and protect the confidentiality of, confidential information (including know-how) and all other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world;

“FIT” means the Feed-in Tariff scheme. The FIT is a government programme designed to promote the uptake of renewable and low-carbon electricity generation technologies. Introduced on 1 April 2010, the scheme requires participating licensed electricity suppliers to make payments on both generation and export from eligible installations.

“Market Operator” means a User account with read only access to MID data and partial reporting access, usually assigned to energy providers, who are able to run limited reporting and view MCS certificates, for the purposes of administering the FIT and , including details and compliance checks.

“MID” means the MCS Installation Database, which sets out details of microgeneration installations which have been installed by MCS certified installers;

“MCS Email Address” means mcshelpdesk@mcscertified.com;

“Personal Data” means any information relating to (i) an identified or identifiable natural person and, (ii) an identified or identifiable legal entity (where such information is protected similarly as personal data or personally identifiable information under the and the GDPR);

“Processing” means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; “process” and “processes” will be construed accordingly;

“Ofgem” means a User account with read only access to MID data and partial reporting access, usually assigned to employees of Ofgem, who are able to run limited reporting and view MCS certificates, for the purposes of administering the FIT and RHI, including details and compliance checks.

“Registration Form” means the form used to register an MCS compliant installation;

“Reporting User” means a user account with reporting only access to the MID;

“RHI” means Domestic Renewable Heat Incentive;

“User” means an individual or a body who is authorised to access and use the MID, including an Administrator, Certification Body, Installer, Market Operator, Consumer Code, and Ofgem;

“MCS” means the Microgeneration Certification Scheme;

“Website” means the MCS website with its homepage at www.mcscertified.com;

The following text outlines the Terms and Conditions of service. The User should read this carefully before using the MID.


The User shall:

  • Only use the Content in accordance with these Terms and Conditions and the MID User Guide;
  • Supervise and control use of the Content in accordance with these Terms and Conditions;
  • Not display any Content on a public bulletin board, File Transfer Protocol Site, website, chat room or by any other unauthorised means;
  • Receive and hold the password in the strictest confidence and take all reasonable security precautions in the safekeeping of the password and in preventing its unauthorised disclosure to third parties without prior written consent from MCS;
  • Safeguard the confidential nature of all Content.

The User warrants that:

  • It will not use or permit or condone the use of the Content or parts thereof for sale, resale, loan, transfer, hire or other form of exploitation for monetary reward; and

Before the User records personal data on the MID, the User will:

  • Notify the persons to whom such personal data relates that such information is recorded on the MID; and
  • Provide those persons with a copy of the ;

Where the User processes personal data which is recorded on the MID, the obligations relating to personal data under the and GDPR will at all times be complied with.

All Users are responsible for ensuring the correct use of the MID User account. Any suspected misuse by the User or a non-authorised person (being a person who does not have a MID User account) must be reported immediately by email to MCS Email Address mcshelpdesk@mcscertified.com

User accounts may temporarily be suspended until the suspected misuse is investigated.


Installer MAUs may authorise additional Installers within the certified company.

Further guidance on accessing the MID is available via the MCS Helpdesk.

User account details must not be shared between more than one User. The Installer MAU is responsible for ensuring the integrity and security of the account.

User accounts may be suspended without prior notice at the discretion of MCS following a decision by the Certification Body.

MCS may suspend or terminate a User account with immediate effect in the event of a material breach by the User of these Terms and Conditions following instruction by the Certification Body.


By registering an account, the User confirms that the data entered is complete and accurate.

If the User is an Installer who registers an installation, the User must confirm that the installation is fully compliant with the requirements of the appropriate MCS Standards and that the data entered in the Registration Form is complete and accurate.

If Data is found to be incomplete, inaccurate or non-compliant with the MCS Standards then the registration may be removed from the MID, the User’s MID access may be removed and the non-compliance investigated by the User’s MCS Certification Body.

MCS Service Company Ltd will report potential fraudulent activity to the appropriate authorities.

Users are responsible for keeping their contact details up-to-date on the MID and must have a valid email address registered with MCS at all times. If an email that MCS sends to the User should prove undeliverable, the User’s account may be temporarily suspended until the User contacts MCS with a verifiable email address.

The User’s personal data is processed in accordance with the Privacy Policy. The User is advised to read the Privacy Policy.

MCS Service Company Ltd may make changes to or update these Terms and Conditions at any time and will endeavour to give adequate notice of such changes. The User’s continued use of the MID means that the User accepts any new or modified terms.


The Installation Certificate is a statement by the Installation Company of compliance with the relevant MCS Standards. The User is liable for ensuring all the Data is correct and accurate as of the date of system commissioning and registration on the MID.

Fraudulent use of Content or an Installation Certificate may result in the User’s account being suspended or terminated.


Links to third party websites on our website are provided solely for your convenience. If you use these links, you will leave our website. MCS has not reviewed all of these third party websites and does not control and is not responsible for them or their content or availability. MCS does not endorse or make any representations about them, or any material found there, or any results that may be obtained from using them. If you decide to access any of the third party websites linked to our website, you do so entirely at your own risk.


The User is granted specific data access rights for the User account, depending on its type and data usage purposes.

By accepting these Terms and Conditions, the User agrees to be acknowledged as a Data Controller in terms of the processing of Installation Owner personal data for the purposes of MID access and usage.

The User commits to comply with all the obligations imposed on a Data Controller under GDPR and , including but not limited to the processing of personal data only for legitimate purposes, to transfer personal data under applicable lawful grounds for specified purposes, not to disclose or allow access to personal data to anyone than permitted recipients, to ensure that permitted recipients are subject to written contractual obligations for confidentiality of personal data and have received appropriate training on their responsibilities, to ensure that appropriate technical and organisational measures are in place for protection of the security (including protection against unauthorised or unlawful Processing and against accidental or unlawful destruction, loss or alteration or damage, unauthorised disclosure of, or access to, personal data), confidentiality and integrity of personal data, and not to transfer any personal data received from the MID outside the European Economic Area unless the safeguards set forth in Articles 26, 45, 46 or 49 are in place.

Pursuant to these Terms and Conditions, the User will timely provide information about the personal data processing to Installation Owners.

User accounts may be suspended if the User, following a written notice from MCS, within 30 days do not terminate the material breach of the GDPR and

The User will promptly inform MCS about the receipt of a Data Subject Request submitted by an Installation Owner and will provide MCS with reasonable assistance in complying with such request. The User must not disclose or release any personal data of an Installation Owner in response to a data subject access request without first consulting the MCS wherever possible.

The User will assist MCS in responding to any request from a data subject and in ensuring compliance with its obligations under GDPR and with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators.

The User will notify MCS without undue delay on becoming aware of any breach of GDPR and DPA.


The User acknowledges and agrees that as between MCS Service Company Ltd and the User, Intellectual Property and other rights subsisting in or used in connection with any Content as a whole and in the components of the MID or Data do not belong to the User and the User shall not acquire any interest in Intellectual Property or any rights in it other than the rights granted to the User in these Terms and Conditions.

Any copying, distribution, storing or transmission of any kind, or any sort of commercial use of the Content is strictly prohibited without MCS Service Company Ltd prior written permission.

The User understands that they may not re-sell nor make available to any third party the whole or any part of the information or services which is provided by MCS Service Company Ltd to the User, including access to the MID and copies of the Data held in the MID.

The User must not remove or obscure the MCS logos, or make any alterations to any documents or printouts provided by MCS Service Company Ltd and arising from the MID, such as the MCS Certificate.


Nothing in these Terms and Conditions shall restrict or exclude MCS Service Company Ltd liability for:

  • Death or personal injury resulting from negligence by MCS Service Company Ltd;
  • Fraud committed by MCS Service Company Ltd; or
  • Any liability which may not be lawfully excluded or limited.

Nothing in these Terms and Conditions affects the User’s statutory rights.

MCS Service Company Ltd shall not be liable to the User for consequential, special or indirect losses, or the following losses whether direct or indirect: loss of profits; loss of revenue; economic loss; loss of business or contracts; loss of anticipated savings or goodwill; loss of data; (or any losses arising from a claim by a third party for any of the above losses) whether arising under contract, tort (including without limitation, negligence), or otherwise.


The User agrees to indemnify, defend, and hold harmless MCS Service Company Ltd, its Affiliates, directors, officers and employees, and BEIS from and against any claim, liability, cost, damage or loss MCS may incur (including, without limitation, legal fees) as a result of any non-performance by the User of the obligations set out in these Terms and Conditions.

The User agrees to indemnify MCS Service Company Ltd against all liabilities, costs, expenses, damages and losses (including but not limited to any direct, indirect or consequential losses, loss of profit, loss of reputation and all interest, penalties and legal costs (calculated on a full indemnity basis) and all other reasonable professional costs and expenses) suffered or incurred by the indemnified party arising out of or in connection with the breach of GDPR by the indemnifying party, its employees or agents, provided that the indemnified party gives to the indemnifier prompt notice of such claim, full information about the circumstances giving rise to it, reasonable assistance in dealing with the claim and sole authority to manage, defend and/or settle it.


MCS Service Company Ltd may change the specification of the MID from time to time and will endeavour to provide reasonable notice to affected parties.


These Terms and Conditions and the content on our Website contain the entire agreement between the User and MCS Service Company Ltd with respect to the subject matter of the Terms and Conditions and shall supersede all other written or oral communications between the User and MCS. The express Terms and Conditions in these Terms and Conditions are in lieu of all warranties, conditions, terms, representations, statements, undertakings and obligations whether express or implied by common law, custom, usage or otherwise all of which are hereby excluded to the fullest extent permitted by law. You hereby confirm that the User has not relied upon any representations, communications or other matters which have not been expressly stated in these Terms and Conditions. Notwithstanding any provision to the contrary, nothing in these Terms and Conditions limits or excludes our liability for fraudulent misrepresentations.


For the purposes of the Contracts (Rights of Third Parties) Act 1999 and notwithstanding any other provision in these Terms and Conditions, these Terms and Conditions are not intending to, and do not, give any person who is not a party to it any right to enforce any of its provisions.


If any provision in these Terms and Conditions is invalid or unenforceable, the remaining provisions will continue in full force and effect.

These Terms and Conditions shall be governed by, and construed in accordance with, English law and any matter claim or dispute arising out of or in connection with this Agreement whether contractual or non-contractual, shall be governed by and determined in accordance with English law.

MCS Service Company Ltd and the User irrevocably submit to the exclusive jurisdiction of the English courts in respect of any claim or dispute arising out of or in connection with these Terms and Conditions.