1.1. “Analytic Tools”- Includes but is not limited to Google Analytics, Firebase, Google AdWords, Google AdSense and other such analytic tools and services.
1.2. “Browser”- Includes but is not limited to various internet browsers including Internet Explorer, Google Chrome, Mozilla Firefox and Safari.
1.3. “Data”- Includes Personal Information (PI), User Information (UI) and Third Party Information (TPI) as defined in Clauses 3.1, 3.2 and 3.3 of this Policy.
1.4.“Digital Platform” or “DP”- Are the platform(s) through which MV provides its services and information. MV’s DP, includes but not limited to; Websites, Mobile apps, MV’s Social Media platform, SaaS developed by MV and Games.
1.5.“DATA PROTECTION LEGISLATION”- Means all applicable data protection and privacy legislation in force from time to time in the UK including the General Data Protection Regulation ((EU) 2016/679); the Data Protection Act 2018; the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended.
1.6.“ICANN”- Is the ‘Internet Corporation for Assigned Names and Numbers’.
1.7.“MV”- Means Mash Virtual which is a company registered in England, under Company Registration Number 10471819 with its principle place of business located at 133 Whitechapel High Street, London E1 7QA.
1.8.“Operating System”- Means operating systems for desktops, laptops and other computers which includes but is not limited to Windows, MacOS and other operating systems for mobile phone and other handheld devices including but not limited to Android and iOS.
1.11.“Service Providers” or “SP”- Includes but is not limited to related companies such as subsidiaries and/or holding company , contractors and sub-contractors, clients, business associates, advertisers, hosting providers, partner programme members, third party service providers, fulfilment partners, payment processing companies, fraud prevention and screening companies, credit and risk management companies, identification and verification companies, mailing house, advertising and social media platforms, search engines, analytics services providers, data processors, technical support providers, recruitment agencies, customer relationship management providers, marketing and advertising service provider, professional advisors, lawyers, chartered accounts, regulators, government and statutory authorities, purchaser or intended purchaser of our businesses including assets including their advisors, court of law, statutory authorities and third party to enforce or defend our rights.
1.13.“User” or “Users”- Refers to anyone who visits our Digital Platform and/or subscribes to the services or other information we offer.
2. Introduction & Security
2.1.MV is committed to safeguard the privacy of the Users of services provided by MV via its Digital Platform. You can contact our Data Protection Officer by email at firstname.lastname@example.org.
2.2.We suggest that registration on our DP is done by individuals who are aged 18 years or above. However, if an individual below the age of 18 registers on our DP, we recommend that it is done with the permission of their parent or guardian. It is the responsibility of the parent or guardians to monitor their child’s use of our Digital Platforms.
2.3.This Policy explains how MV collects the User’s Data, how it is stored, used, shared and what controls the User has over our use of it when you engage our services. This Policy also informs the User about their privacy rights and how the law protects them under the DATA PROTECTION LEGISLATION.
2.4.This Policy is applicable where MV acts the data controller with respect to the Data collected via its Digital Platform and where MV sets out how it handles the User’s Data.
2.5.MV places great importance on the security of all information associated with our Users, customers, clients and contractors. MV has security measures in place to protect against the loss, misuse and alteration of the User’s Data under our control. User Data is anonymised or destroyed securely when no longer required by MV. We retain the information you provide to us to verify various transactions and customer details and to retain adequate records for legal, statutory and accounting purposes. This information is held on secure servers in controlled facilities. Our Digital Platform(s) use a process called Secure Sockets Layer (SSL) technology. SSL locks all critical information passed from you to us in an encrypted envelope, making it extremely difficult for this information to be intercepted. The transfer of information across any media may involve a certain degree of risk, and the internet is no exception. As a result, while we take reasonable steps to protect Users' Data, we cannot ensure or warrant the security of any information transmitted to us or from our Digital Platform. You should be careful and responsible whenever you are online.
2.6.It is your responsibility to protect your username, passwords and other secure information you may need to access your PI on our DP and you are solely responsible for keeping your passwords and/or account information secure and should take all reasonable steps to do so. Please do not share them with anyone and keep changing them frequently. You undertake to treat your password and other confidential information in relation to the use on the Digital Platform confidential and we disclaim any liability arising from your failure to safeguard your confidential information. If you feel your PI has been compromised, you must immediately get in touch with us at ‘email@example.com’.
2.7.We may host your Data on secure servers that could be owned by MV, provided by third party hosting service providers that are managed by us or managed by the third-party service provider. The PI that we store and transmit is protected by security and access controls, including usernames, passwords authentication and two- factor authentication. We also use data encryption where necessary. Our server locations may vary from time to time, but we will maintain the standard security protocols for management, storage and transmission of your PI.
We collect the following information:
3.1.Personal Information (PI) which includes but is not limited to your; name, mobile number, phone number, email ID, mailing address, billing address, date of birth, employment details, national identification document details (including but not limited to Passport, Driver’s Licence, Birth Certificate, Tax Identification Number, country specific national identification number), username, profile pictures and pictures you upload, gender, interests & hobbies, educational details and payment processing information required to purchase our services.
3.2.Usage Information (UI) which includes but is not limited to Cookies, IP address, time zones, user location (geolocation), device type (including but not limited to Desktop, Laptop, Mobile, Tablets, Streaming), Browser, Operating system, Device ID, digital platform navigation (including but not limited to Paths, Page views, Duration & Frequency, Referral link, Usage pattern), services you use and the manner in which you use them(including but not limited to content accessed, time spent, search, posts, follows, share, upload or tag), digital platforms you visit immediately before and after you visit our Digital Platform, Metadata, logs files, error logs, which advertisements you saw or showed interest in, which pop up or push notifications you might have seen or responded, subscriptions, purchases, renewal, survey responses, ratings, comments & reviews, information search and comparison patterns, web analytics data and enquiry information.
3.3.Third Party Information (TPI) which includes but is not limited to PI and other information that we collect from third parties including but not limited to: financial transactions, social media, login, demographic data, fraud detection information and partner programmes (including but not limited to advertising, usage, purchases, subscriptions).
3.4.We also collect information when you:
3.4.1.visit our Digital Platform.
3.4.2.register on the Digital Platform.
3.4.3.use, buy or subscribe to services.
3.4.4.subscribe to updates, notifications, newsletters.
3.4.5.participate in events (including but not limited to conference, exhibition, presentations, focus groups sessions, interactive sessions, workshops, seminars, road shows), competitions and surveys.
3.4.6.provide ratings, reviews, provide feedback and send communication.
3.4.7.are part of primary or secondary research and surveys that we conduct.
3.4.8.provide your Data to our Service Providers.
3.4.9.give consent in any way on our Digital Platform.
3.4.10.interact with us over social media platforms
3.4.11.interact with our representatives over phone, by email or face to face.
3.4.12.apply for job (full time, part time or contractual) with us.
3.4.13.use our Digital Platform using cookies, web beacons, and log information.
4. Use and Disclosers
4.1.Use: The Data we collect from you will be used by us or third parties to whom we disclose and share the information with, for some or all of the following purposes:
4.1.1.to create and maintain your profile you have created with us;
4.1.2.to track your activities on our Digital Platform;
4.1.4.to provide targeted and focused services and information;
4.1.5.to fulfil our contractual obligations as part of the services we offer;
4.1.6.to verify your identity when you register on our Digital Platform and to verify any financial transaction in relation to any purchases or payments you make;
4.1.7.to respond to enquiries, comments, feedback, support requests, general and specific facilitation or dispute resolution;
4.1.8.to provide personalised general communications, advertisements, and marketing communications linked to your consent;
4.1.9.to update you with news, information, changes in services, new features, new services, focused and interest linked information by way of notifications, newsletters or other methods as we deem appropriate;
4.1.10.to run data analytics and technical analytics, statistical analytics, as part of our research activities, improvement activities, reporting activities and future development activities;
4.1.11.for the purpose of risk management, fraud management and malpractices;
4.1.12.for training, service improvement, administrative management and performance management;
4.1.13.for services improvement and developing / introducing new services;
4.1.14.for recruitment and related purposes;
4.1.15.for providing consent linked marketing and sales information, customised services and advertising;
4.1.16.for purposes as required by the law and responding to requests from the appropriate government, statutory authorities, courts of law, law enforcement agencies and conducting investigations;
4.1.17.to publish your profile information as per your consent and registration acceptance;
4.2.1.comply with legal requirements (including but not limited to arbitration, mediation, litigation, investigation, administrative proceedings, government request, court orders).
4.2.2.protect the interest, safety and rights of our Digital Platform.
4.2.3.provide services to you.
4.2.4.provide special offers and customised communication and marketing information.
4.2.5.operate our Digital Platform legally.
4.2.6.perform the services on our behalf.
4.2.7.fulfil the contractual requirements that we have with our SP(s).
4.2.8.provide services to us and to fulfil their obligations under an agreement we have with such SP(s).
4.3.In addition to the above, we may use or disclose your Data:
4.3.1.where you have given your consent to use or disclose it
4.3.2.where we reasonably believe that the use or disclosure is necessary to mitigate, prevent or reduce the risk or threat to health and safety of an individual or public at large.
4.3.3.where we reasonably believe that any/ an unlawful or non-compliant activity has been, is being or may be engaged in and the use or disclosure of your Data is a necessary part of our investigation or in reporting the matter to the relevant authorities or the ICANN.
4.3.4.where we reasonably believe that it is necessary to share your Data with the operators of the registration database services, ‘Whois’, and the users of such services, if required for the legitimate interests pursued by the controller or by a third party.
4.3.5.to escrow Service Provider(s) and/or backup storage providers to ensure business continuity.
4.3.6.to ensure data accuracy and to prevent unlawful use of our services, we may use third-party verification service providers to check the Data you have provided. To assess our business operations, we may also provide access to your Data to our auditors.
5. Change of purpose:
We will seek your consent prior to using your Data in a manner for which we have not sought consent from you in advance. You will have the right to refuse such consent in which case we may not be able to provide certain information, details, offers or services that may be linked to the consent from you.
6. International Transfer of Data
6.1.To be able to fulfil our obligations with our Users when interacting on our Digital Platform and providing them high quality services, we will be required to transfer your Data internationally. Such international sharing could mean sharing information:
6.1.1.with our offices (including the office of our subsidiary companies, associate companies, holding companies, group companies).
6.1.2.with our hosting providers.
6.1.3.with our suppliers, contractors and all other listed under Clause 1.11 of this Policy.
6.1.4with the world at large when you consent to make your PI public through our Digital Platform as we cannot prevent the use (or misuse) of such PI by others.
6.2.When sharing the information overseas we will seek confirmation from our SP regarding their compliance with the DATA PROTECTION LEGISLATION for the information they receive from MV. In case the SP is unable to provide confirmation of their compliance with the DATA PROTECTION LEGISLATION, then MV will not share your Data with such SP(s).
7. Retention and Deletion
This clause sets out our data retention and deletion policies and procedures, which are designed to help ensure that we comply with our legal obligations.
7.1.We retain your Data:
7.1.1.for as long as is necessary to provide services to you and others;
7.1.2.to fulfil our obligation under purchase of services that you may have done;
7.1.3.to comply with all legal obligations;
7.1.4.to comply with all reporting, statutory and regulatory requirements;
7.1.5.to fulfil our other contractual obligations with our associates and third parties
7.2.To determine the appropriate retention period for you Data, we consider the amount, nature, and sensitivity of the Data, the potential risk of harm from unauthorised use or disclosure of your Data, the purposes for which we process your Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
7.3.In cases where your Data is used by us in an anonymous manner for the purpose of research & analysis and preparation of reports we may use the information indefinitely without further notice to you.
8. Your Rights
This clause sets out the rights you have under the DATA PROTECTION LEGISLATION. Some rights are complex, and we may not have been able to detail them in this Policy. Accordingly, we suggest you to read the relevant laws and seek guidance from the appropriate regulatory authorities to make yourself fully aware of your rights and duties under the law.
8.1.Your key rights under the DATA PROTECTION LEGISLATION include but are not limited to the right to:
8.1.10.object to automated decision-making and profiling.
8.2.You can access and edit your PI from the Digital Platform and will have the right to view, edit your PI and related permissions.
8.3.You have the right to ask us to share your PI that we hold.
8.4.You have the right to erasure and can request us to erase your PI that we hold. However, there are general exclusions which means we may retain some Data even if you withdraw your consent for reasons including, but not limited to legal and contractual obligations placed on us, legal and/or statutory compliance, exercise or defence of legal claims, fulfilment of any contractual obligations with you. You can also close your account with us via our Digital Platform.
8.5.In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are
8.5.1.You contest the accuracy of the PI.
8.5.2.Processing is unlawful, but you oppose erasure.
8.5.3.We no longer need the Data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims.
8.5.4.You have objected to processing, pending the verification of that objection.
8.6.Where processing has been restricted on the basis of any of the circumstances enumerated in Clause 8.5 of this Policy, we may continue to store your Data. However, we will only otherwise process it with your consent for:
8.6.1.the establishment, exercise or defence of legal claims;
8.6.2.for the protection of the rights of another natural or legal person;
8.6.3.reasons of important public interest.
8.7.You have the right to object to our processing of your Data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for; the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process your PI unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
8.8.You have the right to object to our processing of your Data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your Data for this purpose.
8.9.You have the right to complain of any misuse of your PI to the appropriate statutory and/or government authority responsible for data protection in the EU, EU member state, your place of residence, your place of work or the place of the alleged infringement.
8.10.To the extent where the legal basis for our processing of your PI is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of the Data processed before such withdrawal.
8.11.You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
8.12.We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
9. Third Party Links
9.2.Your browsing and interaction on any other platforms or websites, or your dealings with any other third-party service provider, is subject to that third party service provider’s own rules and policies.
9.3.We do not monitor, control, or endorse the privacy practices of any third parties.
9.4.We encourage you to become familiar with the privacy practices of every platform or website you visit or third party service provider that you deal with and to contact them if you have any questions about their respective privacy policies and practices.
10.2.In general, we use the following types of cookie:
10.2.1.Strictly Necessary Cookies: These are cookies that are required for the operation of our Digital Platform.
10.2.2.Analytical / Performance Cookies: These allow us to recognise and count the number of visitors and see how visitors move around our Digital Platform when they are using it. This helps us to improve the way our Digital Platform works, for example, by ensuring that Users can find what they are looking for easily.
10.2.3.Functionality Cookies: These are used to improve the functional performance of the Digital Platform and make it easier for you to use.
10.2.4.Targeting Cookies: These cookies record your visit to our Digital Platform and your browsing habits, such as the pages you have visited and the links you have followed. They are used to deliver advertising which is more relevant to your interests and also may be used to limit the number of times that you see an advertisement. They may be placed by us or by advertising networks with our permission. Please note, these cookies do not contain any of your PI.
10.5.Cookies used by our Service Providers
10.5.2.We may use Google Analytics, Firebase or other Analytic Tools to analyse the use of our Digital Platform. Google Analytics gathers information about Digital Platform use by means of cookies. The information gathered relating to our Digital Platform is used to create reports about the use of our Digital Platform.
11. Updates and Amendments
11.1.We will need to edit, change, modify this Policy from time to time to ensure that it stays up to date with the latest legal requirements and to meet the changes to MV’s privacy management processes.