This Privacy Policy comes into effect from 20th March 2020.
1. Definitions
1.1. “Analytic Tools”- Includes but is not limited to Google Analytics, Firebase, Google AdWords, Google AdSense and other such analytic tools and services.
1.2. “Browser”- Includes but is not limited to various internet browsers including Internet Explorer, Google Chrome, Mozilla Firefox and Safari.
1.3. “Data”- Includes Personal Information (PI), User Information (UI) and Third-Party Information (TPI) as defined in Clauses 3.1, 3.2 and 3.3 of this Policy.
1.4.“Digital Platform” or “DP”- Are the platform(s) through which MV provides its services and information. MV’s DP, includes but not limited to; Websites, Mobile apps, MV’s Social Media platform, SaaS developed by MV and Games.
1.5.“DATA PROTECTION LEGISLATION”- Means all applicable data protection and privacy legislation in force from time to time in the UK including the General Data Protection Regulation ((EU) 2016/679); the Data Protection Act 2018; the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended.
1.6.“ICANN”- Is the ‘Internet Corporation for Assigned Names and Numbers’.
1.7.“MV”- Means Mash Virtual which is a company registered in England, under Company Registration Number 10471819 with its principle place of business located at 133 Whitechapel High Street, London E1 7QA.
1.8.“Operating System”- Means operating systems for desktops, laptops and other computers which includes but is not limited to Windows, MacOS and other operating systems for mobile phone and other handheld devices including but not limited to Android and iOS.
1.9.“Personal Information” or “PI”- Shall have the meaning as given in Clause 3.1 of this Privacy Policy.
1.10.“Policy” or “Privacy Policy”- Refers to this privacy policy of MV.
1.11.“Service Providers” or “SP”- Includes but is not limited to related companies such as subsidiaries and/or holding company , contractors and sub-contractors, clients, business associates, advertisers, hosting providers, partner programme members, third party service providers, fulfilment partners, payment processing companies, fraud prevention and screening companies, credit and risk management companies, identification and verification companies, mailing house, advertising and social media platforms, search engines, analytics services providers, data processors, technical support providers, recruitment agencies, customer relationship management providers, marketing and advertising service provider, professional advisors, lawyers, chartered accounts, regulators, government and statutory authorities, purchaser or intended purchaser of our businesses including assets including their advisors, court of law, statutory authorities and third party to enforce or defend our rights.
1.12.“Terms of use”, “User Terms” or “Terms and Conditions”- Refers to the rules and regulations for using our Digital Platform owned by MV unless a separate privacy policy and terms of use are provided.
1.13.“User” or “Users”- Refers to anyone who visits our Digital Platform and/or subscribes to the services or other information we offer.
2. Introduction & Security
2.1.MV is committed to safeguard the privacy of the Users of services provided by MV via its Digital Platform. You can contact our Data Protection Officer by email at security@mashvirtual.com.
2.2.We suggest that registration on our DP is done by individuals who are aged 18 years or above. However, if an individual below the age of 18 registers on our DP, we recommend that it is done with the permission of their parent or guardian. It is the responsibility of the parent or guardians to monitor their child’s use of our Digital Platforms.
2.3.This Policy explains how MV collects the User’s Data, how it is stored, used, shared and what controls the User has over our use of it when you engage our services. This Policy also informs the User about their privacy rights and how the law protects them under the DATA PROTECTION LEGISLATION.
2.4.This Policy is applicable where MV acts the data controller with respect to the Data collected via its Digital Platform and where MV sets out how it handles the User’s Data.
2.5.MV places great importance on the security of all information associated with our Users, customers, clients and contractors. MV has security measures in place to protect against the loss, misuse and alteration of the User’s Data under our control. User Data is anonymised or destroyed securely when no longer required by MV. We retain the information you provide to us to verify various transactions and customer details and to retain adequate records for legal, statutory and accounting purposes. This information is held on secure servers in controlled facilities. Our Digital Platform(s) use a process called Secure Sockets Layer (SSL) technology. SSL locks all critical information passed from you to us in an encrypted envelope, making it extremely difficult for this information to be intercepted. The transfer of information across any media may involve a certain degree of risk, and the internet is no exception. As a result, while we take reasonable steps to protect Users' Data, we cannot ensure or warrant the security of any information transmitted to us or from our Digital Platform. You should be careful and responsible whenever you are online.
2.6.It is your responsibility to protect your username, passwords and other secure information you may need to access your PI on our DP and you are solely responsible for keeping your passwords and/or account information secure and should take all reasonable steps to do so. Please do not share them with anyone and keep changing them frequently. You undertake to treat your password and other confidential information in relation to the use on the Digital Platform confidential and we disclaim any liability arising from your failure to safeguard your confidential information. If you feel your PI has been compromised, you must immediately get in touch with us at ‘security@mashvirtual.com’.
2.7.We may host your Data on secure servers that could be owned by MV, provided by third party hosting service providers that are managed by us or managed by the third-party service provider. The PI that we store and transmit is protected by security and access controls, including usernames, passwords authentication and two- factor authentication. We also use data encryption where necessary. Our server locations may vary from time to time, but we will maintain the standard security protocols for management, storage and transmission of your PI.
2.8.MV may amend this Privacy Policy on one or more occasions by posting a revised statement on its Digital Platform. You should check the Digital Platform periodically to review such changes. We will notify you of any significant changes to this Policy via email, notifications or by other means of communication using the contact details registered on our Digital Platform.
3. Collection
We collect the following information:
3.1.Personal Information (PI) which includes but is not limited to your; name, mobile number, phone number, email ID, mailing address, billing address, date of birth, employment details, national identification document details (including but not limited to Passport, Driver’s Licence, Birth Certificate, Tax Identification Number, country specific national identification number), username, profile pictures and pictures you upload, gender, interests & hobbies, educational details and payment processing information required to purchase our services.
3.2.Usage Information (UI) which includes but is not limited to Cookies, IP address, time zones, user location (geolocation), device type (including but not limited to Desktop, Laptop, Mobile, Tablets, Streaming), Browser, Operating system, Device ID, digital platform navigation (including but not limited to Paths, Page views, Duration & Frequency, Referral link, Usage pattern), services you use and the manner in which you use them(including but not limited to content accessed, time spent, search, posts, follows, share, upload or tag), digital platforms you visit immediately before and after you visit our Digital Platform, Metadata, logs files, error logs, which advertisements you saw or showed interest in, which pop up or push notifications you might have seen or responded, subscriptions, purchases, renewal, survey responses, ratings, comments & reviews, information search and comparison patterns, web analytics data and enquiry information.
3.3.Third Party Information (TPI) which includes but is not limited to PI and other information that we collect from third parties including but not limited to: financial transactions, social media, login, demographic data, fraud detection information and partner programmes (including but not limited to advertising, usage, purchases, subscriptions).
3.4.We also collect information when you:
3.4.1.visit our Digital Platform.
3.4.2.register on the Digital Platform.
3.4.3.use, buy or subscribe to services.
3.4.4.subscribe to updates, notifications, newsletters.
3.4.5.participate in events (including but not limited to conference, exhibition, presentations, focus groups sessions, interactive sessions, workshops, seminars, road shows), competitions and surveys.
3.4.6.provide ratings, reviews, provide feedback and send communication.
3.4.7.are part of primary or secondary research and surveys that we conduct.
3.4.8.provide your Data to our Service Providers.
3.4.9.give consent in any way on our Digital Platform.
3.4.10.interact with us over social media platforms.
3.4.11.interact with our representatives over phone, by email or face to face.
3.4.12.apply for job (full time, part time or contractual) with us.
3.4.13.use our Digital Platform using cookies, web beacons, and log information.
4. Use and Disclosers
4.1.Use: The Data we collect from you will be used by us or third parties to whom we disclose and share the information with, for some or all of the following purposes:
4.1.1.to create and maintain your profile you have created with us;
4.1.2.to track your activities on our Digital Platform;
4.1.3.to enhance the overall quality of the Digital Platform, the user experience and services and to monitor the Digital Platform for any potentially fraudulent activities, hacking attempts and compliance with the Terms of Use;
4.1.4.to provide targeted and focused services and information;
4.1.5.to fulfil our contractual obligations as part of the services we offer;
4.1.6.to verify your identity when you register on our Digital Platform and to verify any financial transaction in relation to any purchases or payments you make;
4.1.7.to respond to enquiries, comments, feedback, support requests, general and specific facilitation or dispute resolution;
4.1.8.to provide personalised general communications, advertisements, and marketing communications linked to your consent;
4.1.9.to update you with news, information, changes in services, new features, new services, focused and interest linked information by way of notifications, newsletters or other methods as we deem appropriate;
4.1.10.to run data analytics and technical analytics, statistical analytics, as part of our research activities, improvement activities, reporting activities and future development activities;
4.1.11.for the purpose of risk management, fraud management and malpractices;
4.1.12.for training, service improvement, administrative management and performance management;
4.1.13.for services improvement and developing / introducing new services;
4.1.14.for recruitment and related purposes;
4.1.15.for providing consent linked marketing and sales information, customised services and advertising;
4.1.16.for purposes as required by the law and responding to requests from the appropriate government, statutory authorities, courts of law, law enforcement agencies and conducting investigations;
4.1.17.to publish your profile information as per your consent and registration acceptance;
4.1.18.to enforce our Terms of Use.
4.2.Disclosure: We may need to share and disclose your Data with our Service Providers. Service Providers, as defined in Clause 1.11. of this Policy, will act as the data controller and may share their privacy policy (which will govern their deliveries) with you to fulfil our obligations who we believe in good faith that sharing information is necessary to:
4.2.1.comply with legal requirements (including but not limited to arbitration, mediation, litigation, investigation, administrative proceedings, government request, court orders).
4.2.2.protect the interest, safety and rights of our Digital Platform.
4.2.3.provide services to you.
4.2.4.provide special offers and customised communication and marketing information.
4.2.5.operate our Digital Platform legally.
4.2.6.perform the services on our behalf.
4.2.7.fulfil the contractual requirements that we have with our SP(s).
4.2.8.provide services to us and to fulfil their obligations under an agreement we have with such SP(s).
4.3.In addition to the above, we may use or disclose your Data:
4.3.1.where you have given your consent to use or disclose it
4.3.2.where we reasonably believe that the use or disclosure is necessary to mitigate, prevent or reduce the risk or threat to health and safety of an individual or public at large.
4.3.3.where we reasonably believe that any/ an unlawful or non-compliant activity has been, is being or may be engaged in and the use or disclosure of your Data is a necessary part of our investigation or in reporting the matter to the relevant authorities or the ICANN.
4.3.4.where we reasonably believe that it is necessary to share your Data with the operators of the registration database services, ‘Whois’, and the users of such services, if required for the legitimate interests pursued by the controller or by a third party.
4.3.5.to escrow Service Provider(s) and/or backup storage providers to ensure business continuity.
4.3.6.to ensure data accuracy and to prevent unlawful use of our services, we may use third-party verification service providers to check the Data you have provided. To assess our business operations, we may also provide access to your Data to our auditors.
4.4.We do not permit our third-party Service Providers and all others as listed under Clause 1.11 of this Policy to use your Data for their own purposes and only permit them to process your Data for specific purposes as detailed in this Privacy Policy and in accordance with our instructions and agreements with them.
4.5.If you make your Data available to other people, we cannot control or accept responsibility for the way they will use or manage that data. There are several ways that you can find yourself providing information to other people, like when you post a public message on a forum thread, share information via social media, or make contact with another User (such as a third-party Author) whether via our Digital Platform or directly via email or other messaging tools. Before making your information publicly available or sharing your information with anyone else, think carefully. If sharing information with another User via our Digital Platform, ask them how they will handle your information. If you are sharing information via another digital platform, check the privacy policy for that digital platform to understand its information management practices as this Privacy Policy will not apply.
5. Change of purpose:
We will seek your consent prior to using your Data in a manner for which we have not sought consent from you in advance. You will have the right to refuse such consent in which case we may not be able to provide certain information, details, offers or services that may be linked to the consent fromyou.
6. International Transfer of Data
6.1.To be able to fulfil our obligations with our Users when interacting on our Digital Platform and providing them high quality services, we will be required to transfer your Data internationally. Such international sharing could mean sharing information:
6.1.1.with our offices (including the office of our subsidiary companies, associate companies, holding companies, group companies).
6.1.2.with our hosting providers.
6.1.3.with our suppliers, contractors and all other listed under Clause 1.11 of this Policy.
6.1.4with the world at large when you consent to make your PI public through our Digital Platform as we cannot prevent the use (or misuse) of such PI by others.
6.2.When sharing the information overseas we will seek confirmation from our SP regarding their compliance with the DATA PROTECTION LEGISLATION for the information they receive from MV. In case the SP is unable to provide confirmation of their compliance with the DATA PROTECTION LEGISLATION, then MV will not share your Data with such SP(s).
7. Retention and Deletion
This clause sets out our data retention and deletion policies and procedures, which are designed to help ensure that we comply with our legal obligations.
7.1.We retain your Data:
7.1.1.for as long as is necessary to provide services to you and others;
7.1.2.to fulfil our obligation under purchase of services that you may have done;
7.1.3.to comply with all legal obligations;
7.1.4.to comply with all reporting, statutory and regulatory requirements;
7.1.5.to fulfil our other contractual obligations with our associates and third parties.
7.2.To determine the appropriate retention period for you Data, we consider the amount, nature, and sensitivity of the Data, the potential risk of harm from unauthorised use or disclosure of your Data, the purposes for which we process your Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
7.3.In cases where your Data is used by us in an anonymous manner for the purpose of research & analysis and preparation of reports, we may use the information indefinitely without further notice to you.
8. Your Rights
This clause sets out the rights you have under the DATA PROTECTION LEGISLATION. Some rights are complex, and we may not have been able to detail them in this Policy. Accordingly, we suggest you read the relevant laws and seek guidance from the appropriate regulatory authorities to make yourself fully aware of your rights and duties under the law.
8.1.Your key rights under the DATA PROTECTION LEGISLATION include but are not limited to the right to:
8.1.1.be informed;
8.1.2.access;
8.1.3.rectification;
8.1.4.erasure;
8.1.5.restrict processing;
8.1.6.object processing;
8.1.7.data portability;
8.1.8.object;
8.1.9.withdraw consent;
8.1.10.object to automated decision-making and profiling.
8.2. You can access and edit your PI from the Digital Platform and will have the right to view, edit your PI and related permissions.
8.3.You have the right to ask us to share your PI that we hold.
8.4.You have the right to erasure and can request us to erase your PI that we hold. However, there are general exclusions which means we may retain some Data even if you withdraw your consent for reasons including, but not limited to legal and contractual obligations placed on us, legal and/or statutory compliance, exercise or defence of legal claims, fulfilment of any contractual obligations with you. You can also close your account with us via our Digital Platform.
8.5.In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are:
8.5.1.You contest the accuracy of the PI.
8.5.2.Processing is unlawful, but you oppose erasure.
8.5.3.We no longer need the Data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims.
8.5.4.You have objected to processing, pending the verification of that objection.
8.6.Where processing has been restricted on the basis of any of the circumstances enumerated in Clause 8.5 of this Policy, we may continue to store your Data. However, we will only otherwise process it with your consent for:
8.6.1.the establishment, exercise or defence of legal claims;
8.6.2.for the protection of the rights of another natural or legal person;
8.6.3.reasons of important public interest.
8.7.You have the right to object to our processing of your Data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for; the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process your PI unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
8.8.You have the right to object to our processing of your Data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your Data for this purpose.
8.9.You have the right to complain of any misuse of your PI to the appropriate statutory and/or government authority responsible for data protection in the EU, EU member state, your place of residence, your place of work or the place of the alleged infringement.
8.10.To the extent where the legal basis for our processing of your PI is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of the Data processed before such withdrawal.
8.11.You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
8.12.We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
9. Third Party Links
9.1.Our Digital Platform may contain links to third party services. Please remember that when you use a link to go to another platform or website or you request a service from a third party, this privacy policy no longer applies.
9.2.Your browsing and interaction on any other platforms or websites, or your dealings with any other third-party service provider, is subject to that third-party service provider’s own rules and policies.
9.3.We do not monitor, control, or endorse the privacy practices of any third parties.
9.4.We encourage you to become familiar with the privacy practices of every platform or website you visit or third-party service provider that you deal with and to contact them if you have any questions about their respective privacy policies and practices.
9.5.This privacy policy applies solely to personal information collected by us through our Digital Platform and functionality.
10. Cookies
10.1.Just like many other digital platform operators, we also use standard technology called ‘cookies’ on our Digital Platforms. A cookie is a file containing information that is stored on a web browser onyour device’s storage. Cookies are mostly used to improve your access and use of our Digital Platform and services. Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not typically contain any information that personally identifies a user, but Data that we store about you may be linked to the information stored in and obtained from cookies. MV and its SP(s) may use cookies, web beacons and other similar technologies for storing information when you access the Digital Platform. Cookies and similar technologies on our Digital Platforms allow us to track your browsing behaviour, links clicked, items purchased, your device type, and to collect various data, including analytics, about how you use and interact with our services. Most web browsers automatically accept cookies, but you may set your browser to block cookies (consult the instructions for your particular browser on how to do this). Please note that if you decide to block cookies, this may interfere with your ability to use certain functionalities of our Digital Platform and/or the services.
10.2.In general, we use the following types of cookie:
10.2.1.Strictly Necessary Cookies: These are cookies that are required for the operation of our Digital Platform.
10.2.2.Analytical / Performance Cookies: These allow us to recognise and count the number of visitors and see how visitors move around our Digital Platform when they are using it. This helps us to improve the way our Digital Platform works, for example, by ensuring that Users can find what they are looking for easily.
10.2.3.Functionality Cookies: These are used to improve the functional performance of the Digital Platform and make it easier for you to use.
10.2.4.Targeting Cookies: These cookies record your visit to our Digital Platform and your browsing habits, such as the pages you have visited and the links you have followed. They are used to deliver advertising which is more relevant to your interests and also may be used to limitthe number of times that you see an advertisement. They may be placed by us or by advertising networks with our permission. Please note, these cookies do not contain any of your PI.
10.3.We use cookies for the purposes but not limited to:
10.3.1.Authentication purposes: we use cookies to identify you when you visit our Digital Platform and as you navigate on it.
10.3.2.Status purposes: we use cookies to help us determine, if you are logged into our Digital Platform.
10.3.3.Personalisation purposes: we use cookies to store information about your preferences and to personalise the Digital Platform experience.
10.3.4.Security purposes: we use cookies as an element of the security measures used to protect User accounts, including preventing fraudulent use of login credentials, and to protect our Digital Platform and services.
10.3.5.Advertising purposes: we use cookies to help us to display advertisements and other promotional information that may be relevant to you.
10.3.6.Analysis purposes: we use cookies to help us to analyse the use and performance of our website and services.
10.3.7.Consent purposes: we use cookies to store your preferences in relation to the use of cookies.
10.4.By continuing to use our Digital Platform without choosing to delete/block cookies, you agree that we can place these types of cookies on your device. You can manage cookies by activating the setting on your internet browser that allows you to refuse the setting of all or some cookies. Please note, if you refuse cookies this may mean that you can’t use some of the additional features of our website and may not be able to access certain parts of the website.
10.5.Cookies used by our Service Providers
10.5.1.Our Service Providers use cookies and those cookies may be stored on your computer when you visit our Digital Platform.
10.5.2.We may use Google Analytics, Firebase or other Analytic Tools to analyse the use of our Digital Platform. Google Analytics gathers information about Digital Platform use by means of cookies. The information gathered relating to our Digital Platform is used to create reports about the use of our Digital Platform.
10.5.3.We may use Google AdWords, a web analytics and search engine advertising campaign management service. Google AdWords uses cookies, web beacons, and other means to help us analyse how Users use the site.
10.5.4.We may publish Google AdSense interest-based advertisements on our Digital Platform. These are tailored by Google to reflect your interests. To determine your interests, Google will track your behaviour on our Digital Platform and on other digital platforms across the web using cookies. You can view, delete or add interest categories associated with your browser by visiting: https://adssettings.google.com. You can also opt out of the AdSense partner network cookie using those settings or using the Network Advertising Initiative's multi-cookie opt-out mechanism at: http://optout.networkadvertising.org. However, these opt-out mechanisms themselves use cookies, and if you clear the cookies from your browser your opt-out will not be maintained. To ensure that an opt- out is maintained in respect of a particular browser, you may wish to consider using the Google browser plug-ins available at: https://support.google.com/ads/answer/7395996.
11. Updates and Amendments
11.1.We will need to edit, change, modify this Policy from timeto time to ensure that it stays up to date with the latest legal requirements and to meet the changes to MV’s privacy management processes.
11.2.When any such changes are made to this Policy, we will make sure to notify you about such changes, where necessary and where required. We encourage you to always read and be updated with ourlatest Privacy Policy at all times that you use our Digital Platform.