MoneyMatrix Limited (also referred to as “we,” “us,” or “our,” “Data Controller”) acts in its capacity of data controller in terms of the EU Regulation 2016/679, determining the purposes and means of the processing of your personal data.
Please see Section 7 for contact details of the Data Controller.
2. INFORMATION WE COLLECT
When you contact us we ask you to fill the contact form with your name, email, phone number, Skype ID. We process this data for the purpose of providing you a support and information service and in order to maintain accurate records of the information that we have received from you, given our legitimate interest in conducting our business and improving the Website and our users’ experience, and in some cases in order to take the first step for entering into a contract with you.
4. HOW WE USE INFORMATION WE COLLECT
We use, store, and process information, including personal information, about you, to:
* Provide customer service.
* Contact you in relation to promotions, products or services that you may be interested in from time to time, but only where you have consented to receive such marketing communications. * Carry out certain profiling of you and your activity on the Website in order to personalise, measure, and improve our marketing and to send you more relevant marketing communications.
In such cases we will process your personal information for the purposes listed in this section given our legitimate interest in undertaking marketing activities to offer you products or services that may be of your interest. You can always opt-out of receiving marketing communications from us by following the unsubscribe instructions included in each of our marketing communications.
5. SHARING AND DISCLOSURE
5.1. COMPLIANCE WITH LAW, RESPONDING TO LEGAL REQUESTS, PREVENTING HARM AND PROTECTION OF OUR RIGHTS.
We may disclose your information, including personal information, to courts, law enforcement or governmental authorities, or authorized third parties, if and to the extent we are required or permitted to do so by law or if such disclosure is reasonably necessary: (i) to comply with our legal obligations, (ii) to comply with legal process and to respond to claims asserted against us, (iii) to respond to requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability.
The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights and proper protection of our business against risks.
5.2. THIRD PARTIES SERVICE PROVIDERS
We can use third party service providers to help us provide services related to the Website and the payment services. Service providers may be located inside or outside of the European Economic Area (“EEA”).
You can always contact us to receive the full list of our service providers which process your data.
5.3. CORPORATE AFFILIATE
We may share your information, including personal information, to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy.
5.4. AGGREGATED DATA
We may also share aggregated information (information about our users that we combine together so that it no longer identifies or references an individual user) and other anonymized information for regulatory compliance, industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
5.5. BUSINESS TRANSFERS
6. DATA SUBJECT RIGHTS
Under the General Data Protection Regulation, you have the right to access, rectify, port and delete some of your data. You also have the right to object to and restrict certain processing of your data. This is a case-by-case determination that depends on things such as the nature of the data, why it is collected and processed, and relevant legal or operational retention needs.
You may exercise any of the rights described in this section before your Data Controller by sending an email to email@example.com. Please note that we may ask you to verify your identity before taking further action on your request.
Please be aware that whilst we will try to accommodate any request you make in respect of your rights they are not absolute rights. This means that we may have to refuse your request or may only be able to comply with it in part.
6.1. RECTIFICATION OF INACCURATE OR INCOMPLETE INFORMATION
You have the right to ask us to correct inaccurate or incomplete personal information concerning you.
6.2. DATA ACCESS AND PORTABILITY
You have the right to access your personal data held by us and a right to receive certain personal data in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible).
6.3. DATA RETENTION AND ERASURE
We will retain your personal data for the period necessary to perform the contract between you and us and to comply with our legal obligations. Where it is no longer necessary to process your personal data, it will be deleted. Please note, however, that we may be subject to legal and regulatory requirements to keep personal data for a longer period.
You have the right to have certain personal data erased where it is no longer necessary for us to process it, where you have withdrawn your consent pursuant to paragraph 6.4, where you have objected pursuant to paragraph 6.5, where your personal data has been unlawfully processed, or where erasing your personal data is required in accordance with a legal obligation.
However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
6.4. WITHDRAWING CONSENT AND RESTRICTION OF PROCESSING
Where we have specifically requested your consent to process your personal data and have no other lawful conditions to rely on, you have the right to withdraw this consent at any time by changing your Account settings or by sending a communication to firstname.lastname@example.org specifying which consent you are withdrawing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal.
Additionally, applicable law may give you the right to limit the ways in which we use your personal information, in particular where (i) you contest the accuracy of your personal information; (ii) the processing is unlawful and you oppose the erasure of your personal information; (iii) we no longer need your personal information for the purposes of the processing, but you require the information for the establishment, exercise or defence of legal claims; or (iv) you have objected to the processing pursuant to next section and pending the verification whether the legitimate grounds of the Data Controller override your own.
6.5. OBJECTION TO PROCESSING
You have the right to object to processing where lawful basis is that it is in our legitimate interests, but please note that we may still process your personal data where there are other relevant lawful bases or where we have compelling grounds to continue processing your personal data in our interests which are not overridden by your rights, interests or freedoms;
You also have the right to object to direct marketing, which can be done by opting-out of direct marketing either via your Account settings or by opting out via the communication itself. You also have a right to object to any profiling to the extent that it relates to direct marketing only.
6.6. LODGING COMPLAINTS
You have the right to lodge complaints about the data processing activities carried out by the Data Controller before the competent data protection authorities. Please refer to Section 7 for further information.
7. OVERSEAS TRANSFER OF YOUR INFORMATION
For example, we may share your information with The Rocket Science Group, LLC (MailChimp) located in the United States for the provision of marketing email service. Mailchimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework.
You can always contact us to receive the full list of our service providers outside of the EEA which process your data.
8. CONTACT US
If you have questions about this Policy or our information handling practices, or If you are seeking to exercise any of your rights under Data Protection Laws, please contact our Data Protection Officer at: email@example.com.
The Data Controller responsible for your information is MoneyMatrix Limited, reg no. C 64593, which you can contact online through our website “Contact Us” form” or by post at:
Level 3A, St. Julian’s Business Tower, Triq Elija Zammit, St. Julian’s, STJ 3155 Malta.
9. FILING A COMPLAINT
If you are not satisfied with how we manage your personal data, you also have the right to lodge a complaint with your local Data Protection Authority.