If you are an existing Advertiser of the Website where we have a legitimate interest in communicating with you, or if you have given us your consent, we will collect and process your personal data to communicate with you in case of support and/or sending newsletters, push-messages and calls to keep you in touch with our new features, news and events and the efficient provision of the full scope of our services. We will also use your data to send you marketing information regarding our services that we believe may be of interest to you via email or otherwise.
Our Website is not intended for children and we do not knowingly collect data relating to children. As we do not allow users under the age of 18 to use our services, we need to obtain your birth date in order to confirm the Clients' age checks.
5. OPTING OUT If you don't want to receive any marketing newsletters or transmit your data to third-parties for marketing purposes, you can configure your preferences. Such configuring can be done by sending to the Company, at any time, an email to info@themarketingangels.com, using the registered email address you disclosed and registered with us through your Account, asking the Company to cease from sending such advertising content or sending your data to third-parties for marketing purposes. The aforesaid mark removal and/or e-mail received by MA will oblige us to cease sending advertisement content to you within 7 (seven) business days.
6. DISCLOSURE OF DATA A. We may disclose your data with our Clients. We strive to maintain discretion with respect to Advertiser related matters and assessments of which we acquire knowledge. We may disclose data that concerns you only if (i) we are legally required to do so; (ii) if required when you expressly order us to process a transaction or any other service and (iii) it is required for the provision of our services under our contractual relationship and/or (iv) protection of our legitimate interests, in accordance with the provisions of the GDPR and applicable local legislation as amended from time to time.
B. We may share your data with third parties for the purposes set out above. We require third parties processing data on our behalf to respect your data and to treat it in accordance with the provisions of the GDPR and applicable local legislation as amended from time to time. We take all reasonable steps so that our third-party service providers do not use your personal data for their own purposes and only permit them to process your data for specific purposes and in accordance with our instructions.
C. External Third Parties. Your data is shared with third party organizations/entities including but not limited to:
•
Service Providers. We may share your data with our trusted third-party service providers, who, on our behalf, operate, maintain, and/or support our IT systems and IT infrastructure, our websites, manage our payment solutions, perform statistical analysis, marketing and advertising purposes, sending newsletters, provide customer support and perform other important services for us.
•
Regulator and state authorities. The Advertiser's data that is provided and/or that will be provided by the Advertiser during his/her activity on the site may be disclosed by the Company to official authorities. The Company will make such disclosure only if required to be disclosed by the Company by applicable law, regulation or court order and to the minimum required extent.
•
Other disclosures. In addition to where you have consented to a disclosure of the data or where disclosure is necessary to achieve the purpose(s) for which, it was collected, data may also be disclosed in special situations, where we have reason to believe that doing so is necessary to identify, contact or bring legal action against anyone damaging, injuring, or interfering (intentionally or unintentionally) with our rights or property, users, or anyone else who could be harmed by such activities, or otherwise where necessary for the establishment, exercise or defense of legal claims.
• In addition, a transfer of your data to another legal entity may occur as part of a transfer of our business or parts thereof in the form of a reorganization, sale of assets, consolidation, merger or similar.
Where reasonably possible, management shall ensure that third parties collecting, storing or processing personal information on behalf of the Company have:
a. Signed agreements to protect personal information consistent with this Privacy Policy and information security practices or implemented measures as prescribed by GDPR;
b. Signed non-disclosure agreements or confidentiality agreements which includes privacy clauses in the contract; and
c. Established procedures to meet the terms of their agreement with third parties to protect personal information.
•
International Transfers. The use of service providers and disclosure of your data to other related companies and/or third parties might imply a transfer of your data to third countries, which may not fall within ambit of the GDPR (so called
Third Countries).
a. In such cases, we require that all recipients of your data provide appropriate safeguards to protect your data, when it is transferred to Third Countries, through the adherence to standard data protection clauses adopted by the EU Commission (cf. the GDPR article 46(2) and/or binding corporate rules adopted by the EU Commission (cf. GDPR article 47). A transfer to a related company and/or third party based in a Third Country would only take place where one of the following applies:
1. The individual has given consent to the transfer of information.
2. The transfer is necessary for the performance of a contract between the individual and the Company, or the implementation of pre-contractual measures taken in response to the individual's request.
3. The transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between the Company and a third party.
4. The transfer is necessary or legally required on important public interest grounds or for the establishment, exercise or defense of legal claims.
5. The transfer is required by law.
6. The transfer is necessary in order to protect the vital interests of the individual.
7. The transfer is made under a data transfer agreement.
8. The transfer is otherwise legitimized by applicable law.
b. Remedial action shall be taken in response to misuse or unauthorized disclosure of personal information by a third party collecting, storing or processing personal information on behalf of MA.
If you want to obtain further information on any data transfers mentioned above please contact us using the registered email address you disclosed and registered with us through your Account through the points of contact listed in the Section OUR CONTACT DETAILS below.
7. DATA RETENTION We store your data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for your data, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure of your data, the purposes for which we process your data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting and other requirements.
By law we have to keep your data (including call recordings) during our business relationship and upon its termination, for a minimum period of 5 (five) years from the date of termination of our contractual relation.
In general, all other data is stored for a period of 30 (thirty) business days after the date of termination of the provision of our services unless there is any other legal or regulatory reason to keep it.
At the expiration of the data retention period the data is erased by irreversible destruction and we also inform all third parties, to whom the data was transferred, regarding such erasure and request implementation of similar actions on their part.
8. YOUR RIGHTS AND HOW TO WITHDRAW CONSENTS AND UNSUBSCRIBE We ask you to provide us with true, accurate and updated information on your identity and not misrepresent yourself to be another individual or legal entity. Any changes in your identifying details shall be notified to the Company immediately and in any case no later than the 7th day from the date of such changes. If your data is incorrect or incomplete, please contact our support service at the contact details listed in the section OUR CONTACT DETAILS below in order to change your data.
Under certain circumstances, you have rights in accordance with the provisions of GDPR and the applicable local legislation as amended from time to time. Some of the rights are rather complex and include exemptions, thus we strongly advise you to contact us (at the contact details listed in the section OUR CONTACT DETAILS below) and/or seek guidance from the regulatory authorities for a full explanation of these rights. You can find a summary of your rights below in this section.
A. The right to access. You have a right to obtain the confirmation as to whether or not your data is being processed by us. In addition, you have a right to obtain more detailed information about the data kept and the processing undertaken by us and under certain circumstances the right to receive a copy of this data.
B. The right to rectification. You have the right to have inaccurate data about you rectified, and, taking into account the purpose of the processing, to have incomplete data completed.
C. The right to erasure. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Please note however that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. In case if you want to obtain complete erasure of your data (to apply the "right to be forgotten"), please note that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
D. The right to restriction of processing. You have the right to request the restriction of processing of your personal data (a) if it is not accurate;(b) where processing may be unlawful but you do not want us to erase your data; (c) where you need us to hold the data even if we no longer require it; or (d) where you may have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
E. The right to data portability. To the extent the legal basis for the processing is your consent, and such processing is carried out by automated means, you have the right to receive your data in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others and/or in case it may be technically impossible to do so.
F. The right to object. Subject to the legal basis on which the processing activity is based, you may object to processing of your personal data. Please note that in some cases, we may have compelling legitimate grounds to process your information which we need to comply with.
G. The right to withdraw consent. To the extent that the legal basis for the processing is your consent, you have the right to withdraw from that consent at any time. This may apply to marketing purposes and/or with regards to the transfer of your data to third parties. In case you withdraw from a consent given, then we will cease to process your data, unless and to the extent the continued processing is permitted or required according to the applicable data regulation or other applicable laws and regulations. The withdrawal from your consent will in no event affect the lawfulness of processing based on consent before its withdrawal.
H. The right to complain to the data protection supervisory authority. We do our best to ensure that we protect your data, keep you informed about how we process your data and comply with the applicable data protection regulation. In case you are not satisfied with the processing and protection of your data or the information you have received from us, then we urge you to inform us in order for us to improve. Please also do not hesitate to contact us, if you want to make use of your rights.
If you want to exercise any of your rights mentioned above and/or obtain more information regarding your rights and/or our policies and procedures please contact us through the points of contact listed in the Section OUR CONTACT DETAILS below. Please also provide us with relevant information to take care of your request, including your full name and email address so that we can identify you. We will respond to your request without undue delay.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We may charge you a reasonable administrative fee for any unreasonable or excessive requests we may receive, and for any additional copies of the data you may request.
If following your request to us we are unable to provide you with a satisfactory answer then you may lodge a complaint with the local data protection supervisory authority. The data protection supervisory authority in Gibraltar is:
Gibraltar Regulatory Authority: 2nd floor, Eurotowers 4, 1 Europort Road, Gibraltar.
www.gra.gi 9. DATA SECURITY We have put in place appropriate security measures to prevent your data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data breach and will notify you and the competent regulator of a breach where we are legally required to do so.
Your help is always valuable in ensuring that your data is kept safe. Upon registration to the Website (or its mobile version), the Advertiser will be asked to choose a username and password to be used by the Advertiser on each future login and for the performance of transactions and use of the Company's Services. In order to protect the Advertiser's privacy and operation with the Website, sharing registration details (including without limitation, username and password) by the Advertiser with other persons or business entities is strictly prohibited. The Company shall not be held responsible for any damage or loss caused to the Advertiser due to improper use (including prohibited and unprotected use) or storage of such username and password, including any such use made by a third party, and whether or not known to or authorized by the Advertiser.
Any use of the Website with the Advertiser's username and password is the Advertiser's role responsibility. The Company shall not be held responsible for any such use, including for validation that Client is actually operating in his/her account.
The Advertiser is obliged to forthwith notify the Company's support service of any suspicion for unauthorized use of the Advertiser's account. You may contact us at any time through the points of contact listed in the Section OUR CONTACT DETAILS below.
Encryption of your data in transit. Encryption provides a high level of security and privacy for your data. When you enter your data in our platform we use strong encryption technologies (such as Transport Layer Security) to protect your data during transmission from your devices to our servers.
For providing more trust and security we use digital EV (Extended Validation) Certificates issued by trusted Certificate Authorities. You can see the 'Green Bar' in the supported browser versions which confirms what all transmitted data is secure.
Protection of your data in our infrastructure. We make it a priority to develop services that are secure "by default". The "default" security of our services means that every new service and feature is designed with strict security requirements in mind before we even begin development. This is the key to guaranteed protection and privacy of all data that our services handle and store, once the service or new feature is released.
To secure your data, we use the pseudonymisation which allows most of our services to operate without using your actual data. Instead of that, our services use a system ID that can't be traced back to identify you.
The Company is always vigilant about the security of your data stored in our infrastructure. Because of that we locate all our equipment which is used for your data processing in secure data centers. Network access to this equipment is isolated from the Internet. We use network segmentation for isolation of services which need different levels of security from each other. In addition, we restrict logical access to your data for our employees on a "need to know" basis. So, only personnel who really require access to your data for the purpose of providing you with our best service will have access to it.
Threats protection. Our Company is highly knowledgeable about modern threats to data security and privacy, and we are well prepared to combat them. All events that occur in our infrastructure are continuously monitored, analyzed and responded to, which allows us to ensure proper protection of your data, keeping it safe from threats, vulnerabilities, and the effects of malware.
In the event of a failure that affects the accessibility of your data, we have data backup and recovery procedures in place that will help us to restore your data in a short time. To guarantee the quick recovery, we use high availability mode enabled for most critical databases which allows us to minimize downtime.
Employee awareness of data security. Our employees may handle your data in order to provide you with first-class service. To guarantee the security and confidentiality of your data, we monitor all employees' actions with access to your data in our systems and grant access strictly on a "need to know" basis: only employees who need access will receive it. We hold regular training sessions to make sure that each employee understands the principles that the Company follows to achieve robust data security and privacy.
If you choose not to give your personal information. In the context of our business relationship we may need to collect data by law, or under the terms of a contract we have with you. Without this data, we are, in principle, not in a position to close or execute a contract with you.
If you choose not to give us this data, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform services needed to run your accounts or policies.
To what extent we carry automated decision-making and profiling. In establishing and carrying out a business relationship, we generally do not use automated decision-making. If we use this procedure in individual cases, we will inform you of this separately. In some cases, we may proceed with profiling in order to evaluate certain personal aspects. We shall inform you accordingly in case we perform any profiling. In general, any data collection that is optional would be made clear at the point of collection.
10. OUR CONTACT DETAILS Who is responsible for the data processing and who you can contact.
The entity responsible for your data processing is
MARKETING ANGELS LTD and you can contact us using the details set out below:
MARKETING ANGELS LTD
Address: 9/41 City Mill Lane, Gibraltar GX11 1AA.
Email: info@themarketingangels.com
Data Protection Officer We have appointed a data protection officer (hereinafter
DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this privacy policy, including requests relating to the data, please contact the DPO using the details set out below:
MARKETING ANGELS LTD
Address: 9/41 City Mill Lane, Gibraltar GX11 1AA.
Email: info@themarketingangels.com
To enable us to process your request, please contact us using the registered email address you disclosed and registered with us through your Affiliate Account. We may require that you provide us with proof of your identity, such as by providing us with a copy of a valid form of identification. This is to ensure that
we appropriately protect the personal data we hold from unauthorized access requests and comply with our security obligations.
If you have any questions, or want more details about how we use your data, you may contact us at the above contact details and we will be happy to provide you with further details.
Further to the above, you have the right to contact the offices of the Gibraltar Regulatory Authority, the Gibraltar supervisory authority for data protection issues.
11. LINKS TO OTHER WEBSITES We may provide links to third party websites in our Website. These linked websites are not under our control, and we therefore cannot accept responsibility or liability for the conduct of third parties linked to our websites, including without limitation to the collection or disclosure of your data. Before disclosing your data on any other website, we encourage you to examine the terms and conditions of using that website and its privacy policies.
12. CHANGES TO THIS PRIVACY POLICY 1. This Privacy Policy was last updated 22 April 2024. We have the right, at our discretion, to add, modify or remove portions of this Privacy Policy from time to time to ensure that the information herein provides relevant and adequate information about our collecting and processing of your data.
2. We have the right, at our discretion, to add, modify or remove portions of this Privacy Policy from time to time to ensure that the information herein provides relevant and adequate information about our collecting and processing of your data.
3. In case of updates, we will post the revised Privacy Policy on the Website. Changes will take effect as soon as the revised version is made available on the Website. Your comments and feedback are always welcome. You may contact us at any time through the points of contact listed in the Section OUR CONTACT DETAILS above.