PRIVACY NOTICE In accordance with the commitment and care that MA Agency LCC dedicates to the protection of personal data, we inform you about the methods, purposes, and processing of your personal data and your rights, in accordance with Art. 13 of the GDPR.
Data Controller: MA AGENCY LCC 30 N Gould St Ste R – Sheridan WY 82801 EIN Number: 35-2773177 e-mail: info@ma-agency.io
DPO – Data Protection Officer: The company in charge of data processing has decided not to appoint a DPO after careful evaluation regarding the amount of data processed within the EU or concerning EU citizens.
Types of Data Collected: Among the Personal Data collected by this Website, either independently or through third parties, are: name, surname, phone number, email, Cookies, Usage data. Full details on each type of data collected are provided in dedicated sections of this privacy policy or by specific informative texts displayed before the data is collected. Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this Website. Unless otherwise specified, all Data requested by this Website is mandatory. If the User refuses to provide them, it might be impossible for MA Agency to provide the requested Service. In cases where this Website indicates some Data as optional, Users are free not to communicate such Data, without any consequences on the availability or operation of the Service. Users who are uncertain about which Data is mandatory are encouraged to contact the Data Controller. The potential use of Cookies – or other tracking tools – by this Website or by third-party service owners used by this Website, unless otherwise specified, is intended to provide the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy, if available. Users are responsible for third-party Personal Data obtained, published, or shared through this Website and confirm they have the right to communicate or disseminate them, freeing the Owner from any liability to third parties.
Methods and Place of Data Processing: Processing methods: The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of Personal Data. Processing is carried out using electronic and/or telematic means, with organizational methods and strictly related logic to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved in the organization of this Website and the provision of services may have access to the Data (administrative, commercial, marketing, legal personnel, system administrators) or external subjects (technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Processors can always be requested from the Data Controller.
Legal basis for processing: The Data Controller processes User Personal Data if one of the following conditions exists:
- The processing is necessary for the execution of a consultancy contract with the User and/or the execution of pre-contractual measures.
- The processing is necessary to fulfill a legal obligation to which the Data Controller is subject.
- The processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
- The processing is based on the explicit consent provided by the customer to be contacted by qualified trading operators. However, Users can always request the Data Controller to clarify the specific legal basis for each processing and specify whether the processing is based on the law, provided by a contract, or necessary to conclude a contract.
Place: The Data is processed at the Data Controller’s operational offices and with the help of the Google Drive storage program. Therefore, they can also be processed outside the EU but always ensuring compliance with Reg. No. 679/2016 EU.
Retention period: Data is processed and stored for the time required by the purposes for which they were collected. Therefore:
- Personal Data collected for purposes related to the execution of a contract between the Data Controller and the User will be retained until the execution of that contract is completed.
- Personal Data collected for purposes related to fulfilling a legal obligation will be retained until this legal requirement is fulfilled.
- Personal Data collected based on the explicit consent provided by the User will be retained until the User confirms their consent and in any case for a period not exceeding 5 years.
At the end of the retention period, which will not exceed 10 years, the Personal Data will be deleted. Therefore, at the end of this term, the right of access, deletion, rectification, and the right to data portability can no longer be exercised. The Data Controller may also be required to retain personal data for a longer period if this is necessary to fulfill a specific legal obligation or an order from a Public Authority.
Purpose of Data Processing: The User’s Data is collected to allow the Data Controller to provide its Services and its Consultations, as well as for the following purposes: Contacting the User, Statistics, Displaying content from external platforms, Managing contacts, providing the requested service, fulfilling legal obligations, responding to executive requests, protecting its rights and interests (or those of Users or Third Parties).
User Rights: Users can exercise certain rights regarding their Data processed by the Data Controller. In particular, Users have the right to:
- Obtain confirmation of the existence or not of their Personal Data.
- Know the content and origin, verify its accuracy, or request its integration, cancellation, update, correction, transformation into anonymous form, or block of their Personal Data processed in violation of the law.
- Oppose, for legitimate reasons, the processing of their data.
- Request data portability.
- Submit a complaint to the competent authority for the protection of personal data, in the case of violation of the regulations.
To exercise these rights, Users can direct a request to the Data Controller’s contact details indicated in this document. Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case within a month.
This Privacy Notice was last updated on 12 August 2023.