LAST UPDATED: JANUARY 23rd 2022
We also automatically collect certain computer, device and browsing information when you access Mash on our website, our wallet apps, extensions or integrated experiences. This information is aggregated to provide statistical data about our users’ browsing actions and patterns, and does not personally identify individuals. This information may include: Computer or mobile device information, IP address, operating system, network system, browser type and settings, location, interests, usage information.
Finally, we may collect Personal Data from third-party partners and public sources, which include: Business activities of partners, business customers.
We need to collect certain types of information for compliance with legal requirements relating to our anti-fraud/anti-money-laundering/counter-financing-of-terrorism/know-your-customer obligations. If this information is not provided we may not be able to provide a Service for you. Your Personal Data may also be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body or agency or in the defence of legal claims. We will not delete Personal Data if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved.
We may share your Personal Data with law enforcement, data protection authorities, government officials and other authorities when:
Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights in relation to their personal information, subject to limited exceptions. For personal information collected by us during the preceding 12 months that is not otherwise subject to an exception, California residents have the right to access and delete their personal information.
If you are a California resident, you have the right to request certain information from us regarding our information-sharing practices with third parties for direct marketing purposes. To the extent that we share your personal information for direct marketing purposes, you may receive the following information: (1) the categories of information and sources of information that we disclosed to third parties for direct marketing purposes during the preceding year; and (2) the names and address information of third parties that received such information, or if the nature of their business cannot be determined from the name, the examples of the products or services marketed.
To the extent that Mash sells your personal information to third parties, you also have the right to request that we disclose to you: (i) the categories of your personal information that we sold, and (ii) the categories of third parties to whom your personal information was sold. You also have the right to direct us not to sell your personal information.
California residents may also designate an authorized agent to make a request to access or delete on your behalf. Your authorized agent must submit proof that you have provided them with power of attorney pursuant to Probate Code sections 4000 through 4465. We may deny a request from a purported authorized agent who does not provide proof of authorization to act on your behalf.
If you have any questions, comments, or complaints concerning our privacy practices please contact us [email protected] We will attempt to respond to your requests and to provide you with additional privacy-related information.
You may have certain rights concerning your Personal Data under DP Law, as mentioned below, and can exercise them by contacting us at [email protected]
Access: you are entitled to ask us if we are processing your information and, if we are, you can request access to your Personal Data. This enables you to receive a copy of the Personal Data we hold on you and certain other information about it to check that we are processing it lawfully. We process a large quantity of information and can thus request, in accordance with DP Law, that before the information is delivered, you specify the information or processing activities to which your request relates.
Correction: you are entitled to request that any incomplete or inaccurate Personal Data we hold about you is corrected.
Erasure: you are entitled to ask us to delete or remove Personal Data in certain circumstances. There are also certain exceptions where we may refuse a request for erasure; for example, where the Personal Data is required for compliance with law or in connection with claims.
Restriction: you are entitled to ask us to suspend the processing of certain parts of your Personal Data; for example, if you want us to establish its accuracy or disclose the reason for processing it.
Transfer: you may request the transfer of a certain part of your Personal Data to another party.
Objection: where we are processing your Personal Data based on a legitimate interest (or that of a third-party) you may challenge this. However, we may be entitled to continue processing your information based on our legitimate interests or where this is relevant to legal claims. You also have the right to object where we are processing your Personal Data for direct marketing purposes.
Automated decisions: you may contest any automated decision made about you where this has a legally or similarly significant effect and ask for it to be reconsidered.
You also have a right to lodge a complaint with a supervisory authority, in particular in the Member State of the European Union where you are habitually resident or where an alleged infringement of Data Protection Law has taken place.