1. Automatic collection of information
MangoUP’s top priority is customer data security and, as such, the Operator exercises the no logs policy. MangoUP may process only minimal user data, only as much as it is absolutely necessary to maintain the Website and Services. Information collected automatically is used only to identify potential cases of abuse and establish statistical information regarding the usage and traffic of the Website and Services. This statistical information is not otherwise aggregated in such a way that would identify any particular user of the system.
2. Collection of personal data
2.1 The User can access and use the Website and Services without telling the Operator who they are or revealing any information by which someone could identify the User as a specific, identifiable individual.
2.2 If the User wishes to use some of the features on the Website, the User may be asked to provide certain Personal Information (for example, name and e-mail address).
2.3 The Operator receives and stores any information the User knowingly provides to the Operator when the User creates an account, publishes content, makes a purchase, or fills any online forms on the Website. When required, this information may include the following:
a) Personal details such as name, country of residence, etc.
b) Contact information such as email address, address, etc.
c) Geolocation data such as latitude and longitude.
d) Any other materials the User willingly submits to the Operator such as articles, images, feedback, etc.
2.4 Some of the information the Operator collects is directly from the User via the Website and Services. However, the Operator may also collect Personal Information about the User from other sources such as public databases, social media platforms, third-party data providers, and the Operator’s joint marketing partners. Personal Information the Operator collects from other sources may include:
a) Demographic information, such as age and gender
b) Device information, such as IP addresses, location, such as city and state
c) Online behavioral data, such as information about the User’s use of social media websites, page view information and search results and links.
2.5 The User can choose not to provide the Operator with their Personal Information, but then the User may not be able to take advantage of some of the features on the Website.
2.6 Users who are uncertain about what information is mandatory are welcome to contact the Operator.
3. Use and processing of collected information
3.1 In order to make the Website and Services available to the User, or to meet a legal obligation, the Operator needs to collect and use certain Personal Information.
3.2 If the User does not provide the information requested, the Operator may not be able to provide the User with the requested products or services. Any of the information the Operator collects from the User may be used for the following purposes:
a) Create and manage user accounts
b) Fulfill and manage orders
c) Deliver products or services
d) Improve products and services
e) Send administrative information
f) Send marketing and promotional communications
g) Respond to inquiries and offer support
h) Request user feedback
i) Improve user experience
j) Deliver targeted advertising
k) Enforce terms and conditions and policies
l) Protect from abuse and malicious users
m) Respond to legal requests and prevent harm
n) Run and operate the Website and Services
3.3 Processing the User’s Personal Information depends on how the User interacts with the Website and Services, where the User is located in the world and if one of the following applies:
a) The User has given their consent for one or more specific purposes; this does not apply, whenever the processing of Personal Information is subject to California Consumer Privacy Act or European data protection law
b) Provision of information is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof
c) Processing is necessary for compliance with a legal obligation to which the User is subject;
d) Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Operator;
e) Processing is necessary for the purposes of the legitimate interests pursued by the Operator or by a third party.
3.4 Note that under some legislations the Operator may be allowed to process information until the User objects to such processing (by opting out), without having to rely on consent or any other of the following legal bases below. In any case, the Operator will be happy to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Information is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
4. Billing and payments
The Operator uses third party payment processors to assist in processing the User’s payment information securely. Such third party processors' use of the User’s Personal Information is governed by their respective privacy policies which may or may not contain privacy protections as protective as this Policy. The Operator suggests that the User reviews their respective privacy policies.
5. Managing information
5.1 The User is able to delete certain Personal Information the Operator has about the User. The Personal Information the User can delete may change as the Website and Services change.
5.2 When the User deletes Personal Information, the Operator may maintain a copy of the unrevised Personal Information in the Operator’s records for the duration necessary to comply with the Operator’s obligations to affiliates and partners, and for the purposes described below.
5.3 If the User would like to delete their Personal Information or permanently delete their account, the User can do so on the settings page of their account on the Website.
6. Disclosure of information
6.1 Depending on the requested Services or as necessary to complete any transaction or provide any service the User has requested, the Operator may share the User’s information with their consent with the Operator’s trusted third parties that work with the Operator, any other affiliates and subsidiaries the Operator relies upon to assist in the operation of the Website and Services available to the User. The Operator does not share Personal Information with unaffiliated third parties.
6.2 These service providers are not authorized to use or disclose the User’s information except as necessary to perform services on the Operator’s behalf or comply with legal requirements. The Operator may share the User’s Personal Information for these purposes only with third parties whose privacy policies are consistent with the Operator’s or who agree to abide by the Operator’s policies with respect to Personal Information.
6.3 These third parties are given Personal Information they need only in order to perform their designated functions, and the Operator does not authorize them to use or disclose Personal Information for their own marketing or other purposes.
6.4 The Operator will disclose any Personal Information the Operator collects, uses or receives if required or permitted by law, such as to comply with a subpoena, or similar legal process, and when the Operator believes in good faith that disclosure is necessary to protect the Operator’s rights, protect the User’s safety or the safety of others, investigate fraud, or respond to a government request.
7. Retention of information
7.1 The Operator will retain and use the User’s Personal Information for the period necessary to comply with the Operator’s legal obligations, resolve disputes, and enforce the Operator’s agreements unless a longer retention period is required or permitted by law. The Operator may use any aggregated data derived from or incorporating the User’s Personal Information after the User updates or deletes it, but not in a manner that would identify the User personally.
7.2 Once the retention period expires, Personal Information shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the expiration of the retention period.
8. Transfer of information
Depending on the User’s location, data transfers may involve transferring and storing the User’s information in a country other than their own. The User is entitled to learn about the legal basis of information transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Operator to safeguard the User’s information. If any such transfer takes place, the User can find out more by checking the relevant sections of this Policy or inquire with the Operator using the information provided in the contact section.
9. The rights of users
The user may exercise certain rights regarding their information processed by the Operator. In particular, the User has the right to do the following:
a) Withdraw consent where the User had previously given their consent to the processing of their information;
b) Object to the processing of their information if the processing is carried out on a legal basis other than consent;
c) Learn if information is being processed by the Operator, obtain disclosure regarding certain aspects of the processing and obtain a copy of the information undergoing processing;
d) Verify the accuracy of their information and ask for it to be updated or corrected;
e) Under certain circumstances, restrict the processing of their information, in which case, the Operator will not process their information for any purpose other than storing it;
f) Under certain circumstances, to obtain the erasure of their Personal Information from the Operator;
g) Receive the User’s information in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the User’s information is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
10. The rights to object to processing
10.1 Where Personal Information is processed for the public interest, in the exercise of an official authority vested in the Operator or for the purposes of the legitimate interests pursued by the Operator, the User may object to such processing by providing a ground related to their particular situation to justify the objection.
10.2 The User must know that should their Personal Information be processed for direct marketing purposes, the User can object to that processing at any time without providing any justification.
10.3 To learn, whether the Operator is processing Personal Information for direct marketing purposes, the User may refer to the relevant sections of this document.
11. Data protection rights under GDPR
11.1 If the User is a resident of the European Economic Area (EEA), the User has certain data protection rights and the Operator aims to take reasonable steps to allow the User to correct, amend, delete, or limit the use of their Personal Information.
11.2 If the User wishes to be informed what Personal Information the Operator holds about the User and if the User wants it to be removed from the Operator’s systems, please contact the Operator.
11.3 In certain circumstances, the User has the following data protection rights:
a) The User has the right to request access to their Personal Information that the Operator stores and has the ability to access their Personal Information.
b) The User has the right to request that the Operator corrects any Personal Information the User believes is inaccurate. The User also has the right to request to complete the Personal Information the User believes is incomplete.
c) The User has the right to request the erase their Personal Information under certain conditions of this Policy.
d) The User has the right to object to the Operator’s processing of their Personal Information.
e) The User has the right to seek restrictions on the processing of their Personal Information. When the User restricts the processing of their Personal Information, the Operator may store it but will not process it further.
f) The User has the right to be provided with a copy of the information the Operator has on the User in a structured, machine-readable and commonly used format.
g) The User has the right to withdraw their consent at any time where the Operator relied on the User’s consent to process their Personal Information.
h) The User has the right to complain to a Data Protection Authority about the Operator’s collection and use of their Personal Information. For more information, the User should contact their local data protection authority in the European Economic Area (EEA).
12. How to exercise these rights
Any requests to exercise the User’s rights can be directed to the Operator through the contact details provided in this document. The Operator may ask the User to verify their identity before responding to such requests. The User’s request must provide sufficient information that allows the Operator to verify that the User is the person they are claiming to be or that the User is the authorized representative of such person. The User must include sufficient details to allow the Operator to properly understand the request and respond to it. The Operator cannot respond to the User’s request or provide the User with Personal Information unless the Operator first verifies the User’s identity or authority to make such a request and confirm that the Personal Information relates to them.
13.1 The Website and Services use "cookies" to help personalize the User’s online experience. A cookie is a text file that is placed on the User’s hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to the User’s computer. Cookies are uniquely assigned to the User, and can only be read by a web server in the domain that issued the cookie to the User.
The Operator may disclose information about the User to their affiliates for the purpose of being able to offer the User related or additional products and services. Any information relating to the User that the Operator provides to their affiliates will be treated by those affiliates in accordance with the terms of this Policy.
15. Email marketing
15.1The Operator offers electronic newsletters to which the User may voluntarily subscribe at any time. The Operator is committed to keeping the User’s e-mail address confidential and will not disclose the User’s email address to any third parties except as allowed in the information use and processing section or for the purposes of utilizing a third party provider to send such emails. The Operator will maintain the information sent via email in accordance with applicable laws and regulations.
15.2In compliance with the CAN-SPAM Act, all e-mails sent from the Operator will clearly state who the e-mail is from and provide clear information on how to contact the sender.
15.3The User may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting the Operator. However, the User will continue to receive essential transactional emails.
16. Links to other resources
The Website and Services contain links to other resources that are not owned or controlled by the Operator. Please be aware that the Operator is not responsible for the privacy practices of such other resources or third parties. The Operator encourages the User to be aware when the User leaves the Website and Services and to read the privacy statements of each and every resource that may collect Personal Information.
17. Information security
The Operator secures information the User provides on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. The Operator maintains reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while the Operator strives to protect the User’s Personal Information, the User acknowledges that:
a) There are security and privacy limitations of the Internet which are beyond the Operator’s control;
b) The security, integrity, and privacy of any and all information and data exchanged between the User and the Website and Services cannot be guaranteed;
c) Any such information and data may be viewed or tampered with in transit by a third party, despite best efforts.
18. Data breach
18.1In the event the Operator becomes aware that the security of the Website and Services has been compromised or User’s Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, the Operator reserves the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities.
18.2In the event of a data breach, the Operator will make reasonable efforts to notify affected individuals if the Operator believes that there is a reasonable risk of harm to the User as a result of the breach or if notice is otherwise required by law. When the Operator does, the Operator will send the User an email.
19. Changes and amendments
19.1The Operator reserves the right to modify this Policy or its terms relating to the Website and Services from time to time in the Operator’s discretion and will notify the User of any material changes to the way in which the Operator treats Personal Information. When the Operator does, the Operator will send the User an email to notify the User.
19.2Any updated version of this Policy will be effective immediately upon the posting of the revised Policy unless otherwise specified. The User’s continued use of the Website and Services after the effective date of the revised Policy (or such other act specified at that time) will constitute the User’s consent to those changes.
19.3The Operator will not, without the User’s consent, use their Personal Information in a manner materially different from what was stated at the time the User’s Personal Information was collected.
20. Acceptance of this policy
The User acknowledges that the User has read this Policy and agree to all its terms and conditions. By accessing and using the Website and Services the User agrees to be bound by this Policy. If the User does not agree to abide by the terms of this Policy, the User is not authorized to access or use the Website and Services.
If the User would like to contact mangoUP to understand more about this Agreement or wish to contact mangoUP concerning any matter relating to it, he may send an email to .oi.puognam%40eiram
This document was last updated on September 22, 2020