The Website avoids collecting unnecessary personal data and follows “data protection by design” and “data minimization” principles with regards to data collection.
Purpose and Use of Collected Information
The Website processes personal data for the sole purposes of its aims, activities and services, including:
- Delivering services mentioned in the Website;
- Contacts, interactions with users of the Website;
- Where applicable, administrative processes, invoicing and billing of users of Mandat International services;
- Improving users experience and the quality of delivered services;
- Authenticating, securing and collecting statistics on remote connections.
How Data Can Be Collected
The Website can receive information and personal data through its web interface, email notifications, and other interactions means, and may include:
- Information provided by the users when using our services;
- Information provided by users’ devices for connectivity, such as your IP address;
- Cookies and similar technologies, whose use is voluntarily limited and minimized on the Website.
The Website does not store any cookies. However, it uses temporary JSON Web Token (JWT) to serve as user session while using the Website.
Policy Towards Children
The Website is not directed to minors of age. Minors of Age shall have a parental agreement before sharing any personal data with us. Anyone who becomes aware that someone under 16 years of age has provided us with personal data without parental agreement should inform us and we will delete the related data.
Data Storage and Retention Period
The Website servers are located in Europe. The data retention period is minimized and data that are not useful anymore are deleted. The data retention period is determined by taking into account the legal, security, management, anonymized statistics and other legitimate interests.
Sharing and Transfer of Information
Personal data are processed with care and our policy requires to avoid any unnecessary data transfers to third parties or to geographic locations that may expose personal data at risk. Personal data may be shared in the following cases:
- With the Website processors and partners for its services and activities, such as online payment solutions, onsite registration processes, or data storage infrastructure. The list of data processors is available by simple request to the data protection officer.
- When required by law or for legitimate purpose, such as protecting the legal rights and safety of the application, its partners, and the users of its services.
The Website uses physical, technical, and administrative measures to safeguard personal information in its possession against loss, theft and unauthorized use, disclosure, or modification. Please note, however, that no data transmission or storage can be guaranteed to be 100% secure. As a result, while the Website strives to protect the information it processes, this should not be taken as a warranty. If you identify any weakness in our security, please inform us.
Data Subject Rights
Users have rights on their personal data. They can contact our data protection officer in order to assert your rights as a Data Subject, including the right to access, rectify, erase your personal data; the right to withdraw consent and to restrict or object to the processing of your personal data; and the right to portability of your personal data. Data Subjects also have the right to lodge a complaint with a supervisory authority in case their rights would be violated.
Changes to this Policy
Data Protection Officer and Contact
A Data Protection Officer (DPO) and supervising expert is entrusted to handle privacy related questions on the Website and can be contacted as indicated on the Contact Page.