MTech Systems Privacy Policy
Introduction
MTech Systems USA LLC, a Munters Company (“MTech Systems” or “we” or “us” or “our”) respects the privacy of our users (“user” or “you”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our Website and use our Apps and Services. This Policy applies to the Personal Information collected by MTech Systems when you interact with our Website, Apps, and Services.
1. What Information We Collect and Process
1.1. Information You Provide to MTech Systems. When you interact with us via our website, App, or Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Information.”) We will not use or share your information with anyone except as described in this Privacy Policy.
1.1.1. Mobile Device Access. We may request access to certain features on your mobile device, such as your calendar, reminders, and other functionalities. You can modify or revoke these permissions at any time in your device’s settings.
1.1.2. Push Notifications. We may send you push notifications related to your account or our mobile application. If you prefer not to receive these notifications, you can disable them in your device’s settings.
1.1.3. Payment Information. We collect payment and billing information when you register for paid Services. For example, we may ask you to provide a billing address, or a billing contact for your MTech Systems account. If you give us payment information, we use it solely as authorized by you in accordance with this Privacy Policy. You may also provide payment information, such as a credit card number or bank account numbers, when purchasing Services. We use secure third-party payment service providers to manage payment processing, which is collected through a secure payment process.
1.1.4. Customer Testimonials. We post customer testimonials and comments on our Website, which may contain Personal Data. We obtain each customer’s consent via email or through other agreements between customers and MTech Systems prior to posting the customer’s name and testimonial.
1.1.5. Third-Party Integrations. You may connect third-party integrations to your MTech Systems account, which may ask for certain permissions to access data or send information to your account. We are not responsible for the practices of third-party integrations, so please carefully review the permissions you grant to third-party applications.
1.2. Information Automatically Collected by Using Our Services and Website. Like most websites and technology services delivered over the internet, we may automatically collect certain information about your device and usage when you use our Services and Apps or visit our Website. This information may include:
1.2.1. Location-Based Information. We use Google Maps APIs for the purpose of providing a better service and may collect information about your geolocation and mobile device when you use our apps. This can include continuous or session-based tracking to provide location-based services. You can manage or change our access to location information through your device’s settings. You may find the Google Maps APIs Terms of Service here. By using our Maps API Implementation, you agree to be bound by Google’s Terms of Service.
1.2.2. Usage Data. We may collect information that your browser sends whenever you visit our Website, App, or Services or when you access the Services by or through a mobile device (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
1.2.3. Device Information. When you access or use the Subscription Service via our mobile applications, we automatically collect information such as your device model and version, operating system, or device identifiers.
2. How We Use Information We Collect.
2.1. To Communicate Administrative Information to You. We may use the account information you provide to MTech Systems to send you transactional emails or notifications about billing, account management, and other administrative matters. We may also send you updates regarding our Master SaaS and Services Agreement (“Service Agreement”) or other legal agreements and communicate with you about new feature information.
2.2. To Provide the Services. We use your account information and Customer Data to provide the product and Services to you in performance of a Contract. We also use this information to authenticate you when you log in and to provide customer support, such as resolving technical issues you encounter and analyzing product outages or bugs.
2.3 To Facilitate Account Creation and Logon Process: If you choose to link your account with us to a third-party account (such as your Google or Facebook account), we use the information you allowed us to collect from those third parties to facilitate account creation and logon process for the performance of the contract.
2.4. To Improve and Develop Our Product and Services. We collect Usage Data about how you or your users interact with our App and Services. We use this data to develop and improve our products and services. For example, we use Usage Data to assess trends and usage across the product to help us determine what new features or integrations our users may be interested in. We may use and store data about how our Website, Services, and App are being used across our customer base. When we share statistical information externally in this way, the data will be in an aggregated and anonymized form so that it is not associated with individual end users and does not include Personal Information.
2.5. To Secure and Protect our Product and Customers. We use your account information to investigate and help prevent security incidents. We may also use this information to meet legal requirements. We use your information to verify user accounts, new product sign-ups, and to detect and prevent product abuse. This includes enforcing our Services Agreement. Additionally, we may retain and use your Personal Information to the extent necessary to comply with our legal, tax, reporting, and auditing obligations.
2.6. To Market and Promote the Services. Where required by law, we will only send marketing communications with your consent. Otherwise, we may send you marketing communications by email about Services that we feel may be of interest to you.
3. How We Share Personal Data
3.1. Consent. We may share and process your data if you have given us specific consent to use your personal information for a specific purpose.
3.2. In Performance of a Contract. Where we have entered into a contract with you, we may process your Personal Information to fulfill the terms of our contract.
3.3. Third-Party Providers. We may share your data with third-party vendors, service providers, or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include payment processing, data analysis, provision of Services on our behalf, and to provide customer service efforts. These third parties are prohibited from using your Personal Data except for these purposes, and they are required to maintain the confidentiality of your information. In all cases where we share your information in this way, we explicitly require the third parties to acknowledge and adhere to our privacy and data protection policies and standards.
3.4. Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us (“Affiliates”). We also may partner with trusted third parties to provide you with co-marketing content that we think may be relevant to you. These partners are required to adhere to our privacy and data protection policies and standards.
3.5. Compelled Disclosure. MTech Systems reserves the right to use or disclose your Personal Information, without notice, if required to do so by law or in the good faith belief that such action is necessary to: (a) comply with legal obligations or process served on MTech Systems or the Website; (b) protect and defend the rights or property of MTech Systems; (c) protect against legal liability; and, (d) act under exigent circumstances to protect the personal safety of users of MTech Systems, or the public.
4. How We Transfer Personal Data Internationally
4.1. International Transfers to Our Affiliates. To facilitate our global operations, we may transfer information to our Affiliates where we have operations for the purposes described in this Policy.
4.2. International Transfers to Third Parties. We are headquartered in the United States, and recipients of the data disclosures described in this Privacy Policy are in the United States and elsewhere in the world, including where privacy laws may not provide as much protection as those of your country of residence. Please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your Personal Information across national borders for the purposes set out herein. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and that no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls ensuring the security of your data and other Personal Information
4.3. Data Privacy Framework Notice. MTech Systems complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. MTech Systems has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) regarding the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”), and to view our certification, please visit https://www.dataprivacyframework.gov/. The following statements apply to all EEA and UK Personal Data that is received by MTech Systems in the United States pursuant to the DPF:
4.3.1. EEA and UK individuals have the right to access their Personal Data that has been transferred into the United States and to correct or update that information. Individuals also have the right to erase information that has been processed in violation of the DPF Principles. To exercise any of these rights, which are subject to exceptions under the DPF Principles, individuals should refer to the contact information provided below.
4.3.2. When MTech Systems receives Personal Data under the DPF and then transfers it to a third-party service provider acting as an agent on MTech Systems’ behalf, MTech Systems has certain responsibilities under the DPF if both the agent Processes the information in a manner inconsistent with the DPF, and if MTech Systems is responsible for the event giving rise to the damage.
4.3.3. Covered European residents should direct any questions, concerns, or complaints regarding our compliance with the DPF to MTech Systems as described at the bottom of this Privacy Policy. In compliance with the DPF Principles, MTech Systems commits to resolve DPF Principles-related complaints about our collection and use of your Personal Data. We will investigate and attempt to resolve any DPF Principles-related complaints within 45 days.
4.3.4. In compliance with the DPF, MTech Systems commits to refer unresolved complaints concerning our handling of personal data received in reliance on the DPF to an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. The services of TRUSTe Dispute Resolution, are provided at no cost to you.
4.3.5. Under certain conditions, more fully described on the DPF website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. The Federal Trade Commission has jurisdiction and enforcement authority over MTech’s compliance with the DPF Principles.
4.3.6. Please note that under certain circumstances, we may be required to disclose your Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
5. How We Store and Secure Personal Data
5.1. Data Storage and Security. We use a variety of security technologies and procedures to help protect your Personal Data from unauthorized access, use, or disclosure. We secure the Personal Data you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. All Personal Data is protected using appropriate physical, technical and organizational measures. When Personal Information, such as a credit card number, is transmitted to other Web sites, it is protected by encryption, such as the Secure Socket Layer (SSL) protocol. However, please remember that no method of electronic storage and transmission is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services or Apps is at your own risk. You should only access the services within a secure environment.
5.2. Data Retention. We hold Personal Data for as long as necessary to fulfill the purposes set forth in this Privacy Policy, unless a longer retention period is required or permitted by law. No purpose in this Policy will require us keeping your Personal Information for longer than 1 year past the termination of the user’s account. We retain your information where there is an ongoing legitimate business need to do so (for example, as needed to comply with our legal obligations, resolve disputes, and enforce our agreements). When your information is no longer necessary for us to retain, we will either delete or permanently anonymize it, or, if this is not possible, then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
5.2.1. We hold Usage Data for internal analysis purposes to be retained for generally a shorter period or time, except when this data is used to strengthen the security, improve the functionality of our Services, or where we are legally obligated to retain this data for longer periods.
6. Tracking Technologies
6.1. Cookies. We use Cookies and similar tracking technologies to collect information about your interactions with our Website, Services, and App. Cookies are small data files stored on your device’s internal memory that help us remember your preferences and improve your user experience. Specifically, session, preference, and security Cookies. Session Cookies are used to operate our Services. Preference Cookies are used to remember your preferences and settings. Security Cookies are used for security purposes. Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services or Apps.
6.2. Controls for Do-Not-Track Features. Some web browsers include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. You can make certain choices about cookies and similar technologies to communicate your choice not to be tracked online in our privacy preference center. We may not respond to DNT signals as no uniform technology standard for recognizing and implementing DNT signals has been finalized yet. We may not be able to respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. You can manage or disable cookies through your browser settings. You have the ability to accept or decline cookies. If you choose to decline cookies, you may not be able to fully experience every feature of the Service or App.
7. Your Privacy Rights and Choices.
7.1. EU and Brazil Residents. If you are a user that resides in Brazil or the European Economic Area and the United Kingdom (“EEA+”), you should read this Privacy Policy together with its Additional Privacy Details for Outside the United States Residents section, which provides additional information about our information practices, including a description of rights available to some users under the Brazilian General Data Protection Act and the General Data Protection Regulation.
7.2. California Residents. If you are a user that is a California resident, you should read this Privacy Policy together with its California Privacy Rights section, which provides additional information about our California information practices, including a description of the California Consumer Protection Act rights available to some Californians.
7.3. Managing Your Information. At any time, you have the ability to review or change the information in your account or terminate your account. Log into your account settings and update your user account. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Service Agreement and/or comply with legal requirements.
7.4. Withdraw Consent. If we have collected and processed your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
7.5. Opting Out of Email Marketing. You can opt-out of marketing communications at any time if you would prefer not to receive them in the future by using the “unsubscribe” link provided in the communication itself or you can update your preferences by contacting us using the details provided below.
8. Contact Us
8.1. Data Protection Officer. If you wish to exercise the privacy rights herein or have questions regarding the processing of your personal data under this notice, you can contact our data protection officer, Chris Lee, at chrislee@mtech-systems.com.
8.2. General Inquiries. MTech Systems welcomes your comments regarding this Privacy Policy. If you believe that MTech Systems has not adhered to this Statement, or if you have a disability and need to access this notice in a different format, please contact MTech Systems at support@mtech-systems.com. We will use commercially reasonable efforts to promptly determine and remedy the problem.
9. Other Important Privacy Information
9.1. Information About Children. Our Service does not address anyone under the age of 13 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us to remove that information from our servers.
9.2. We Never Sell Personal Data. We will never sell your Personal Data to any third-party.
9.3. Changes to This Privacy Policy. We reserve the right to make updates to this Privacy Policy as needed to reflect changes in the law and our data handling or management practices. We will alert you about any changes by updating the “Last Updated” date of this Privacy Policy. Any changes or modifications will be effective immediately upon posting the updated Privacy Policy on this page, and you waive the right to receive specific notice of each such change or modification.
9.4. Definitions. Undefined terms in this Privacy Policy have the same definition as in our Service Agreement (“Terms”).
Additional Privacy Details
1. Outside the United States Residents
1.2. Legal Basis for Processing Personal Information. Our legal basis for collecting and using the Personal Data described in this Privacy Policy will depend on the Personal Data concerned and the specific context in which we collect it. However, we will normally collect Personal Data from you only where we have your consent to do so, where we need the Personal Data to perform a contract with you, where required by law, where needed to prevent harm and protect our rights, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Data from you.
1.3. Your Data Controller. Under applicable international privacy laws, we are the data controller in relation to you (“Data Controller”). As Data Controller, we determine the means and purposes of collection and use of your personal data and we are obligated to provide the individual whose personal data is being processed (“Data Subject”) with certain information about the processing. This notice serves as such information.
1.4. Your Data Subject Rights. As a data subject you have certain mandatory rights under the GDRP regarding our processing of your personal data:
- Right to Access. You have the right to receive written confirmation as to whether personal data concerning you is being processed, and, if personal data is processed, access to the personal data.
- Right to Complain. If you believe that we illegally process your personal data, you can lodge a complaint with our Data Protection Officer who can be reached by the “Contact Us” section above or with your local supervisory authority. You can find their contact details here.
- Right to Data Portability. You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
- Right of Erasure. We generally retain your Personal Information for as long as is necessary for the performance of the contract between you and us, to comply with our legal obligations, and as permitted by applicable law. You have the right to ask us to delete your Personal Information, subject to certain limitations and restrictions.
- Right to Object. You have the right to object to our processing of your personal data, and we are then obliged to re-examine whether our legitimate interests to perform the processing still outweigh your interests and objection. If you object to processing for direct marketing purposes, we will no longer process your personal data for such purposes.
- Right to Rectification and Restriction. You have the right to have inaccurate or incomplete personal data corrected and under certain circumstances, you have the right to request restriction of the processing.
- Right to Withdraw Consent. If we have collected and processed your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
- Right to Non-Discrimination. Any request to exercise one’s rights under the LGPR or GDPR will be free from negative consequences.
2. California Privacy Rights
2.1 Applicability. This section only applies to California residents and supplements the information in the rest of our Privacy Policy above. Data about individuals who are not residents of California is handled differently and is not subject to the same rights described below.
2.1.1. The California Consumer Privacy Act (“CCPA“) requires businesses to disclose whether they sell Personal Information. MTech Systems is a business and does not sell Personal Information. We may share Aggregated Statistics and/or anonymized information regarding use of the Website, App, and Services, which is not considered Personal Information under the CCPA, with third parties. This helps us develop and improve the Services and provide our Customers with more relevant content and offerings, as detailed in our Service Agreement. These third parties have agreed to our contractual limitations regarding the retention, use, and disclosure of such Personal Information.
2.1.2. If you are unable to access this Privacy Policy due to a disability or any physical or mental impairment, please contact us and we will arrange to supply you with the information you need in an alternative format that you can access.
2.2. Your California Rights. The CCPA provides a comprehensive regime of consumer rights regulating the collection, use, and sharing of Personal Information more broadly than any previous U.S. law. As a California Consumer you have certain rights under the CCPA regarding our processing of your personal data:
- Right to Access. You have the right to request that we disclose what Personal Information we have collected, used, and disclosed about you in the past 12 months.
- Right of Erasure. We generally retain your Personal Information for as long as is necessary for the performance of the contract between you and us, to comply with our legal obligations, and as permitted by applicable law. You have the right to ask us to delete your Personal Information, subject to certain limitations and restrictions.
- Right to Rectification. You have the right to rectify inaccurate or incomplete personal data. For issues relating to your account you, by visiting your account settings, you can correct and change certain Personal Information associated with your account.
- Right to Non-Discrimination. Any request to exercise one’s rights under the CCPA will be free from negative consequences.
2.3. What Personal Information We Collect. We have collected the following statutory categories of Personal Information, detailed above, in the past twelve (12) months:
- Commercial Information. This includes subscription records. We collect this information directly from you.
- Customer Records Information/ Identifies. This includes information such as your name, e-mail address, mailing address, and phone number. We collect this information directly from you.
- Financial Information. This includes Payment Information or financial account numbers in the process of providing you with a Service. We collect this information from you.
- Geolocation Data. We collect this information from your device.
- Internet or Network Information. This includes browsing and search history. We collect this information directly from your device.
- Other Personal Information. In instances when you interact with us online, by phone or mail in the context of receiving help through our help desks or other support channels we may receive addition information provided by you.
2.4. How We Use Your Personal Information. The business purposes for which we collect this information are described in Section 2 of this Privacy Policy. The categories of third parties to whom we may “disclose” this information for a business purpose are described in Section 3 of this Privacy Policy. The period for which we retain this information is described in Section 5.2 of this Privacy Policy.
2.5. How to Exercise your California Rights. You can exercise your rights yourself or you can alternatively designate an authorized agent to exercise these rights on your behalf. Please note that to protect your Personal Information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent’s identity to protect your Personal Information. Please use the contact details above in the “Contact Us” section if you would like to: Access this Policy in an alternative format; Exercise your rights; Learn more about your rights or our privacy practices; or designate an authorized agent to make a request on your behalf.