Privacy Policy
April 24, 2024
MinDD Technologies, Inc. together with its affiliated entities (“MinDD“ ”we”, “us” or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, process, and share Personal Data, your Rights and Choices, and other important information about how we handle your Personal Data.
NAVIGATION
APPLICABILITY OF THE PRIVACY POLICY
This Privacy Policy applies to our “Services” where link to or post this Privacy Policy, including:
- the websites that we own and operate, e.g. www.minddtech.com and all related websites, our applications and/or APIs, and online services (our “Site(s)”);
- the MinDD Connect member platform (“Platform”); and
- our other services, offerings, and other interactions (e.g., customer service inquiries, or your participation in user conferences, community events, etc.)
If you do not agree with the data practices described in this Privacy Policy, you should not use our Services.
This Privacy Policy does not apply to any third party applications or software that integrate with the Services through our Site (“Third Party Services”), or any other third party products, services or businesses.
CATEGORIES AND SOURCES OF PERSONAL DATA
The following describes how we process data relating to identified or identifiable individuals and households (“Personal Data”).
Categories of Personal Data We Process
The categories of Personal Data we process may include:
Audio/Visual Data: Recordings such as audio files and records (e.g., voice mails, call recordings, and the like).
Biographical Data: Data relating to professional and employment history, qualifications, and similar biographic information.
Contact Data: Identity Data that includes personal and business contact information, such as postal address, email address, telephone number, or other identifiers used for communication.
Content: Unstructured or free-form content that you post on our Site or Platform that may include Personal Data (e.g., text, images, photographs, messages, comments, feedback, and correspondence).
Commercial Data: Information relating to transactions and purchases, registrations through our Site, and related information (e.g. pricing, ticket quantity, etc.)
Device/Network Data: Information regarding your interaction with a website, application, or advertisement (e.g., IP Address, MAC Address, SSIDs, etc.), online user ID, device characteristics (such as browser/OS version), web server logs, application logs, cookie data, web beacons, clear GIFs, pixel tags, and information about how you use our Site and interact with us.
Identity Data: Information such as your name; address; email address; telephone number; gender; date of birth, age and/or age range; photo/avatar; account login details (e.g., username and password); and information such as unique IDs and online identifiers.
Inference Data: Data such preferences, characteristics, predispositions, behavior, demographics, household characteristics, market segments, likes, favorites and other data (e.g. preferences for marketing communications and details about how you engage with them).
Sensitive Data: -Personal Data deemed “sensitive” or “special categories of Personal Data” under GDPR, CCPA, or other laws. We collect the following categories of Sensitive Personal Data:
- “Government ID Data” Data relating to official government identification, such as driver’s license or passport numbers, including similar Identity Data protected as Sensitive Data under applicable law.
- “Health” data relating to your health.
- “Payment Data” Information such as bank account details, payment card information, including similar data protected as Sensitive Data under applicable law, and relevant from a Payment transaction.
- “Race or Ethnic Origin” data relating to your race, ethnic, or national origin.
- “Sexual Orientation” data relating to you sexual orientation or identity.
- “Religion” data relating to your religious or philosophical beliefs.
Sources of Personal Data We Process
We collect Personal Data from various sources, which include:
Data you provide us: We receive Personal Data when you provide them to us, when you purchase our products or services, complete a transaction via our Services, or when you otherwise use our Services.
Data we collect automatically: We collect Personal Data about or generated by any device used to access our Service, e.g. IP addresses and similar Device/Network Data.
Service Providers: We receive Personal Data from service providers performing services on our behalf.
Event partners: We receive Personal Data from Event partners when you direct them to disclose Personal Data to us, or interact with use through the Event partner.
Aggregators and advertisers: We receive Personal Data from ad networks, data brokers, market research, or similar companies who provide us with additional Personal Data, e.g. Inference Data.
Social media companies: We receive Personal Data from Social Media sites (e.g. LinkedIn) when you use social media sign on, or interact with that social media company on or in connection with our Services, or link to your social media accounts.
Data we create or infer: We, certain partners, social media companies, and third parties operating on our behalf, create and infer Personal Data such as Inference Data or aggregate data based on our observations or analysis of other Personal Data, and we may correlate this data with other data we process about you.
DATA PROCESSING CONTEXTS / NOTICE AT COLLECTION
Events, Programs, and our Platform
You may give us Personal Data when you apply for a MinDD program, register for an account on the Platform, or otherwise submit information to use through the Services or other communications with us. For example:
- We may collect Identity Data, Contact Data, Biographical Data, and Content when you create a profile on our Platform or Site (“Profile Data”).
- We may collect Commercial Data, Contact Data, Identity Data, and Payment Data when you register for an Event or enter into a commercial transaction (“Transaction Data”). We may collect
- Identity Data, Contact Data, Biographical Data, Content, Government ID, Protected Class Data, or Sensitive Data when you submit an application to one of our programs (“Application Data”).
In certain cases (such as in connection with our Diversity & Inclusion efforts), we may collect and share with parties you authorize, Sensitive Data such as Race or Ethnic Origin, Religion, Health, or Sexual Orientation. Additional information regarding these programs, how your Personal Data will be shared, and the parties that may receive it, are available within program descriptions we provided at the time you agreed to participate in the program.
We process this Personal Data to create and maintain your account, to operate our Events and programs, to provide the products and services you request, or to perform or initiate a transaction with you. Our Platform, Events, and programs are designed to connect you with founders, investors, and the broader community, and we will disclose the Personal Data we collect in these contexts (other than Government ID Data or Payment Data) with partners, mentors and user groups with which you interact or direct us to disclose data through our Services. Some posts may be public. Unless posted publicly, we disclose Sensitive Data only with your consent, and allow you to limit use or disclosure as required by law. You may revoke your consent to the processing of Sensitive Data at any time.
We also process this data for our Business Purposes. We process Sensitive Data only for the Business Purposes expressly permitted under applicable law. We may process Identity Data, Biographical Data, Contact Data, Content, and Commercial Data for Commercial Purposes. We do not sell or “share” Personal Data collected in this context.
Linking to Social Networking Sites
We process Identity Data, Contact Data, Biographical Data, Content, and other Personal Data you agree to share when you connect with social networking service (“SNS”) through our Site or Platform. You may authorize the SNS to provide this information via your settings on that SNS. You can revoke our access to the information you provide in this way at any time by amending the appropriate settings from within your account settings on the applicable SNS.
We process this data in order to add information to your account on our Site or Platform, populate your bio for Events, and to build your Profile. We also process this data for our Business Purposes. We may process Identity Data, Biographical Data, and Content for Commercial Purposes. We process Sensitive Data (if any) only for the Business Purposes expressly permitted under applicable law. We do not sell or “share” Personal Data collected in this context.
Event Recordings
As part of our Services, we host, coordinate, and operate community events, Startup Weekend competitions, demo days, mentor sessions, and other public or private events (“Events”) where you may engage with MinDD, founders, teams, sponsors, investors, and other community members. We may create audio or visual recordings of these events, take photographs, conduct interviews or surveys, or conduct similar activities at these Events (“Event Recordings”), and we will collect and process, Audio/Visual Data comprising these Event Recordings.
We or our event sponsors or participants may use those Event Recordings and related Audio/Visual Data as part of our marketing and promotional activities. Further, we may also publish the Event Records, including Audio/Visual Data or Identity Data, in connection with our documentation of or publicity relating to those Events, for example, on the MinDD website or a relevant Event-specific page. We also process this data for our Business Purposes. We do not sell or “share” Personal Data collected in this context.
Releases and Your Rights: We may seek your consent or a release from you in the event the nature of our processing requires such consent or release. However, in certain circumstances, we may process or publish certain video, images, etc. without your consent, such as when we publish on an Event page certain Event Recordings that include images of groups or crowds in attendance at an Event. You may object to the processing of your Personal Data in connection with Event Recordings during the Event by speaking with organizers of the Event, or afterwards, by contacting us using the information below. The processing of Personal Data in connection with Event Recordings may be subject to additional terms and conditions to which you are a party (e.g. a release or consent) that will supersede the nature of processing or individual rights described in this Privacy Policy to the extent in conflict.
Use of our Sites and Platform
Generally
We process Device/Network Data, Contact Data, Identity Data, and Inference Data when you access and use our Sites or our Platform. For example, we may log your computer or mobile device operating system name and version, manufacturer and model, browser type, browser language, screen resolution, the website you visited before browsing to our Site, pages you viewed, how long you spent on a page, access times and information about your use of and actions on our Site. In some cases, we may collect Content, e.g. in the form of messages or content that you submit through our Sites and the Platform.
We use this Personal Data as necessary to operate our Site/Platform, such as keeping you logged in, delivering pages, etc., for our Business Purposes, and our other legitimate interests, such as:
- ensuring the security of our websites, mobile applications and other technology systems;
- analyzing the use of our Services, including navigation patterns, clicks, etc. to help understand and make improvements to the Services; and
- to deliver messages and Content to partners, mentors and user groups at your request.
Except as described in the Cookies and Similar Technology section below, we do not sell or “share” Personal Data collected in this context.
Cookies and Similar Technologies
We process Identity Data, Device/Network Data, Contact Data, and Inference Data, in connection with our use of cookies and similar technologies on our Sites. We may collect this data automatically.
We and authorized third parties may use cookies and similar technologies for the following purposes:
- For “Essential” purposes - these cookies and similar technologies are essential to provide you with services available through our Site and to enable you to use some of its features (e.g. to keep you logged in as you navigate between web pages).
- For “Functional” purposes - these cookies and similar technologies enable certain features or functionality on our Service, such as to enable certain features of our (e.g. to allow a customer to maintain an online shopping cart.)
- For “Analytics” purposes - these cookies and similar technologies help us operate our Site more efficiently, to gather broad demographic information and to monitor the level of activity on our Site. For example, we use Google Analytics to improve how our Site works, so that we can understand usage patterns on the Site, and similar purposes. You can find out more information about Google Analytics cookies here and about how Google protects your data here. You can prevent the use of Google Analytics relating to your use of our Site by downloading and installing the browser plugin available here. See the “Your Rights and Choices” section below for more information.
- For “Advertising” purposes - These cookies and similar technologies enable “retargeting” and other forms of Targeted Advertising.
- For “Social Media” purposes - These cookies and similar technologies allow you to share information using a social media sharing button or “like” button on our Site, link your SNS account to our Services, or engage with our content on or through a SNS such as Facebook or LinkedIn. The SNS may record that you have done this and may collect additional Personal Data about you, or link it to other Personal Data they hold about you, as described further by the SNS. Please see the applicable SNS privacy policy for more detail.
Personal Data processed for purposes of Targeted Advertising and Social Media may involve a sale or "sharing" of Personal Data.
Marketing Communications
We or our third party partners, mentors, and members of the MinDD network process Identity Data Contact Data, Device/Network Data, Biographical, and Inference Data to send you updates, newsletters, surveys, offers, and other promotional materials. You may receive marketing communications if you request information from us, register on our Site, or participate in our surveys, promotions or events, where allowed by law, or with your consent.
We process this Personal Data to contact you about relevant products or services and for our Business Purposes. We may tailor marketing communications based on your Profile, publicly available information, or information obtained through the MinDD network, Events you have attended, or your participation in MinDD Services. You will have the ability to opt out of such communications. We do not sell or “share” Personal Data collected in this context; however, you may receive marketing communications from third parties that received your Personal Data from us at your direction or through your interactions with them through our Services.
Contact us; support
We process Identity Data, Contact Data, and Content when you contact us, e.g. through a contact us form, or for support. If you call us via phone, we may collect Audio/Visual data from the call recording (subject to any required consents).
We process this Personal Data to respond to your request, and communicate with you, as appropriate, and for our Business Purposes. If you consent or if permitted by law, we may use Identity Data and Contact Data to send you marketing communications and for our Commercial Purposes. We do not sell or “share” Personal Data collected in this context.
Feedback and surveys
We process Identity Data, Contact Data, Preference Data, and Content collected in connection with Event or partner surveys or questionnaires. We process this Personal Data as necessary to respond to guest requests/concerns, for our Business Purposes, and other legitimate interests, such as:
- analyzing participants experiences satisfaction; and
- to allow our corporate partners to communicate with participants.
We may share Feedback/Survey data relating to third party partners with those partners, who may use it for their own purposes. We do not sell or “share” Personal Data collected in this context.
PROCESSING PURPOSES
Business Purposes
We and our Service Providers process Personal Data our integral operations and other business purposes, depending on the context of collection, your rights and choices. We generally process Personal Data for the following “Business Purposes.”
Service Provision
x If you use our Site, sign up for, or request to participate in a particular Service, we will process your Personal Data you give us or that we receive from relevant parties as necessary or appropriate for us to provide that Service. For example, we may process your Personal Data as follows:
- We process Device/Network Data to operate, administer and deliver our Service, (e.g., to show the content, process transactions, authenticate users);
- We process Profile Data, Transaction Data, and Application Data to create, manage, and communicate with you regarding an account you may have on our Services, including by sending you service announcements, technical notices, updates, security alerts, and support and administrative messages;
- To share Personal Data with the partners, mentors and user groups at your request; and
- We process Personal Data related to support and maintenance for our Services that you may request.
Your consent
We may use or share your Personal Data with your consent, such as when you: consent to participate in additional surveys on gender and race/ethnicity (where legally permissible), let us post your testimonials or endorsements on our Sites, instruct us to take a specific action with respect to your Personal Data, or opt into third party marketing communications.
Internal Processing and Service Improvement
We may use any Personal Data we process through our Services as necessary in connection with our legitimate interests in improving the design of our Service, understanding how our Services are used or function, for customer service purposes, for internal research, technical or feature development, to track service use, QA and debugging, audits, and similar purposes.
Compliance, Fraud Prevention and Safety
We use your Personal Data as we believe necessary or appropriate to (a) enforce the terms and conditions that govern the Service; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. Similarly, we process Personal Data on our Services as necessary to detect security incidents, protect against, and respond to malicious, deceptive, fraudulent, or illegal activity. We may analyze network traffic, device patterns, and characteristics, maintain and analyze logs and process similar Personal Data in connection with our information security activities.
Aggregated or De-identified Information
We may disclose or use aggregated or de-identified information for any purpose, subject to limits under applicable law. For example, we may share aggregated or de-identified information with prospects, partners, or sponsors for business or research purposes, such as when we analyze and report on demographic trends to measure our objective of having healthy diversity ratios across our programs.
Personalization
We process certain Personal Data as necessary in connection with our legitimate interest in personalizing our Services. For example, aspects of the Services may change so they are more relevant to you, e.g. by displaying your name and other appearance or display preferences, to display content that you have interacted with in the past, or to display content that we think may be of interest to you based on your interactions with our Services and other content.
Miscellaneous Processing
If we process Personal Data in connection with our Services in a way not described in this Privacy Policy, this Privacy Policy will still apply generally (e.g. with respect to your rights and choices) unless otherwise stated when you provide it.
Note that we may, without your consent, also process your Personal Data on certain public interest grounds. For example, we may process Personal Data as necessary to fulfill our legal obligations, to protect the vital interests of any individual, or otherwise in the public interest. Please see the Data Sharing section for more information about how we disclose Personal Data in extraordinary circumstances.
Commercial Purposes
We and certain third parties process Personal Data to further our commercial or economic interests (“Commercial Purposes,”) depending on the context of collection and your rights and choices.
Customer Profiles
We may subscribe to databases or contract with third party data providers from which we collect Personal Data such as Contact Data, Biographical Data, Inference Data, and other Personal Data regarding individuals that may be interested in our Events and programs. We may also collect, and combine with other Personal Data we maintain, Personal Data that is publicly available, such as that provided by business networking sites and databases, information related to the organization for which you work and personal interests and skill sets, and other similar information.
We also may obtain information from those in the MinDD network such as our Event organizers, contractors, and local representatives who have agreed to a relationship with us in order to deliver our Services. This may include information about potential interest in our programs, company, and individual progress, interest in local events, and attendance at other similar events.
Personalized Marketing Communications
We may personalize Marketing Communications based on your Profile. If applicable law requires consent to Consumer Profiling or Targeted Advertising, we will seek your consent.
Targeted Advertising, Data Sharing, Data Sales
We engage in retargeting and interest-based advertising ("Targeted Advertising") on our Sites, which may be a sale, "sharing" of Personal Data, or use for Targeted Advertising under applicable law. This form of advertising involves various parties and service providers, including third party data controllers, engaged in the processing of Personal Data to deliver and tailor ads you see. For example, if you attend an Event, we may use your Personal Data in connection with Targeted Advertising campaigns on Google, Facebook, Instagram, and LinkedIn.
These parties may collect Personal Data such as unique IDs, IP addresses, device information, OS/browser type, and other similar data, as well as information about the ads you see and view to develop and assess aspects of a profile about you to deliver more relevant advertisements and offers, and determine whether and how ads you see are effective, or can see advertisements from us on other websites. These third parties may augment your profile with demographic and other preferences data derived from these observations, and may also track whether you view, interact with, or how often you have seen an ad, or whether you complete a purchase for a good or services you were shown in an advertisement. These parties may be able to identify you across sites, devices, and over time. You can control how these third parties use your data, and the ads you see on these platforms, using the tools described in the Your Rights and Choices section below.
To learn about the specific providers we use for these services, please contact us.
DISCLOSURE/SHARING OF PERSONAL DATA
We may share Personal Data with the following categories of third-party recipients and/or for the following reasons:
Partners, Mentors and User Groups: We may disclose your Personal Data to our partners, mentors, and other groups with whom we have contracted to sponsor and deliver industry-focused accelerator and startup programs, and to other users of our Services, for the purpose of providing our products and services, including sharing with other members of the groups for which you are registered (e.g. founders, mentors). For example, when you participate in an accelerator program, we may share your Personal Data with the identified accelerator partners to organize and deliver the accelerator. Also, when you register for an event through our Services, we may share your Personal Data with the Event organizers and sponsors in order to communicate with you about the Event. Finally, you may request to join certain programs, initiatives, projects, or promotional opportunities operated by or in connection with third parties where we will share your information with the parties you choose or that operate the relevant program.
Affiliates: We may disclose your Personal Data to our parent company, subsidiaries, joint ventures, or other corporate affiliates for purposes consistent with this Privacy Policy.
Professional Advisors: We may disclose your Personal Data to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
Legal Disclosures: MinDD may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern the Services; (d) protect our rights, privacy, safety or property, and/or that of you or others; and (e) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
Business Transfers: We may sell, transfer or otherwise share some or all of our business or assets, which may include your Personal Data, in connection with a business deal (or potential business deal) such as a merger, consolidation, acquisition, reorganization or sale of assets or in the event of bankruptcy, in which case we will make reasonable efforts to require the recipient to honor this Privacy Policy.
Service Providers: We may employ third party companies and individuals to administer and provide the Services on our behalf (such as account creation, quality assurance testing, technical support, hosting, and email delivery and database management services). We may also disclose your data in connection with certain other business and operational purposes, such as data security monitoring, service analytics, internal research, quality control, etc. We generally share your Personal Data as you request, or in accordance with certain business purposes.
Advertisers, and Social Media Platforms: We may share certain Personal Data with social media platforms and advertisers that act as service providers in support of our Business Purposes and Commercial Purposes. We may allow these third parties to operate through our Services.
YOUR RIGHTS AND CHOICES
You may have certain rights and choices regarding the Personal Data we process. Please note, these rights may vary based on the country or state where you reside, and our obligations under applicable law. See the following sections for more information regarding your rights/choices in specific regions:
- US States/California
- EEA/UK/Switzerland
Your Rights
Generally
You may have certain rights and choices regarding the Personal Data we process. See the “Regional Supplements” section below for rights available to you in your jurisdiction. To submit a request, contact our Data Privacy Team. We verify your identity in connection with most requests, as described below.All account holders may review, update, correct, or delete the Personal Data in their registration profile by logging into their account. You may also contact us at privacy@minddtech.com to submit requests or if you have any questions.
Verification of Rights Requests
If you submit a request, we typically must verify your identity to ensure that you have the right to make that request, reduce fraud, and to ensure the security of Personal Data. If an agent is submitting the request on your behalf, we reserve the right to validate the agent’s authority to act on your behalf.
We may require that you match personal information we have on file in order to adequately verify your identity. If you have an account, we may require that you log into the account to submit the request as part of the verification process. We may not grant access to certain Personal Data to you if prohibited by law.
Your Choices
Email communications. You may opt out of newsletters and marketing-related emails from us by following the unsubscribe instructions on a link at the bottom of each such email, or by contacting us at privacy@minddtech.com. You may continue to receive transactional and other non-marketing emails. If you authorized the sharing of your contact information with a third party, contact that third party directly to opt out of receiving any communications they may send.
Withdrawing consent. If you gave us consent to use your Personal Data, but wish to update or delete it, please contact us at privacy@minddtech.com.
Choosing not to share your Personal Data. Where we are required by law to collect your Personal Data, or where we need your Personal Data in order to provide the Services to you, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with the Services and may need to close your account. We will tell you what information you must provide to receive the Services by designating it as required in the Services or through other appropriate means.
Cookies and similar technologies. You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” facility). Many browsers are set to accept cookies until you change your settings. Further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org. If you do not accept our cookies or similar technologies, you may not be able to use certain features or services. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Site. You may opt out of other third party technologies directly via the third party, or you may use our cookie management system. For example, to opt-out of Google’s analytic and marketing services, visit Google Analytics Terms of Use, the Google Policy, or Google Analytics Opt-out.
Do Not Track Signals. Some Internet browsers may support “Do Not Track” signals to the online services that you visit. We currently do not respond to do not track signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Retargeting and Behavioral Advertising. When we share your information with third parties for retargeting purposes, or for behavioral advertising, you have a right to revoke your consent (if provided) or otherwise opt-out of such services. Where a third party processes data on our behalf, (e.g. Custom Audiences, or Customer Match) you may contact us to opt out. However, to the extent the third party processes your information for its own purposes, you should opt out with that third party directly. You can control your Facebook (and Instagram) privacy settings here, Google's ad settings here, and LinkedIn's privacy settings here. You may also opt out of Targeted Advertising/”sharing” using our cookie management system, or by enabling the Global Privacy Control (e.g. through your browser or a browser extension).
SECURITY
The security of your Personal Data is important to us. We take a number of organizational, technical, and physical measures designed to protect the Personal Data we collect, both during transmission and once we receive it. However, no security safeguards are 100% secure and we cannot guarantee the security of your information.
THIRD PARTY SITES AND SERVICES
Our Site may contain links to other websites and services. These links are not an endorsement, authorization, or representation that we are affiliated with that third party. We do not exercise control over third party websites or services, and are not responsible for their actions. Other websites and services follow different rules regarding the use or disclosure of the Personal Data you submit to them. We encourage you to read the privacy policies of the other websites you visit and services you use.
USER GENERATED CONTENT
We may make available on our Site, or link to, features that allow you to share Content and other information online (e.g., on message boards, in chat areas, in file uploads, through events, etc.). Please be aware that whenever you voluntarily disclose Personal Data online, that information becomes public and can be collected and used by others. We have no control over, and take no responsibility for, the use, storage, or dissemination of such publicly-disclosed Personal Data. By posting Personal Data online in public forums, you may receive unsolicited messages from other parties.
CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make material changes to this Privacy Policy we will post an updated version of the Privacy Policy on our Site.
Any modifications to this Privacy Policy will be effective upon our posting of the new terms and/or upon implementation of the new changes on the Site (or as otherwise indicated at the time of posting). In all cases, your continued use of our Services after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.
RETENTION
We will only retain your Personal Data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for Personal Data, we consider, for example, the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, applicable legal requirements, industry best practices, IT systems design, and relevant costs.
In some circumstances, we may anonymize your Personal Data (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.
CHILDREN’S PRIVACY
Our Products and Services are not directed to children under the age of 13, and we do not intentionally gather Personal Data from visitors who are under the age of 13, without their parental or guardian’s consent. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at the contact information provided below. We will delete such information from our files as soon as reasonably practicable.
CONTACT US
If you have any questions or concerns or complaints about our Privacy Policy or our data collection or processing practices, please contact us at privacy@minddtech.com, or write to us at:
MinDD
230 Park Avenue
Floor 3
New York, NY 10169
REGIONAL SUPPLEMENTS
US States/California
Rights & Choices
Under the California Consumer Privacy Act (“CCPA”) and other state privacy laws, residents of certain US states may have the following rights, subject to regional requirements, exceptions, and limitations.
Confirm: Right to confirm whether we process your Personal Data.
Access/Know: Right to request any of following: (1) the categories of Personal Data we have collected, sold/shared, or disclosed for a commercial purpose; (2) the categories of sources from which your Personal Data was collected; (3) the purposes for which we collected or sold/shared your Personal Data; (4) the categories of third parties to whom we have sold/shared your Personal Data, or disclosed it for a business purpose; and (5) the specific pieces of Personal Data we have collected about you.
Portability: Right to request that we provide certain Personal Data in a common, portable format.
Deletion: Right to delete certain Personal Data that we hold about you.
- Correction: Right to correct certain Personal Data that we hold about you. Opt-out (Sales, Sharing, Targeted Advertising, Profiling). Right to opt-out of the following: If we engage in sales of data (as defined by applicable law), you may direct us to stop selling Personal Data.
- If we engage in Targeted Advertising (aka "sharing" of Personal Data or cross-context behavioral advertising), you may opt-out of such processing.
- If we engage in certain forms of "profiling" (e.g. Profiling that has legal or similarly significant effects), you may opt-out of such processing using our cookie management system, or by enabling the Global Privacy Control (e.g. through your browser or a browser extension).
Opt-Out (Sales, Sharing, Targeted Advertising, Profiling): We do not sell, or “share” (as defined in CCPA) Personal Data.
Opt-out or Limit Use and Disclosure of Sensitive Personal Data: Right to opt-out of the processing of certain Sensitive Data, or request that we limit certain uses of Sensitive Personal Data. This right does not apply in cases where we only use Sensitive Personal Data where necessary, or for certain business purposes authorized by applicable law.
Opt-in/Opt-out of Sale/Sharing of Minors’ Personal Data: To the extent we have actual knowledge that we collect or maintain personal information of a minor under age 16 in California, those minors must opt in to any sales/sharing of personal information (as defined under CCPA), and minors under the age of 13 must have a parent consent to sales/sharing of personal information. All minors have the right to opt-out later at any time. We do not have actual knowledge that we process the personal data of minors under age 16.
Non-Discrimination: California residents have the right to not to receive discriminatory treatment as a result of your exercise of rights conferred by the CCPA.
List of Direct Marketers: California residents may request a list of Personal Data we have disclosed about you to third parties for direct marketing purposes during the preceding calendar year.
Remove Minors’ Content: Residents of California under the age of 18 can delete or remove posts using the same deletion or removal procedures described above, or otherwise made available through the Services. If you have questions about how to remove your posts or if you would like additional assistance with deletion, contact us using the information below. We will work to delete your information, but we cannot guarantee comprehensive removal of that content or information posted through the Services.
Submission of Requests
You may submit requests for most requests at privacy@minddtech.com (please our review verification requirements section). You may opt-out of Targeted Advertising / "sharing" using our cookie management system, or by enabling the Global Privacy Control (e.g. through your browser or a browser extension). If you have any questions or wish to appeal any refusal to take action in response to a rights request, contact us at privacy@minddtech.com. We will respond to any request to appeal within the period required by law.
Website: https://www.minddtech.com/contact
Email: privacy@minddtech.com
Categories of Personal Data Disclosed for Business Purposes
For purposes of the CCPA, we have disclosed to Service Providers for “business purposes” in the preceding 12 months the following categories of Personal Data, to the following categories of recipients:
Category of Personal Data: Audio / Visual Data, Biographical Data; Contact Data; Content; Device / Network Data, Identity Data; Inference Data; Transaction Data Category of Recipients: Partners; Mentors and User Groups; Affiliates; Legal Disclosures; Business Transfers; Service Providers & Business Purposes; Advertisers, and Social Media Platforms
Category of Personal Data: Payment Data; Government ID Data; Sexual Orientation; Race or Ethnic Origin. Category of Recipients: Partners; Affiliates; Legal Disclosures; Business Transfers; Service Providers & Business Purposes
Categories of Personal Data Sold, Shared, or Disclosed for Commercial Purposes
For purposes of CCPA, we have "sold" or "shared" in the preceding 12 months in the following categories of Personal Data, to the following categories of recipients:
Category of Personal Data: Biographical Data; Contact Data; Device/Network Data; Identity Data; Inference Data; Transaction Data Category of Recipients: Sponsors, Advertisers, and Social Media Platforms
Categories of Sensitive Personal Data Used or Disclosed
For purposes of CCPA, we may have use or disclose the following categories of Sensitive Personal Data: Government ID Data; Payment Data; Race or Ethnic Origin; and Sexual Orientation.
EEA/UK/Switzerland
Controller & Representative
MinDD is the controller of your Personal Data for purposes of European data protection legislation. See the Contact Us section above for contact details.
International Data Transfers
MinDD’ headquarters is in the United States and has affiliates and service providers in the US and around the world. Your information, including Personal Data that we collect from you, may be transferred to, stored at and processed by us and our affiliates and other third parties outside the country in which you reside, including, but not limited to the United States, where data protection and privacy regulations may not offer the same level of protection as in your jurisdiction. Whenever we transfer your Personal Data out of the EEA/UK/Switzerland to countries not deemed by the European Commission to provide an adequate level of Personal Data protection, the transfer will be subject to one of the following safeguards:
- The Standard Contractual Clauses;
- Applicable certifications recognized by the European Commission or ICO (as appropriate) or
- Binding Corporate Rules that have been approved by the European Commission/ICO and deemed to ensure that a given processor or controller provides adequate protection of data.
If none of these transfer bases are available, we may transfer subject to appropriate derogations under applicable data protection law. Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Data out of the EEA/UK/Switzerland, including the then-current transfer basis used to authorize transfers to specific third parties.
Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework
MinDD complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. MinDD has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. Our affiliated entities as follows also adhere to the EU-U.S. DPF Principles in accordance with their compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF: PBTS LLC and TS Startup LLC. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
We are responsible for the processing of Personal Data received under the DPF and subsequent transfers to third parties acting as agents on our behalf. MinDD complies with the DPF Principles for all onward transfers of Personal Data from the EU and the UK, including the onward transfer liability provisions. With respect to Personal Data received or transferred pursuant to the DPF, MinDD is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. We commit to cooperate with the EU or UK data protection authorities and comply with advice given by such authorities with respect to any human resources data transferred from the EU or UK in the context of the employment relationship. In certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, MinDD commits to resolve DPF Principles-related complaint about our collection and use of your personal information. EU and UK individuals with inquiries or complains regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF should first contact MinDD at: privacy@minddtech.com. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, of if we have not addressed your DPF Principles-related complaint to your satisfaction please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. Such services shall be provided at no cost to you.
Under certain conditions, more fully described on the DPF website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Legal bases for processing
Legal Basis: Performance of a contract
Description of Basis & Relevant Purposes: The processing of your Personal Data is strictly necessary in the context in which it was provided, e.g. to perform the agreement you have with us, to provide products and services to you, to open and maintain your user accounts, to deliver ticket you have purchased, or process requests.
Relevant Contexts / Purposes / Disclosures:
Contexts
- Contexts where Personal Data (excluding Sensitive Personal Data) is processed for specified legitimate interests or purposes listed below
- Cookies and other tracking technologies (essential)
Purposes
- Service Provisions
Disclosures
- Partners, Mentors and User Groups
- Professional advisors
Legal Basis: Legitimate interests
Description of Basis & Relevant Purposes: This processing is based on our legitimate interests. For example, we rely on our legitimate interest to administer, analyze and improve our Websites and related content, to operate our business including through the use of service providers and subcontractors, to send you notifications about our Websites or products you have purchase, for archiving, record keeping, statistical and analytical purposes, and to use your Personal Data for administrative, fraud detection, audit, training, security, or legal purposes. See the Business Purposes of Processing section above for more information regarding the nature of processing performed on the basis of our legitimate interests.
Relevant Contexts / Purposes / Disclosures:
Contexts
- Contexts where Personal Data is processed for purposes listed below
Purposes
- Internal Processing and Service Improvement
- Security and Incident Detection
- Personalization
- Aggregated Data
- Profiles
- Personalized Marketing Communications
Disclosures
- Affiliates
- Service Providers
- Advertisers, and Social Media Platforms
- Business Transfers
- Legal Disclosures
Legal Basis: Consent
Description of Basis & Relevant Purposes: This processing is based on your consent. You are free to withdraw any consent you may have provided, at any time, subject to your rights/choices, and any right to continue processing on alternative or additional legal bases. Withdrawal of consent does not affect the lawfulness of processing undertaken prior to withdrawal.
Relevant Contexts / Purposes / Disclosures:
Contexts
- Contexts where Personal Data is processed for purposes listed below
- Cookies and other tracking technologies (except strictly necessary)
- Processing of Sensitive Personal Data
- Marketing communications
Purposes
- Targeted Advertising
Disclosures
- Partners, Mentors and User Groups: (Sensitive Data)
- Professional Advisors:
- Advertisers, and Social Media Platforms:
Legal Basis: Compliance with legal obligations
Description of Basis & Relevant Purposes: This processing is based on our need to comply with legal obligations. We may use your Personal Data to comply with legal obligations to which we are subject, including to comply with legal process. See the Business Purposes of Processing section above for more information regarding the nature of processing performed for compliance purposes.
Relevant Contexts / Purposes / Disclosures:
Business Purposes
- Compliance, Fraud Prevention, Safety
Disclosures
- Legal Disclosures
Legal Basis: Performance of a task carried out in the public interest
Description of Basis & Relevant Purposes: This processing is based on our need to protect recognized public interests. We may use your Personal Data to perform a task in the public interest or that is in the vital interests of an individual. See the Business Purposes section above for more information regarding the nature of processing performed for such purposes.
Relevant Contexts / Purposes / Disclosures:
Business Purposes
- Compliance, Fraud Prevention, Safety
Disclosures
- Legal Disclosures
Your Rights
Residents of the EEA, UK, and Switzerland have the following rights. Please read our review verification requirements. Applicable law may provide exceptions and limitations to all rights.
Access: You may have a right to access the Personal Data we process.
Rectification: You may correct any Personal Data that you believe is inaccurate.
Deletion: You may request that we delete your Personal Data. We may delete your data entirely, or we may anonymize or aggregate your information such that it no longer reasonably identifies you.
Data Export: You may request that we send you a copy of your Personal Data in a common portable format of our choice.
Restriction: You may request that we restrict the processing of Personal Data to what is necessary for a lawful basis.
Objection: You may have the right under applicable law to object to any processing of Personal Data based on our legitimate interests. We may not cease or limit processing based solely on that objection, and we may continue processing where our interests in processing are appropriately balanced against individuals’ privacy interests. In addition to the general objection right, you may have the right to object to processing:
- for Profiling purposes;
- for direct marketing purposes (we will cease processing upon your objection); and
- involving automated decision-making with legal or similarly significant effects (if any).
Regulator Contact: You have the right to file a complaint with regulators about our processing of Personal Data. To do so, please contact your local data protection or consumer protection authority. You can find your data protection regulator here.
Submission of Requests
You can submit these requests by email to privacy@minddtech.com or our postal (mailing) address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your Personal Data or response to your requests regarding your Personal Data, you may contact us at privacy@minddtech.com or submit a complaint to the data protection regulator in your jurisdiction.