Copyright, Mazalit © All Rights Reserved
We at, Mazalit Ltd. and its wholly owned subsidiary, M.D.P.S. Ltd. (together, "Mazalit" or, "us", "our", "we") recognize and respect the importance of maintaining the privacy of our users and, as a result, we have established this Privacy Notice. If not otherwise defined herein, capitalized terms have the meaning given to them in the Terms of Service, which is available at https://account.mazalit.com/terms. This Privacy Notice describes the types of information we collect from you when you use our Platform and Services via our Site or our App. This Privacy Notice also explains how we may use, process, transfer, store and disclose the information collected as well as your ability to control certain uses of the collected information.
Mazalit Ltd. and M.D.P.S. Ltd. serve as joint data controllers in respect of the processing activities outlined in this Privacy Notice. The registered office of each is 4 Ariel Sharon St., Givatayim, Israel. The registration number of Mazalit Ltd. is 515509578 and the registration number of M.D.P.S. Ltd. is 515744837
The key points listed below are presented in further detail throughout this Privacy Notice. These key points do not substitute the full Privacy Notice.
Information we collect. When you complete our Know Your Client process and/or register to our Platform and/or Services, we collect Personal Data (as defined below) provided by you, such as your name, email address, the company you work for and your job title and payment details. We also collect Personal Data when you use the Platform and/or Services, or contact us with questions or complaints. When you visit our Site, we automatically collect your IP address and device IDs.
Basis for processing your Personal Data. Processing your Personal Data is necessary for the performance of the Terms and provision of the Services to you and use of the Platform by you. Processing for the purposes of developing and enhancing our Platform and Services, for marketing of our products and services, for analytics and usage analysis, for fraud prevention and security and for our recordkeeping and protection of our legal rights – are all necessary for the purposes of legitimate interests that we pursue.
Using the Personal Data we collect. We use the Personal Data we collect mainly to administer and provide the Platform and Services, contact you with administrative information, contact you with marketing offers (if you indicated your desire to receive them), and improve the Platform and Services.
Sharing the Personal Data we collect. We share the Personal Data we collect mainly with our vendors who provide us with services and subcontractors who assist us in the operation of the Platform and provision of the Services and process the Personal Data on our behalf and under our instructions.
International Transfer. We use vendors and/or subcontractors located in countries other than your own and send them your Personal Data. We will ensure that we will have agreements in place with such parties that will ensure the same level of privacy and data protection as set forth in this Privacy Notice. You hereby consent to such international transfer.
Your rights. Subject to applicable law, you may have a right to access, update or delete your Personal Data and obtain a copy of the Personal Data we have collected about you. You also have the right to object to certain processing, including the right to object, at any time, to processing your Personal Data for direct marketing purposes.
Use of Cookies and Similar Technologies. Mazalit uses cookies and similar technologies to help personalize your experience by helping save your settings and customizations across visits. You can adjust your settings to determine which cookies you do or do not allow. Changing your settings and/or deleting existing cookies may affect the Services.
Data Retention. We retain Personal Data for as long as necessary for the purposes set forth in this Privacy Notice. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether those purposes can be achieved through other means, as well as applicable legal requirements.
Security. We implement industry standard measures to reduce the risks of damage and unauthorized access or use of information, but they do not provide absolute information security. Such measures include physical, electronic, and procedural safeguards (such as secure servers, firewalls, antivirus and SSL encryption), compliance with PCI-DSS 3.2, and access control and other internal security policies.
Children. We do not knowingly collect personally-identifiable information from children under the age of sixteen (16). In the event that you become aware that an individual under the age of sixteen (16) has enrolled without parental permission, please advise us immediately.
Communications. Subject to your consent and applicable law, we may send you e-mail or other messages about us or our Services. You can stop receiving future communications from us by following the UNSUBSCRIBE link located at the bottom of each communication, by emailing us at Support@mazalit.com, or through your account settings.
Changes to the Privacy Notice. We may change this Privacy Notice from time to time and shall notify you of such changes.
Comments and Questions. If you have any comments or questions about this privacy notice, or if you wish to exercise your legal rights with respect to your Personal Data, please contact us at info@mazalit.com.
We collect information from you when you choose to use our Platform and/or Services. In order to use our Platform and/or Services and/or make or receive payments through the Platform, you will be required to register and provide us with certain Personal Data. We also collect Personal Data when you request information from us, sign up for newsletters or our email lists, complete online forms, or contact us for any other reason.
"Personal Data" means any information that refers, is related to, or is associated with an identified or identifiable individual or as otherwise may be defined by applicable law. Examples of the Personal Data that we collect from you may include your name, address, IP address, device ID, phone number, e-mail address, bank account, credit card number, tax identification number, and certain information contained in your passport, Know Your Client forms and other documents submitted by you to us. Such Personal Data may be collected by us through the Platform and/or Services or through the manual Know Your Client forms.
We also collect any images and/or pictures and/or photos and/or documents you may upload to the Platform.
In addition, when you use the Platform and Services, certain information may be automatically gathered about your computer or mobile device, such as, IP address, and subject to your consent as may be required under applicable law, (geo) location, as well as your browsing history and any information regarding your viewing and purchase history on our Platform.
It is your voluntary decision whether to provide us with any Personal Data, but if you refuse to provide such information we may not be able to register you to the Platform and/or provide you with the Services.
Processing your Personal Data is necessary for the performance of the Terms and the provision of the Services to you, including responding to your inquiries or requests, contacting and communicating with you and providing customer support. When you make a purchase, use our Services or engage in any other transaction with us, we may also process your Personal Data to perform that contract.
Processing for the purposes of developing new and enhancing our products and Services, for analytics and usage analysis, for the marketing of our products and services, for fraud prevention and security and for our recordkeeping and protection of our legal rights – are all necessary for the purposes of legitimate interests that we pursue. In conducting such processing activities, we balance these legitimate interests against the rights and interests of our users. If you would like more information regarding how we make such determinations, please contact us through the contact information specified below.
Please note that we may process your Personal Data for more than one legal basis depending on the specific purpose for which we are using your Personal Data. Please contact us if you would like details about the specific legal ground we are relying on to process your Personal Data.
We and any of our trusted third-party subcontractors and vendors use the Personal Data we collect from and about you for any of the following purposes: (1) to provide you with the Services; (2) to respond to your inquiries or requests, contact and communicate with you; (3) to develop new products or services and conduct analyses to improve our current content and Services; (4) to contact you with informational newsletters and promotional materials relating to our Platform and/or Services; (5) to review the usage and operations of our Platform and Services; (6) to use your Personal Data in an aggregated, non-specific format for analytical purposes (as detailed below); (7) to prevent fraud, protect the security of our Platform and Services, and address any problems with the Platform and/or Services; and (8) to provide customer support.
By analyzing all information we receive, including all information concerning users (including Personal Data), we may compile statistical information across a variety of platforms and users ("Statistical Information"). Statistical Information helps understand trends and customer-needs so that new products and services can be considered and so existing products and services can be tailored to customer desires. We may share such Statistical Information with our partners, without restriction, on commercial terms that we can determine at our sole discretion.
We, or our vendors or subcontractors, use analytics tools ("Tools"), including "Google Analytics" to collect information about the use of the Platform and/or Services. Such Tools collect information such as how often users visit the Platform, what pages they visit when they do so, and what other sites and mobile applications they used prior to visiting the Platform. The Tools may collect certain Personal Data, and may link such Personal Data to specific information stored in our customer database. We use the information we get from the Tools to improve our Platform and Services. Google's ability to use and share information collected by Google Analytics about your visits to the Site is restricted by the Google Analytics Terms of Use located at http://www.google.com/analytics/terms/us.html and the Google Privacy Policy located at http://www.google.com/policies/privacy/.
We may use your Personal Data as required or permitted by any applicable law.
We share your information, including Personal Data, as follows:
We may disclose information, including Personal Data we collect from and/or about you, to our trusted vendors, business partners, affiliates, subcontractors, who may use such information: (1) to help us provide you with the Services; and (2) to aid in their understanding of how users are using our Platform and Services.
Such vendors, business partners, affiliates, and subcontractors include:
| Name | Service Provided | Location |
|---|---|---|
| Internal company services such as emails | USA | |
| Amazon AWS | IT Infra, databases | USA |
| Twillio | SMS, push notifications | USA |
| SendGrid | Email services to customers | USA |
| ComplianceAssist | Compliance services | UK |
| Isracard-Global | Credit card processing | Israel |
| Regulazia | Financial regulation consulting | Israel |
We may use subcontractors and vendors and have business partners and affiliates who are located in countries other than your own (as set forth above) and send them information we receive (including Personal Data). We will ensure that these third parties will be subject to written agreements ensuring the same level of privacy and data protection as set forth in this Privacy Notice, including appropriate remedies in the event of the violation of your data protection rights in such third country.
Whenever we transfer your Personal Data to third parties based outside of the European Economic Area (EEA), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission.
Where we use certain service providers, we may use specific contracts approved by the European Commission which give Personal Data the same protection it has in the EEA.
Where we use providers based in the US, we may transfer data to them if they have been certified by the EU-US Privacy Shield which requires them to provide similar protection to Personal Data shared between the Europe and the US or any other arrangement which has been approved by the European Commission.
Please contact us through the contact information listed below if you would like further information on the specific mechanism used by us when transferring your Personal Data out of the EEA.
You hereby consent to such international transfer as described above.
We may transfer our databases containing your Personal Data if we sell our business or part of it, including in cases of liquidation. Information about our users, including Personal Data, may be disclosed as part of, or during negotiations of, any merger, sale of company assets or acquisition and shall continue being subject to the provisions of this Privacy Notice.
We will fully cooperate with any law enforcement authorities or court order requesting or directing us to disclose the identity, behavior or digital content and information of or related to an individual, including in the event of any user suspected to have engaged in illegal or infringing behavior. We may also share your Personal Data with third parties: (i) if we believe in good faith that disclosure is appropriate to protect our rights, property or safety (including the enforcement of the Terms and this Privacy Notice), (ii) to protect the rights, property or safety of third parties; (iii) when required by law, regulation subpoena, court order or other law enforcement related issues, or (iv) as is necessary to comply with any legal and/or regulatory obligation. You can request such Personal Data as specified herein by emailing us at info@mazalit.com.
We allow you to use our Platform and Services in connection with third-party services, sites, and/or mobile applications. If you use Platform and/or Services with or through such third-parties, we may receive information (including Personal Data) about you from those third parties. Please note that when you use third-parties outside of our Platform and/or Services, their own terms and privacy policies will govern your use of those services.
We make efforts to follow generally accepted industry standards to protect the Personal Data submitted to and collected by us, both during transmission and once we receive it, including by implementing the below:
Safeguards - The physical, electronic, and procedural safeguard we employ to protect your data include secure servers, web application firewalls, antivirus and SSL encryption of data.
Access Control - We dedicate efforts for a proper management of system entries and limit access only to authorized personnel on a need to know basis of least privilege rules, review permissions monthly, and revoke access immediately after employee termination.
Internal Policies - We maintain and regularly review and update our privacy related and information security policies.
Personnel - We require new employees to sign non-disclosure agreements according to applicable law and industry customary practice.
Encryption - We encrypt the data in transit using secure SSL/TLS Http protocols.
Standards and Certifications – We are compliant with the Payment Card Industry’s Data Security Standards (PCI DSS 3.2).
Database Backup – Our databases are backed up on a periodic basis for certain data and which are verified regularly. Backups are encrypted and stored within the production environment to preserve their confidentiality and integrity and are tested regularly to ensure availability, and are accessed only by authorized personnel.
However, no method of transmission over the Internet, or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
You have certain rights in relation to the Personal Data that we hold about you, as detailed below. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any information and/or comply with any of your requests, as detailed below:
Right of access and data portability. You have a right to know what Personal Data we collect about you and, in some cases, to have the information communicated to you. Subject to the limitations in applicable law, you may be entitled to obtain from us a copy of the Personal Data you provided to us (excluding information that we obtained from other sources) in a structured, commonly-used, and machine-readable format, and you may have the right to (request us to) transmit such Personal Data to another party. If you wish to exercise this right please contact us letting us know what information in particular you would like to receive and/or transmit. Subject to applicable law, we may charge you with a fee. Please note that we may not be able to provide all the information you ask for, for instance if the information includes Personal Data about another person. Where we are not able to provide you with information that you have asked for, we will endeavor to explain to you why. We will try to respond to any request for a right of access as soon as possible.
Right to correct Personal Data. Subject to the limitations in applicable law, you may request that we update, correct or delete inaccurate or outdated Personal Data and/or have us suspend the use of Personal Data, the accuracy of which you may contest, while we verify the status of that Personal Data. We will correct your Personal Data within a reasonable time from the receipt of your written request thereof.
Deletion of Personal Data ("Right to be Forgotten"). In certain circumstances you have a right to have Personal Data that we hold about you deleted. Should you wish to have any Personal Data about you deleted, please contact us using the information below. Subject to applicable law, we will delete Personal Data provided to us by a user within a reasonable time from the receipt of a written (including via email) request by such user to delete such collected information. We cannot restore information once it has been deleted. Please note that to ensure that we do not collect any further Personal Data, you should also delete our App from your mobile devices and terminate your account with us and clear our cookies from any device where you have used our App. We may retain certain Personal Data (including following your request to delete) for audit and record-keeping purposes, as well as other purposes, all as permissible and/or required under applicable law. We may also retain your information in an anonymized form.
Account deactivation. You can ask us to deactivate your account by contacting us using the information below. In order to deactivate your account, we may ask you for additional information.
Direct marketing opt out. You can change your mind at any time about your election to receive marketing communications from us and/or having your Personal Data processed for direct marketing purposes. If you do, please notify us by contacting us as detailed in this Privacy Notice. We will process your request as soon as reasonably possible, however it may take a few days for us to update our records before any opt out is effective.
Right to object. Subject to applicable law, you may have the right to object to processing of your Personal Data including for the purpose of direct marketing.
Supervisory Authority. If you are a European Citizen, you may have the right to submit a complaint to the relevant supervisory data protection authority.
Subject to applicable law and our (regulatory) obligations (including but not limited any PCI requirements), we retain information as necessary for the purposes set forth above. We may delete information from our systems, without notice to you, once we deem it is no longer necessary for the purposes set forth above. We may also retain your information in an anonymized form. In addition, retention by any of our processors may vary, in accordance with the processor's retention policy.
To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether those purposes can be achieved through other means, as well as applicable legal requirements.
Please contact us through the contact information listed below if you would like details regarding the retention periods for different types of your Personal Data.
Mazalit uses cookies and similar technologies to help personalize your experience. A “persistent” cookie may be used to help save your settings and customizations across visits. Third parties through which we provide the Services and/or our business partners may be placing and reading cookies on your browsers, or using web beacons to collect information in the course of advertising being served on different websites. By using and in interacting with our Site or App, you consent to the use of and placement of cookies and other similar technologies on your device as specified herein
A cookie is a small piece of text that is sent to a user's browser or device. The browser provides this piece of text to the device of the originating user when this visitor returns.
A "session cookie" is temporary and will remain on your device until you leave the Site.
A "persistent" cookie may be used to help save your settings and customizations across visits. It will remain on your device for much longer or until you delete it.
First-party cookies are placed by us, while third-party cookies may be placed by a third party. We use both first- and third-party cookies.
Information may also be collected through web beacons, which are small graphic images ("pixel tags"), which usually work together with cookies in order to identify users and user behavior. These may be shared with third parties.
We may use the terms "cookies" to refer to all technologies that we may use to store data in your browser or device or that collect information or help us identify you in the manner described above.
We use cookies and similar technologies for a number of reasons, for example, in order to help personalize your experience by helping save your settings and customizations across visits.
The specific names and types of the cookies, web beacons, and other similar technologies we use may change from time to time. However, the cookies we use generally fall into one of the following categories:
| Type of Cookie | Why We Use These Cookies |
|---|---|
| Necessary | These cookies are necessary in order to allow the App or Site to work correctly. They enable you to access the App or Site, move around, and access different services, features, and tools. Examples include remembering previous actions (e.g. entered text) when navigating back to a page in the same session. These cookies cannot be disabled. |
| Functionality | These cookies remember your settings and preferences and the choices you make (such as language or regional preferences) in order to help us personalize your experience and offer you enhanced functionality and content. |
| Security | These cookies can help us identify and prevent security risks. They may be used to store your session information to prevent others from changing your password without your login information. |
| Performance | These cookies can help us collect information to help us understand how you use our Site or App, such as whether you have viewed messages or specific pages and how long you spent on each page. This helps us improve the performance of our Site or App. |
| Analytics | These cookies collect information regarding your activity on our Site or App to help us learn more about which features are popular with our users and how our Site or App can be improved. |
Most Web browsers are initially configured to accept cookies, but you can change this setting so your browser either refuses all cookies or informs you when a cookie is being sent. In addition, you are free to delete any existing cookies at any time. Please note that some features of the Services may function improperly when cookies are disabled or removed.
- Functional cookies that remember whether you have seen a message so that we know not to show it again.
- Google Analytics cookies
All use of third-party applications or services is at your own risk and subject to such third party's privacy policies.
Subject to your consent as required under applicable law, we may send you e-mail or other messages and/or a newsletter about us or our Services. You may remove your Personal Data from our mailing list and stop receiving future communication from us by following the UNSUBSCRIBE link located at the bottom of each communication or byemailing us at support@mazalit.com. You will also be given the opportunity to unsubscribe from commercial messages in any such e-mail or message we send, as well as through your account settings on the Platform. Please note that we reserve the right to send you service-related communications, including service announcements and administrative messages relating to your account, without offering you the opportunity to opt out of receiving them. Should you not wish to receive such communications you may cancel your account.
We do not knowingly collect personally-identifiable information from children under the age of sixteen (16). In the event that you become aware that an individual under the age of sixteen (16) has enrolled without parental permission, please advise us immediately.
When visiting our Platform, you shall be asked to accept the terms of this Privacy Notice. If you do not agree with the terms hereof, please do not use the Platform. We may update this Privacy Notice from time to time – in which case, we shall notify you of such changes, following which, you may be asked to accept the new Privacy Notice. We will post the updated Privacy Notice on this page. Please come back to this page every now and then to make sure you are familiar with the latest version. Any new Privacy Notice will be effective from the date it is accepted by you.
If you have any comments or questions about our privacy notice, or if you wish for us to amend or delete your Personal Data, or exercise any of your other legal rights, please contact us at info@mazalit.com.
Last updated: August 2018
Copyright, Mazalit © All Rights Reserved