Privacy Policy

Privacy policy

MondoBox, Inc. is committed to protecting and respecting your privacy. This policy (together with our terms of use: https://www.mondobox.com/terms.html and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By registering with www.mondobox.com you are accepting and consenting to the practices described in this policy.

For the purpose of the UK Data Protection Act 1998 (the Act) and the EU’s General Data Protection Regulation (GDPR), the data controller is MondoBox, Inc. Within this document, the terms “MondoBox“, “we“, and “us” means MondoBox, Inc. (doing business as MondoBox), a Delaware corporation whose registered office is at the following address:

MondoBox, Inc.
810 E 8th Street
Oakland, CA 94606
USA

MondoBox has been certified by Privacy Shield. We are in compliance with CalOPPA, PIPEDA, and are GDPR compliant. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

This policy is effective as of May 1, 2019. To learn more about the GDPR and the privacy rights it affirms, see https://www.eugdpr.org/eugdpr.org.html.

To learn more about CalOPPA, see https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacy-protection-act-caloppa-3/.

To learn more about PIPEDA, please visit https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/r_o_p/ .

1. General and Interpretation

1.1 Your Data Privacy Rights

We take our customers’ privacy rights seriously. We’ve expanded our protections on your behalf and in accord with the rights described in the EU’s General Data Protection Requirement (GDPR). GDPR grants the right of access and the right to be informed. These broadly mean people will have the right to know who is processing their data and why.

We summarize the rights that you have under data protection law below. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights. For more, please see the GDPR’s Chapter 3 Rights of the Data Subject here: https://gdpr-info.eu/chapter-3/.

Your principal rights under the GDPR-enhanced data protection law are:

the right to access personal data that is stored and processed by MondoBox
the right to rectification should you find and establish inaccuracies in MondoBox personal data
the right to erasure – subject to MondoBox legal obligations
the right to restrict processing including direct marketing and subject to MondoBox legal obligations
the right to object to processing
the right to data portability – you can request that MondoBox transfer your personal data to a service of your choice
the right to complain about a MondoBox-related personal data policy or incident to a supervisory authority – in the UK, that is the Information Commissioner’s Office (ICO) https://ico.org.uk. For a list of each EU state authority, see: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
the right to withdraw consent subject to MondoBox legal obligations

1.1.1 MondoBox Legal Obligations

In support of the identity theft protocols, MondoBox currently maintains customer information on account for 5 years. MondoBox has a process in place to automatically erase customer personal data 5 years after the customer account has been closed. This policy is compliant with the GDPR.

1.1.2 More about your rights

You have the right to confirmation as to whether or not we process your personal data and where we do, and access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee. You can access your personal data by requesting it from MondoBox as described below.

You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.

In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include:

the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
you withdraw consent to consent-based processing;
you object to the processing under certain rules of applicable data protection law;
the processing is for direct marketing purposes;
the personal data have been unlawfully processed.

However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary for compliance with MondoBox’s legal obligation as described above; or for the establishment, exercise or defense of legal claims.

In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are:

you contest the accuracy of the personal data;
processing is unlawful but you oppose erasure;
we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defense of legal claims;
you have objected to processing, pending the verification of that objection.

Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it:

with your consent;
for the establishment, exercise, or defense of legal claims;
for the protection of the rights of another natural or legal person;
for reasons of important public interest.

You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for:

the performance of a task carried out in the public interest or in the exercise of any official authority vested in us;
the purposes of the legitimate interests pursued by us or by a third party.

If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.

You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.

You have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

You have the right to receive your personal data from us in a structured, commonly used and machine-readable format.

If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement. For the United Kingdom, you may lodge a complaint with UK-designated supervisory authority: the Information Commissioner’s Office (ICO) https://ico.org.uk.

In addition, you may seek independent dispute resolution from other appropriate bodies designated to address complaints and provide appropriate recourse free of charge to you. For individuals protected under the EU-U.S. Privacy Shield, contact the European data protection bodies listed here: https://edpb.europa.eu/about-edpb/board/members_en. We are subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC).

We comply with the EU-U.S. Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. We certify that we adhere to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.

We maintain offices in the United States and we collect, store, and process your personal information in the United States. These activities are governed by applicable United States laws and regulations in this Privacy Policy. In accordance with our commitment to protect personal privacy, we comply with the EU-U.S. Privacy Shield Framework as developed by the U.S. Department of Commerce in consultation with the European Commission regarding the collection, use, and retention of personal information transferred from the European Union to the United States. We have a liability in cases of onward transfers to third parties and complies with the Notice and Choice principles for all data disclosed or transferred to a third party. We acknowledge the possibility, under certain conditions, for individuals to invoke binding arbitration in filing a complaint disputing our adherence to these principles and practices. Individuals may invoke binding arbitration at no cost to the individual.

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal. Nor will it affect the legal obligations that govern MondoBox’s legitimate interest in retaining certain types of personal data.

You may exercise any of your rights in relation to your personal data the methods described in the Contact section below and here:

During registration you will be apprised of MondoBox personal data requests and prompted for consent
At any time you can click through email or website links to exercise your rights as described above.

2. Information we may collect from you

We may collect and process the following data about you:

Information you give us. You may give us information about you by filling in forms on our site www.mondobox.com (our site) or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register a Customer account on our site, otherwise make use of any products or services available from our website or mobile applications, and when you report a problem, make a complaint to us, and other requests compatible with your privacy rights. The information you give us may include your name, username or nickname (if they contain personal information), your address, e-mail address and mobile phone number. Information we collect about you. With regard to each of your visits to our site we may automatically collect the following information:

Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform,
Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), web pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

Information we receive from other sources. We may receive information about you if you use any of the other websites we operate from time to time or if you avail yourself of the other services we provide. We are also working closely with third parties (including, for example, our regulators, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them. MondoBox has obtained affirmations from its 3rd party partners that they are GDPR compliant.

3. Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

4. Use of sms data

We use SMS communication to verify your account registration, to notify you when match streaming begins, to advise you of any promotional offers that may be of interest to you, and to let you know of any upcoming special events, sponsored matches, or guest streamers. We work to ensure that you will only receive SMS communications from us that you want to receive.

We honor opt-out requests to opt out of SMS messaging. To opt out, reply with the word, ‘STOP’ to any SMS message we may send you. Alternatively, you may log into your MondoBox user account opt out of SMS messaging from the account profile menu, or you can send an email to the address shown below.

5. Uses made of the information

We use information held about you in the following ways:

Information you give us. With your explicit consent, we will use this information to:

Carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us,
Provide you with information about other goods and services we offer that are similar to those that you have already used,
Notify you about changes to our service,
Ensure that content from our site is presented in the most effective manner for you and for your computer,
Pay you or attempt to contact you to make payment for any prize winnings which you may be due.

Information we collect about you. We will use this information:

To administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes,
To improve our site to ensure that content is presented in the most effective manner for you and for your computer,
To allow you to participate in interactive features of our service, when you choose to do so,
As part of our efforts to keep our site safe and secure,
To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you,
To make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.

Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may us this information and the combined information for the purposes set out above (depending on the types of information we receive).

6. Disclosure of Your Information

We may share your personal information with any member of our group, which means our subsidiaries, or our ultimate holding company and its subsidiaries.

We may share your information with selected third parties including:

Our business partners, suppliers and sub-contractors for the performance of any contract we enter into with them.
Credit reference agencies or other third-party service providers who will check or authenticate you.
Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in postal code 94607). We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience.
Analytics and search engine providers that assist us in the improvement and optimization of our site.

We may disclose your personal information to third parties:

In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets. MondoBox will notify you of such an event well in advance, and affirm GDPR compliance on any such buyers.
If MondoBox, Inc. or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use (https://www.mondobox.com/ terms.html) and any other agreements or policies we may adopt from time to time including any policies in respect of fraud prevention, cheating and unethical behavior, or to protect the rights, property, or safety of MondoBox, Inc., our users, or others. This includes exchanging information with legal authorities, as well as other companies and organizations for the purposes of customer identification, fraud protection and age verification.

7. Where we store your personal Data

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the opening of Customer accounts, analysis of your activity on our site or app, and the provision of customer support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site, any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.

8. Changes to our Privacy Policy

Any changes we may make to our privacy policy in the future will be posted on this page. When possible, will notify users of changes to this policy when they log into the service. Please check back frequently to see any updates or changes to our privacy policy.

9. Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to support@mondobox.com.