PRIVACY POLICY

1. Introduction

At mxfsa.com (“we,” “our,” or “us”), we are fully committed to safeguarding the privacy and personal data of all individuals who visit our website, interact with our services, or otherwise engage with us. Your trust is essential to us, and we are committed to collecting and processing your personal information with the highest level of transparency, integrity, and responsibility. We adhere strictly to applicable privacy regulations, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

This Privacy Policy outlines how we collect, use, share, and safeguard your information and your rights and choices with respect to your personal data.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users of mxfsa.com, including visitors, customers, and individuals who communicate with us. mxfsa.com is operated and controlled by the data controller: MXFSA (referred to as “MXFSA”), who determines the purposes and means of the processing of your personal data.

If you have any questions or requests regarding this Privacy Policy or the processing of your personal data, you may contact us at [email protected].

3. Categories of Data Processed

We may collect or process the following categories of personal data depending on your interaction with our website and services:

a. Usage Data
Includes data such as IP address, browser type and version, time zone settings, device identifiers, operating system, pages visited, referring URLs, session durations, and activity logs when accessing mxfsa.com.

b. Account Data
Includes identifying and contact information such as your full name, email address, telephone number, postal address, and other contact details when you create an account or complete forms on our website.

c. Profile Data
Includes information about your preferences, interests, purchase history, product behavior, and demographic details that you provide to us or that are derived from your use of our services.

d. Communication Data
Includes records of your correspondence with us, such as help desk inquiries, customer service communications, feedback, and submitted reviews.

e. Technical Data
Includes device specifications, browser plug-ins, connection type, network identifiers, and system configurations relevant to accessing our platform and services.

f. Transaction Data
Includes billing information, payment methods, shipping details, order history, and other financial data necessary for completing transactions.

g. Preference Data
Includes your consent to marketing communications, language and content choices, and responses to optional user experience surveys or promotions.

4. Legal Bases for Processing

We rely on the following lawful bases for processing personal data, in accordance with GDPR Article 6:

– Consent: When you voluntarily provide your personal data or opt-in for marketing communications.
– Contractual Necessity: When processing is necessary to perform a contract with you, such as fulfilling a purchase or providing services.
– Legal Obligation: When we are required to process data under applicable law or comply with a regulatory obligation.
– Legitimate Interests: When processing serves our legitimate business interests, such as ensuring site security, improving services, fraud prevention, and internal analytics, and where such interests are not overridden by your rights and freedoms.

5. Your Rights

As a data subject under applicable data privacy laws, you have the following rights regarding your personal data:

– Right of Access: You may request access to a copy of your personal data held by us.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data, subject to legal retention obligations.
– Right to Restrict Processing: You may request to limit the processing of your data in certain circumstances.
– Right to Data Portability: You may request a copy of your data in a commonly used, machine-readable format and transfer it to another controller, where feasible.
– Right to Object: You may object to processing based on legitimate interests or direct marketing at any time.

To exercise any of the above rights, please contact us at [email protected]. We will respond to your request in accordance with applicable data protection laws.

6. Security Measures

We have implemented robust technical and organizational measures to ensure the confidentiality, integrity, and availability of your personal data. These include:

– End-to-end encryption of data transmissions where appropriate
– Secure access controls and user authentication
– Regular data backups and disaster recovery processes
– Staff data protection training and strict internal access protocols
– Monitoring mechanisms to detect and respond to data security incidents

While we strive to protect your personal data, no electronic transmission or storage is entirely secure. We encourage you to take appropriate precautions when interacting online.

7. International Transfers

We may transfer your personal data to regions outside the European Economic Area (EEA) or the United States where MXFSA or its service providers operate. In such cases, we use appropriate safeguards, including the European Commission’s Standard Contractual Clauses or other legally approved mechanisms, ensuring adequate protection in accordance with applicable data privacy laws.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal and regulatory obligations. Retention periods vary by data category:

– Usage Data: Retained for up to 12 months for analytics and security purposes.
– Account Data: Retained for the life of the user’s account and up to 7 years thereafter to comply with audit obligations.
– Profile Data: Retained for 36 months after the last user interaction unless you request erasure.
– Communication Data: Retained for 5 years for legal and service quality documentation.
– Technical Data: Retained for up to 12 months.
– Transaction Data: Retained for 7 years for financial and tax compliance.
– Preference Data: Retained until opt-out or up to 24 months of inactivity.

9. Cookie Policy

We use cookies and similar technologies to enhance your browsing experience on mxfsa.com. These may include:

– Essential Cookies: Necessary for access and proper functioning of our website.
– Functional Cookies: Enable enhanced functionality and personalization.
– Analytics Cookies: Evaluate site usage and improve performance (e.g., Google Analytics).
– Performance Cookies: Monitor system health, resources, and load balancing.

These cookies may collect anonymized usage information and may be first-party or third-party.

10. Cookie Management and Compliance with GDPR & CCPA

You may manage or withdraw your cookie preferences at any time via your browser settings or our cookie consent manager. Consent for non-essential cookies is obtained explicitly in compliance with GDPR.

Under the CCPA, California residents may exercise the right to opt out of the “sale” of personal information, where applicable. We do not knowingly sell personal information as defined by the CCPA.

11. Special Protections for Children Under 13

Our website is not intended for use by individuals under the age of 13. We do not knowingly collect or process personal data from children without verifiable parental consent. If you believe we have inadvertently collected such information, please contact us immediately at [email protected], and we will take steps to delete the data promptly.

12. Policy Updates and User Notifications

We reserve the right to update or amend this Privacy Policy from time to time. Any significant changes will be posted through mxfsa.com, and where legally required, we will seek your explicit consent to material changes. We recommend reviewing this Policy periodically to stay informed about how we protect your data.

13. Contact

If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us at:

Email: [email protected]

We are committed to processing your inquiries in a timely and transparent manner.

Compliance Statement

At MXFSA, we take privacy and data protection seriously. This Privacy Policy reflects our efforts to comply with GDPR, CCPA, and all applicable data protection laws. If you have concerns about your privacy or the way your personal data is handled, please do not hesitate to reach out to us via email at [email protected].