Message Broadcast values user and customer privacy and we are committed to protecting personal information. The following policy details how Message Broadcast collects, uses, and shares information when using Message Broadcast services. It also outlines user rights and how to exercise them regarding personal information.
Owner and Data Controller
Message Broadcast, LLC
4685 MacArthur Court, #250
Newport Beach, CA 92660
Owner contact email: [email protected]
Information We Collect
We collect several types of personal information when using Message Broadcast services. The categories of personal information we collect include:
- Usage Data
- Email address
- First name
- Last name
- Company name
- Phone number
Please note that providing specific data may be mandatory for us to provide our services. If Users choose not to provide the required data, it may hinder our ability to provide the requested services.
How We Use Personal Information
We use personal information collected for the following purposes:
- Providing, maintaining, and improving our services
- Responding to User inquiries and requests
- Complying with legal obligations
- Protecting our rights and interests, as well as those of our Users and third parties
- Detecting and preventing malicious or fraudulent activities
Sharing User Information
Users may exercise certain rights regarding their Data processed by the Owner and have the right to do the following:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than their consent. Further details are provided in the dedicated section below.
- Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
- Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
- Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used, and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.
California residents have rights under the California Consumer Privacy Act (CCPA):
- Right to Opt Out: Users have the right to opt out of the sale of User personal information.
- Right to Know: Users have the right to request information about the categories of personal information we collect, use, disclose, and sell, as well as the purposes for which they are used.
- Right to Delete: Users have the right to request the deletion of User personal information.
- Right to Non-discrimination: We will not discriminate against Users for exercising their CCPA rights.
To exercise User rights under the CCPA, Users can contact Message Broadcast using the contact details provided in this document.
Mode and Place of Processing the Data
We employ appropriate security measures to protect User personal information from unauthorized access, disclosure, modification, or destruction. The data processing is carried out using computers and/or IT-enabled tools in compliance with organizational procedures and for purposes related to the services we provide. User data may be accessible to certain authorized personnel or external parties involved in the operation of the website and its services, such as administrators, sales, marketing, legal, system administration, and third-party service providers.
Methods of Processing
Message Broadcast takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. Data processing is carried out using computers/servers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Data Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Website (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Owner. An updated list of these parties may be requested from the Owner at any time.
Legal Basis of Processing
The Data Owner may process certain Data including personal information relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes. Note: Under some legislations the Owner may be allowed to process certain Data including personal information until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of the Data is subject to European data protection law;
- Provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- Processing is necessary for compliance with a legal obligation to which the Owner is subject;
- Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
- Processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
In any case, the Data Owner will help to clarify the specific legal basis that applies to the processing, and whether the provision of the Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Data is processed at the Owner’s operating offices and in any other places where the parties involved in the processing are located. Depending on the User’s location, data transfers may involve transferring the User’s Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Users are also entitled to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Owner to safeguard their Data.
If any such transfer takes place, Users can find out more by checking the relevant sections of this document or inquire with the Owner using the information provided in the contact section.
Data shall be processed and stored for as long as required for the purpose they have been collected for. Therefore:
Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. User may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
The Owner may be allowed to retain Data for a longer period whenever the User has given consent to such processing if such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
The Purposes of Processing
Data concerning Users is collected to allow the Owner to provide its Service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of its User or third parties), detect any malicious or fraudulent activity, as well as the following: analytics, displaying content from external platforms, tag management, managing contacts and sending messages, Remarketing and behavioral targeting, contacting the User and User database management.
User Right to Object to Processing
Users have the right to object to the processing of User personal data under certain circumstances. If User personal data is processed for public interest, the exercise of official authority, or the legitimate interests pursued by the data controller, Users may object by providing valid ground related to the User situation. However, if User personal data is processed for direct marketing purposes, Users have the right to object to such processing without any justification. To exercise the User right to object, please contact Message Broadcast using the contact details provided in this document.
How to Exercise User Rights
If a User wishes to exercise their rights regarding User personal data, including withdrawing User consent, objecting to processing, accessing User data, requesting rectification or deletion of User data, or requesting data portability, Users can contact the Owner using the contact details provided in this document. We will address User requests as early as possible and within one month of receiving a User request. Please note that certain rights may be subject to legal limitations or exceptions. We may need to verify User identity before processing a User request.
The Right to Know and Portability
Users have the right to request that we disclose to User:
- The categories and sources of the personal information that we collect about a User, the purposes for which we use User information and with whom such information is shared.
- In the case of sale of personal information or disclosure for a business purpose, two separate lists where we disclose are as follows: For sales, personal information categories purchased by each category of recipient; and
For disclosures for a business purpose, the personal information categories obtained by each category of recipient.
The disclosure described above will be limited to the personal information collected or used over the past 12 months. If we deliver our response electronically, the information enclosed will be “portable,” i.e., delivered in an easily usable format to enable Users to transmit the information to another entity without hindrance – if this is technically feasible.
The Right to Request the Deletion of User Personal information
Users have the right to request that we delete any User personal information, subject to exceptions set forth by the law (such as, including but not limited to, where the information is used to identify and repair errors on this Website, to detect security incidents and protect against fraudulent or illegal activities, to exercise certain rights etc.).
If no legal exception applies, because of exercising User rights, we will delete User personal information and direct any of our service providers to do so.
How to Exercise User Rights
To exercise the rights described above, Users need to submit a User verifiable request (described below) to Message Broadcast by contacting us via the details provided in this document.
For Message Broadcast to respond to a User request, it is necessary that we know who Users are. Therefore, Users can only exercise the above rights by making a verifiable request which must:
- Provide sufficient information that allows us to verify individuals about whom we collected personal information or an authorized representative.
- Describe a User request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We will not respond to any request if we cannot verify a User’s identity and confirm the personal information that relates to User. If Users cannot personally submit a verifiable request, Users can authorize a person registered with the California Secretary of State to act on a User’s behalf. If User’s are adults, Users can make a verifiable request on behalf of a minor under User parental authority. Users can submit a maximum of 2 requests over 12 months.
How and When We Handle User Request
We will confirm receipt of the User verifiable request within 10 days and provide information about how we will process the User request.
We will respond to User requests within 45 days of its receipt. Should we need more time, we will explain to Users the reasons why, and how much more time we need. In this regard, please note that we may take up to 90 days to fulfill User requests.
Our disclosure(s) will cover the preceding 12-month period. Should we deny a User request, we will explain to said User the reasons behind our denial.
We do not charge a fee to process or respond to User verifiable request unless such request is manifestly unfounded or excessive. In such cases, we may charge a reasonable fee, or refuse to act on the request. In either case, we will communicate our choices and explain the reasons behind it.
Additional Information and Contact
Legal Action and Disclosure of Personal Data
We may use User personal data for legal purposes, including in court proceedings or against improper use of our website or services. We may also disclose User personal data if required by law or in response to a request from public authorities.
Information Not Contained in this Policy
“Do Not Track” Requests
Our website does not currently support “Do Not Track” requests. To determine if any of the third-party services we use honor “Do Not Track” requests, please refer to their respective privacy policies.
Additional Information for California Consumers
Sale within the context of the CCPA is defined as: ‘selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration.
Users have the right to opt out of the sale of User personal information. If Users wish to exercise this right or require further information, please contact us using the contact details provided in this policy.
While the CCPA does not currently explicitly define “valuable consideration”, under Californian contract law it is defined as “any benefit conferred, or agreed to be conferred, upon the promisor, by any other person, to which the promisor is not lawfully entitled, or any prejudice suffered, or agreed to be suffered, by such person, other than such as he is at the time of consent lawfully bound to suffer, as an inducement to the promisor, is a good consideration for a promise.” (Cal. Civ. Code § 1605).
Within this context, a “valuable consideration” can be broadly interpreted as meaning all agreements where personal information is exchanged – and the transferring entity receives any benefit to which it would not be legally entitled to without the agreement.
Definitions and Legal References
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Information collected automatically through the Message Broadcast Website, or third-party IT services, which can include: User mobile information, the IP addresses or domain names of the computers utilized by the User who use the Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
The individual using this Website who, unless otherwise specified, coincides with the Data Subject.
The natural person to whom the Personal Data refers.
Data Processor (or Data Supervisor)
Data Controller (or Owner)
The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the Owner of this Website.
The means by which the Personal Data of the User is collected and processed.
The service provided by this Website is described in the relative terms (if available) and on this site/application.
Small sets of data stored in the User’s device.
Last modified: June 26, 2023