PRIVACY POLICY

The Mogabr Group, LLC, along with its subsidiaries and affiliates (referred collectively as “Mogabr”, “The Group”, "The Company", or “we”), values the privacy and security of personal data. Our Data Protection and Privacy Policy (referred to as “this Policy”) outlines the measures and practices we have in place to safeguard personal data, in alignment with relevant data protection laws. This policy explains how we collect, use, and disclose personal data through your interactions with us, including visits to Mogabr’s websites and other digital platforms. It’s important to note that this Policy does not cover the personal data of The Group’s employees, contractors, or job applicants, which are subject to distinct data protection guidelines.

The Group chooses to extend the protections and commitments detailed in this Policy to all individuals whose data we process, irrespective of legal requirements in their specific jurisdictions. Data protection laws can vary significantly across different regions. While The Group endeavors to adhere to this Policy for all individuals, the data protection laws specific to an individual's jurisdiction will ultimately determine the level of protection afforded. Additionally, we recognize that certain rights may be applicable to you under these laws. Should such rights apply, we will provide separate notifications to inform you about these rights and guide you on how to exercise them effectively.

January 2024

GATHERING OF PERSONAL DATA

a. Website Data

Our group may gather your Personal Data through our websites. We use various tracking technologies such as cookies, tracking scripts, pixels, or tagging methods. These are implemented to track your activities on our sites, helping us to understand your preferences and enhance your browsing experience.

Typically, internet browsers are set to automatically accept cookies. However, you have the option to adjust your browser settings to prevent cookie storage on your device or to receive a notification each time a new cookie is sent. For more information on managing cookies, please visit About Cookies.

b. Tracking Tools

We employ analytical tools like Google Analytics to gather insights regarding your interactions with our websites.

This data is sent to and stored on Google's servers in the USA. It is utilized to assess website usage, create reports on site activities, and offer other services related to website and internet usage. Google may also share this information with third parties if legally obligated, or if these parties process the information on behalf of Google. For more details, you can refer to Google’s Privacy Policy.

APPLICATION OF PERSONAL DATA

The Group is committed to collecting only the Personal Data that is essential. We ensure that the use of Personal Data is permissible under applicable Data Protection Laws. The processing of Personal Data by The Group is conducted in a way that is sufficient, pertinent, and not excessive, considering the specific business objectives for which it is processed.

The extent of our processing of your Personal Data may vary depending on our interactions with you. The purposes for which we may process your Personal Data include, but are not limited to, the following:

  • To address your inquiries and fulfill your requests;

  • To grant you access to specific sections and features of our websites;

  • For maintaining accurate records;

  • When you consent to the processing of your Personal Data for designated purpose(s);

  • If processing is required for the fulfillment of a contract you are part of, or in preparation to enter into a contract at your request;

  • For adherence to legal obligations that The Group must comply with;

  • To safeguard the vital interests of you or another individual;

  • For processing that is essential for the legitimate business interests of The Group or a third party, provided these interests do not outweigh your rights and freedoms requiring the protection of Personal Data;

  • For security measures, such as defending against cyber threats, detecting and preventing fraud or other illegal activities, and meeting legal and regulatory compliance requirements; and

  • For other legitimate purposes stated at the time of collecting your Personal Data or as otherwise agreed upon with your consent.

The Group refrains from employing automated decision-making processes that significantly affect you when handling Personal Data.

DISCLOSURE OF PERSONAL DATA

a. Third Parties

We employ analytical tools like Google Analytics to gather insights regarding your interactions with our websites.

This data is sent to and stored on Google's servers in the USA. It is utilized to assess website usage, create reports on site activities, and offer other services related to website and internet usage. Google may also share this information with third parties if legally obligated, or if these parties process the information on behalf of Google. For more details, you can refer to Google’s Privacy Policy.

b. Legal Purposes

The Group might disclose your Personal Data if such action is mandated or allowed under relevant laws. This includes situations where we need to (i) adhere to law enforcement or national security demands and legal proceedings, like responding to a court order or subpoena; (ii) safeguard the safety, rights, and property of The Group or others; (iii) enforce The Group's policies and agreements; (iv) recover debts owed to The Group; or (v) when revealing information is crucial to prevent financial loss or relates to the investigation or prosecution of potential or confirmed unlawful activities.

c. Cross-Border Data Transfers

As a global entity, The Group may move Personal Data to various affiliates, and service providers located in regions like the United States, United Kingdom, European Union, Singapore, Hong Kong, or other areas. It's important to note that not all these regions offer the same degree of data protection as your home country might. Nonetheless, The Group commits to not transferring Personal Data to countries or territories outside of the region where it was initially processed, except when doing so aligns with the stipulations set out in Data Protection Laws. We facilitate the transfer or access to Personal Data across different jurisdictions and entities in line with our Data Protection Agreements and Intercompany Agreements, all of which comply with Data Protection Laws. Specifically, for transfers from the European Economic Area or the United Kingdom, The Group has implemented measures to ensure an adequate level of protection for Personal Data, conforming to the requirements of Data Protection Laws.

DATA SUBJECTS PRIVACY RIGHTS

Depending on the data protection and privacy laws relevant to your location, you may have various rights as a Data Subject, as detailed below. Under certain conditions and in compliance with Data Protection Laws, a Data Subject has the right to:

01. Access Personal Data: Request access to your Personal Data held by The Group to verify its accurate and lawful processing. In some regions, you may ask for:

  • A portable copy of specific pieces of your Personal Data.

  • A list of categories of Personal Data (including Sensitive Personal Data) processed about you.

  • A list of sources from which your Personal Data was processed.

  • Details of Personal Data categories processed or disclosed by The Group.

  • A list of third parties to whom the Personal Data was disclosed.

  • The business purpose for processing your Personal Data.

  • Information about any automated decision-making processes used (if applicable), including the logic involved and potential outcomes for you.

02. Correct Personal Data: Request correction of your Personal Data held by The Group, allowing for the amendment of incomplete or inaccurate data. The Group may need to verify the accuracy of the new data provided.

03. Erase Personal Data: Request the deletion of your Personal Data when there's no legitimate reason for its continued processing. The Group may not always be able to fulfill erasure requests for certain legal or other legitimate reasons, which will be communicated if applicable.

04. Object to Processing: Object to the processing of your Personal Data where The Group is relying on a legitimate interest (or those of a third party), especially if it affects your fundamental rights and freedoms.

05. Restrict Processing: Ask The Group to suspend the processing of your Personal Data under certain circumstances, such as:

  • Verifying the accuracy of the Personal Data.

  • Cases where data use is unlawful but erasure is not requested.

  • Situations where you need The Group to retain the data for legal claims, even if it's no longer required.

  • Pending verification of The Group's legitimate grounds for processing against your objection.

06. Transfer Personal Data: Request the transfer of your Personal Data either to yourself or a third party in a structured, commonly used, machine-readable format. This applies to automated information.

07. Withdraw Consent: Withdraw your consent at any time where The Group relies on consent to process your Personal Data. This won't affect the lawfulness of processing conducted prior to withdrawal.

08. Sale/Behavioral Advertising Opt-Out: Note that we currently do not "sell" or "share" Personal Data as defined under applicable Data Protection Laws.

09. Opt-Out of Automated Decision-Making: You may request to opt-out of profiling or automated decision-making that leads to legal or similarly significant effects concerning you (if applicable).

10. Data Breach Notification: Be notified in the event of a data breach involving your Personal Data.

To submit a request, kindly email info@mogabr.group. The Group is committed to acknowledging and, where relevant, responding to requests made through proper channels by eligible Data Subjects seeking to exercise their rights and freedoms under Data Protection Laws.

We will employ reasonable methods to verify the identity of individuals making requests, depending on the nature and sensitivity of those requests.

You are also entitled to appoint an agent to make requests on your behalf using the procedures outlined here. In such cases, the agent is required to clearly identify themselves as your authorized representative.

Should a Data Subject exercise any of the aforementioned privacy rights, The Group assures fair and non-discriminatory treatment.

Typically, there is no fee for accessing your Personal Data or exercising your rights as mentioned above. However, The Group reserves the right to charge a reasonable fee for requests that are evidently baseless or excessive. We aim to respond to all valid requests within thirty (30) days, although more complex inquiries may require additional time. In some cases, we might also choose not to fulfill a request if certain conditions apply.

The Group hopes to satisfactorily address any concerns you may have regarding the processing of your Personal Data. Nevertheless, if there are unresolved issues, you retain the right to lodge a complaint with the data protection authority in your jurisdiction.

EXTRA PRIVACY INFORMATION FOR CALIFORNIA RESIDENTS

Under the California Data Protection Law, residents of California should be aware of the following aspects:

The Group may gather and utilize various categories of Personal Data for the business activities outlined in this Policy. These categories include Identifiers; Personal Information as listed in the California Records Statute; Characteristics of Protected Classifications under California or Federal Law; Commercial Information; Internet or Other Network Activity Information; and Sensitive Personal Information. The sources from which The Group may collect this Personal Data include, but are not limited to, directly from individuals, through automatic means from devices, from The Group's affiliates, and service providers.

The Group may share these categories of Personal Data with certain third parties, which include The Group's affiliates, service providers, and agencies or law enforcement bodies for legal compliance, as elaborated previously in this document.

The Group asserts that it does not engage in the "sale" or "sharing" of your Personal Data. We neither sell nor share the Personal Data of individuals under 16 years of age.

Furthermore, The Group does not use or disclose Sensitive Personal Data for purposes other than those expressly permitted by the applicable California Data Protection Law.

STEPS IMPLEMENTED TO SAFEGUARD PERSONAL DATA

The Group has integrated suitable privacy-by-design elements along with technical and physical measures aimed at securing Personal Data against unauthorized or illegal processing.

In determining the necessary security level and in evaluating the potential risks that vary in likelihood and severity for the rights and freedoms of Data Subjects, The Group conducts a thorough risk assessment associated with the processing of Personal Data. Potential risks include, but are not limited to, accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure, or access to Personal Data handled by or on behalf of The Group, as well as other factors that could affect the rights and freedoms of Data Subjects. The Group commits to making reasonable efforts to mitigate any such risks through technological and organizational controls, such as restricted data access through access controls and password protections. Nevertheless, it's important to recognize that no system can assure 100% security for data transmitted or stored online at all times.

PERSONAL DATA RETENTION PRACTICES

Should there be a need for The Group to process your Personal Data for reasons not previously mentioned, we will inform you as mandated by law and provide an explanation of the legal grounds for this additional processing. The Group maintains your Personal Data (including Sensitive Personal Information) only for the duration deemed reasonably necessary for the purposes for which it was collected, or as required by law. We ensure not to retain or process your Personal Data beyond the legally allowed time frame. The factors that guide our decision on the suitable retention period include:

  • The regulatory obligations we must adhere to, encompassing tax, employment, accounting, and securities laws and regulations;

  • The possibility of a legal claim against us, where the information might be pertinent;

  • The importance of the information for delivering our services, and the feasibility of using alternative information; and

  • The variety and sensitivity of the personal information being processed.

EXTERNAL WEBSITES AND SOCIAL MEDIA INTEGRATION

Our websites may feature content and provide links to websites belonging to third parties, which are not under The Group's ownership, operation, or control. The Group does not accept responsibility for the privacy practices or the content found on these external websites. When you interact with content from The Group on or through third-party social networking sites, plugins, or applications, The Group may process Personal Data related to your social media account.

POLICY REVIEW AND AMENDMENTS

The Group periodically reassesses and, if necessary, revises this Policy to ensure it aligns with any changes in our privacy practices or security protocols. In cases where the review identifies shortcomings, The Group will promptly address and rectify these issues. We encourage you to regularly review this Policy to stay informed about The Group's current privacy practices. Your continued use of our websites following any updates signifies your acknowledgment and comprehension of the Policy.

CONTACT

Please contact The Group by email at privacy@mogabr.com should you have any questions or comments about this Policy or your Personal Data.