Privacy policy

1. Introduction

Machintel Corporation (referred to as “our”, “us” and “we” in this notice) is a global marketing company. We help our clients to improve how they advertise and market, through digital channels. We believe that the responsible use of data supports business growth and builds strong relationships between brand and consumer.

Keeping your information secure is one of our most important responsibilities. We maintain physical, electronic and procedural safeguards that comply with all data protection laws and regulations applicable to processing personal information, including but not limited to the laws and regulations of the European Union, Switzerland, the United Kingdom, and the United States of America.

We limit access to personal information to third parties and employees with a business reason to know this information. We maintain strict internal policies against unauthorized disclosure or use of your personal information.

This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. Machintel is the data controller of any personal data you provide to us, including in relation to this website.

2. Information we may collect

The type of information we collect will depend on the circumstances and the service you are using. Generally speaking, we collect information relating to you and/or your use of our services in the following ways:

  • Information relating to your use of the website

    We collect information about how you use our website. This includes information relating to the pages you visit on our website, the services or information your search for and the links and content you choose to access. We may also use the personal information you provide through your use of our website to provide you with relevant content and to inform our marketing strategy. This type of activity is known as “profiling” – using automated means to process your personal data to analyse or predict your personal preferences, interest, or behaviours. You can object to profiling.

  • Technical data

    We collect information about the device(s) you use to access our site. This includes collecting unique mobile device ID or the internet protocol (IP) address online identifiers, which are numbers that can uniquely identify a specific computer or other network device on the internet. This information is linked to a cookie ID, which we receive and process. You may find more information on the cookies we use and the purposes for which we use them on our separate cookie policy .

  • Contact data

    We collect contact details when you sign-up to receive email alerts, attend one of our events, download our content, subscribe to our newsletters or where ask us to respond to a query you have. The personal data we collect includes your name, email address, job title, and location.

  • Marketing and communications data

    We collect information about your preferences in receiving marketing information from us and your communication preferences.

  • Children

    We do not actively seek to collect information about children aged 16 or under. If you have any concerns about your child’s privacy in relation to our services, or if you believe that your child may have entered personal data onto our website, please contact us at privacy@machintel.com. We will delete such information from our records within a reasonable time

3. How we use this information

Except where required by law, we use the personal data you provide for the following purposes:

  • To deliver the specific information or services you have requested.
  • To enable the download of our content.
  • Send you newsletters and information relating to our brands and services.
  • Respond to your requests and feedback.
  • Analyse and/or improve our services.

Under data protection law we are required to advise you on the legal basis for processing your personal data. For the most part, processing your personal information is based either on a) our legitimate interests related to us providing you services you have requested or otherwise your customer relationship with us, or b) your consent, where requested.

4. How long we will keep your information

We will keep your personal data for as long as is necessary for the relevant service, in accordance with our legal obligations. After this time, your personal data will either be securely deleted or anonymised so that it can be used for analytical purposes. You may request further information via the contact details given in this Privacy Notice.

5. How we secure your information

We maintain appropriate organisational and technological safeguards to help protect against unauthorised use, access to or accidental loss, alteration or destruction of personal data. We also seek to ensure our service providers do the same.

6. Information Sharing and Disclosure

  • Information shared with our third-party service providers

    We use several third parties to perform business functions on our behalf, such as sending our newsletters and hosting our online services and customer relationship management. We will only disclose the information necessary to enable these third parties to perform their services. Our service providers are contracted to comply with our instructions, and we require that they do not use your personal data for their own business purpose.

  • Information shared with other parties

    Where required or permitted by law, personal data may be provided to others, such as regulator and law enforcement agencies, for example in response to a court order or a subpoena, or in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, prevent or act regarding illegal activities, and as otherwise required by law.

We do not sell or rent any personal data about you to any third party.

7. California Consumer Privacy Act (“CCPA”)

If you are a resident of California, the CCPA offers you important rights you can exercise.

In summary, those include the rights to:

  • California residents may request certain information regarding Machintel’s disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please write to privacy@machintel.com. Please include your name, mailing address, and email address if you want to receive a response by email. Otherwise, we will respond by postal mail within the time required by applicable law.
  • California residents may request that Machintel not sell their personal information by clicking the “Do Not Sell My Information” link at the bottom of the Machintel home page.
  • If you are a California resident below the age of 18 and are a registered user of any of Machintel’s Services, then you may request that we remove any content you created and publicly posted on our website ("User Content"). To request the removal of your User Content, please email privacy@machintel.com, with a detailed description of the specific User Content. Machintel reserves the right to request that you provide information that will enable us to confirm that the User Content you want to be removed was created and posted by you.
  • Machintel will make a good faith effort to delete or remove your User Content from public view as soon as reasonably practicable. Please note, however, that your request to delete your User Content does not ensure complete or comprehensive removal of your User Content. Your User Content may remain on backup media, cached or otherwise retained by Machintel for administrative or legal purposes, or your User Content may remain publicly available if you or someone else has forwarded or re-posted your User Content on another website or service before its deletion. Machintel may also be required by law to not remove (or allow removal) of your User Content.

8. Data protection acts

Different regions have their own geo-specific regulations that companies or individuals who enter into a business agreement in the region have to adhere to. Machintel has a wide range of security-sensitive data across different industry verticals in multiple geos. This makes us responsible for these data, and we take measures to get our services certified against making any unsolicited intrusions.

To adhere to the respective regulations of different geos that Machintel operates in, we comply with various regional regulations. We ensure all data is handled confidentially with no unauthenticated access to your data, fully meeting our customers’ needs and satisfying all local regulations and laws.

  • GDPR – General Data Protection Regulation
    • What and Why
      The General Data Protection Regulation (GDPR) regulates data protection law across all 28 EU countries and levies strict rules on monitoring and processing personally identifiable information (PII). GDPR applies to all organizations holding and processing EU resident’s personal data, regardless of geographic location.

      The massive digital disruption, especially the internet is the reason why GDPR came into existence. Users demanded more control when it came to their data storage and usage, eventually resulting in the adoption of strict measures to tackle data breach.

    • How Machintel Complies with GDPR
      As per the Article 7 of The General Data Protection Regulation (GDPR) Conditions for consent, Machintel follows all the requisites as required by its process. The checklist of consent mechanism which ensures that Machintel abides by the GDPR Laws:

      • Tick Box: - Opt-in is taken with pre-un-ticked box from Email and Publishing Sites which requires positive action from the user.
      • Specific: - Separate consent is taken for each type of process and there are no preconditions of signing up to receive a service. Purpose is specified in simple language.
      • Informative: - Consent is received only after the individual is made aware of the purpose, controller, Opt-out option, terms and policies.
      • Proof: - Timestamps are taken to ensure the process of taking consent is followed according to the regulations every time.
      • Data is used for marketing purposes and the tools used for processing are of ISO27001 standard.
      • A dedicated group of professionals, including our Data Protection Officer, data specialists, security personnel, and technology teams work to ensure privacy and data compliance is maintained in our data process.
      • An internal data governance framework to review how our opt-in data is being used and protected while in our custody and documentation of all data handling processes and incidents.
      • Data security policies and controls in place globally, which are continually tested and evolved to keep pace with new regulations and governance requirements.

  • CAN-SPAM
    • What and Why
      United States’s Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) is a law that establishes rules for commercial messages and commercial email, gives recipients the right to stop a business from emailing them, and outlines the penalties incurred for those who violate the law.

      CAN-SPAM doesn't just apply to bulk email. "It covers all commercial messages, which the law defines as 'any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service,' including email that promotes content on commercial websites. The law makes no exception for business-to-business email." It does, however, exempt transactional and relationship messages.

    • How Machintel Complies with CAN-SPAM
      Machintel is aware of United States’s Anti-Spam Law legislation’s requirements of obtaining express consent from the Canadian audience. To abide by this law, Machintel has implemented the following steps:

      • Publication Sites Opt-in: Machintel takes opt-in from the data subject through it 31 publication sites.
      • Email Opt-out: All the emails created to target Canadian residents have opt-out option. Data subject choosing to Opt-out is put in master suppression list.
      For complying with CAN-SPAM, Deck 7 has ensured that the entire process for Opt-in and Opt-out is clear to all employees.

  • CASL - Canada’s Anti-Spam Law
    • What and Why
      Canada’s Anti-Spam Law (CASL) is a new anti-spam law that applies to any "Commercial Electronic Message" (CEM) sent from or to Canadian computers and devices in Canada. Messages routed through Canadian computer systems are not subject to this law.

      A CEM is any message that:
      • Is in an electronic format, including emails, instant messages, text messages, and some social media communications;
      • Is sent to an electronic address, including email addresses, instant message accounts, phone accounts, and social media accounts; and
      • Contains a message encouraging recipients to take part in some type of commercial activity, including the promotion of products, services, people/personas, companies, or organizations.

    • How Machintel Complies with CASL
      We are committed to reducing the harmful effects of spam and related threats. Our goal is to help create a safer and more secure online marketplace.

      In partnership with Canada’s Competition Bureau and the Office of the Privacy Commissioner, we work together to enforce this legislation.

      We have the primary enforcement responsibility, including powers to investigate and take action against violators, and set administrative monetary penalties. We target those who send commercial electronic messages without the recipient’s consent or install programs on computers or networks without express consent. This includes malware, spyware and viruses in computer programs, in spam messages, or downloaded through infected Web links.

      We also work to promote compliance among organizations and individuals, ensuring that businesses have the information they need to compete in the global marketplace.

  • CCPA - California Consumer Privacy Act
    • What and Why
      The California Consumer Privacy Act (CCPA) is designed to give Californians more control over their own data, and is targeted at companies that collect and/or sell personal information. Passed in June 2018, the Act will go into effect on January 1, 2020. It defines personal information as name, alias, postal address; unique personal identifier, online identifier internet protocol address; email address, account name, social security number; driver’s license number or passport number.

      Right to access information, right to deletion and right to opt-out are among the major new data protections introduced by CCPA. CCPA compliance will help companies strengthen their commitments to honoring consumer choices as well demonstrating transparency and trust.

    • How Machintel Complies with CCPA
      As a B2B company, Machintel has made the following changes to comply with the CCPA:
      • Audit data-collection practices to identify the personal data collected and where it is stored.
      • Update privacy policies
      • Conduct an info security audit and ensure that personal data is either encrypted or redacted.
      • Thoroughly study CCPA to understand its specific requirements and new obligations.
      • Review (or define) policies, roles, and responsibilities for data management.
      • Consider whether and where explicit opt-in requests make sense for the organization
      • Decide whether to proactively communicate our position on CCPA to clients.

  • PECR - Privacy and Electronic Communications Regulation
    • What and Why
      PECR stands for Privacy and Electronic Communications Regulation, and forms part of the European Union ePrivacy Directive — the law that is currently being updated to become the much-dreaded ePrivacy Regulation which will focus more acutely on curbing cookie use for tracking purposes. PECR covers:

      • marketing calls, emails, texts and faxes;
      • cookies (and similar technologies);
      • keeping communications services secure; and
      • customer privacy as regards traffic and location data, itemized billing, line identification, and directory listings.

      If a business provides these kinds of services — in particular email marketing and use cookies — they need to comply with both PECR and GDPR. Once the ePrivacy Regulation finally arrives, it will replace PECR.

    • How Machintel Complies with PECR
      Machintel conducts an audit to look at whether we have effective policies and procedures in place, and whether we are following them. It includes recommendations on how we could improve. We believe that audits play a key role in helping organizations understand and meet their obligations.

      We select service providers for audit based on the level of risk. We then carry out both an off-site check of your security policies and procedures, and an on-site review of your procedures in practice.

  • ePR - ePrivacy Regulation
    • What and Why
      The ePrivacy Regulation (ePR) is a proposal for a Regulation on Privacy and Electronic Communications. The scope of the ePrivacy Regulation would apply to any business that provides any form of online communication service, uses online tracking technologies, or engages in electronic direct marketing. The ePR is an attempt to streamline and improve EU laws regarding privacy of communications through users' electronic devices. The ePR will change cookies and other tracking technologies, metadata from electronic communications, direct marketing, and unsolicited communications / calls.

      The European Commission’s intention in bringing forward the Regulation is to ‘reinforce trust and security in the digital single market’ by updating the legal framework on ePrivacy. This step is part of the European Commission’s project to modernize the EU’s data protection framework. It will also make the ePrivacy legislation consistent with the provisions of the General Data Protection Regulation (GDPR).

    • How Machintel Complies with ePR
      We have aligned our strategies to comply with the ePrivacy Regulation by taking the following steps:

      • Taking prior permission before sending any communication.
      • Looking for legitimate data partners who can offer B2B data that suits our business needs, and is demonstrably lawful.
      • Building out our inbound marketing capabilities by developing content assets, building social capabilities, and ensuring that we’re gathering consent for ongoing contact.
      • Considering our other outbound marketing options – direct mail, telemarketing, even marketing using non-personal data.
        • Telemarketing rules may stay the same, i.e. before embarking on any calls, we check our phone lists against the Telephone Preference Service (TPS) and Corporate Telephone Preference Service (CTPS) registers and do not contact any numbers which are registered on either.

  • CDR - The Consumer Data Right
    • What and Why
      The Consumer Data Right (CDR) is a scheme where businesses and individuals are able to access their data, or direct if their data is shared with other entities. The CDR will initially apply to entities in the banking sector, but will soon apply to businesses in the telecommunication and energy sectors with other sectors in line.

      The Consumer Data Right (CDR) is a significant scheme as it imposes additional privacy and data sharing obligations on regulated entities of the Australian economy.

    • How Machintel Complies with CDR
      Machintel ensures that the Consumer Data Right scheme is met through the following mechanisms:
      • Consumer data rules –The rules may relate to the disclosure, use, accuracy, storage, security and deletion of CDR data, accreditation of data recipients, reporting and record keeping, and any other matter incidental to the CDR system.
      • Data standards – a Data Standards Body will be established under the scheme tasked with creating data standards relating to how data should be shared.
      • Privacy safeguards – the CDR scheme introduces certain privacy safeguards which apply irrespective of whether data belongs to an individual or a business (unlike the Australian Privacy Principles which apply to 'personal information').

  • PIPEDA - Personal Information Protection and Electronic Documents Act
    • What and Why
      The Personal Information Protection and Electronic Documents Act (PIPEDA) is the federal privacy law for private-sector organizations. It sets out the ground rules for how businesses must handle personal information in the course of their commercial activity.

      All organizations have privacy policies, but it is only through PIPEDA that organizations ensure that these privacy policies work. Without PIPEDA, organizations will just have privacy policies to ensure they get the personal information they need for business.

    • How Machintel Complies with PIPEDA
      At Machintel, we take the following steps to comply with PIPEDA:
      • We do not collect personal information which would be covered by PIPEDA.
      • Have a privacy policy and are upfront about our collection and use of personal information.
      • Collect only business information about an individual.
      • Limit and monitor access to personal information and take appropriate action when an employee accesses information without authorization.
      • Protect personal information on laptops, USB keys and portable hard drives through technological safeguards such as encryption and password protection.
      • Customers should know who to speak to if they have questions about privacy.
      • A sample privacy brochure for our clients.

  • PoPI - Protection of Personal Information Act
    • What and Why
      South Africa’s data privacy issues are regulated under the Protection of Personal Information (PoPI) Act 2013, along with various sector-specific laws and the common law. The PoPI Act is based on eight principles which discuss:

      • Rules for collecting, using and processing data.
      • Ensuring the quality of the information.
      • Upholding standards of transparency and openness.
      • Efforts to safeguard against loss, damage or destruction of data.

      The aim of the PoPI Act is to protect consumers from harm by protecting their personal information. The Act aims to protect consumers from having their money and identity stolen as well as keep their private information private.

    • How Machintel Complies with PoPI
      Marketers who rely on direct marketing — especially through SMS and email channels are set to be impacted most by this Act. Until now, most of this marketing has been ‘opt-out’, where consumers receive promotional messaging and can choose to no longer receive these messages.

      However, once PoPI is in place, direct marketing will have to become ‘opt-in’, where consumers will have to actively agree to receive promotional messaging. Essentially, this means that unsolicited direct marketing via electronic channels will become opt-in only.

      Machintel has taken the following measures to comply with the PoPI Act:
      • Respect the consumer’s choice to opt-in OR out.
      • Request consent for a specific purpose.
      • Give consumers a clear way to express their choice by giving them the option to click a button or mark a checkbox.
      • Keep records of when and how consent was obtained and what it covers.

  • APP – Australian Privacy Policy
    • What and Why
      Australia’s Privacy Act 1988 is based on 13 APPs (Australian Privacy Principles) that cover transparency and anonymity; the collection, use and disclosure of data; maintaining the quality of data; and the data subject’s rights. The Act is the key privacy law that governs both the public and private sectors.

      The Australian Privacy Principles give individuals the right to know why their personal information is being collected, how their personal information will be used, and to whom their personal information will be disclosed and to have the ability to ask for access to, or correction of, their personal information.

    • How Machintel Complies with APP
      • We undergo several audits on a regular basis to verify the security, privacy and compliance controls of our operations.
      • Meet stringent privacy and security standards based on industry best practices.
      • Conduct a comprehensive audit into the sources of personal information, how this comes to the business and is then stored.
      • Update the privacy policy to reflect the results of the review.

  • LGPD - Lei Geral de Proteção de Dados
    • What and Why
      The Lei Geral de Proteção de Dados (LGPD) is a new Brazilian privacy law that came into effect on September 18, 2020. While enforcement powers by the Brazilian DPA are postponed to August 1st, 2021, the LGPD can still be enforced by other governmental authorities, such as public prosecutors and consumer protection agencies, who can apply sanctions based on the Civil Code and the Consumer Protection Code.

      Under the Brazilian General Data Protection Law (the “LGPD”), individuals located in Brazil have the right to access, rectify, port, erase, and confirm that we process their data. In certain circumstances, they also have the right to object to and restrict the processing of data.

    • How Machintel Complies with GDPR
      If an individual wants to access, rectify and alter any personal data at any time or desire to exercise another right vis-à-vis personal data, they can contact us at privacy@machintel.com

      In order to reaffirm our commitment to transparency in the collection, storage and treatment of personal data, the Machintel is willing and committed to comply with the obligations.

9. International and group company transfers

Machintel is a globally operating marketing company consisting of multiple companies. Therefore, we may from time to time disclose your personal data within our group of companies. Access will always be controlled on a need-to-know basis, and only provided where it is necessary to provide you with requested services or to allow us to perform any necessary or legitimate functions. Some of our group companies are located outside the European Union, but we always ensure the security of such disclosures and transfers in accordance with the applicable privacy and data protection laws.

We will only transfer your personal data outside the EU, where we are satisfied that adequate levels of protection are in place to protect the integrity and security of any information being processed and compliance with applicable privacy and data protection laws. These measures may include the use of standard contractual/data protection clauses adopted by the European Commission or appropriate data sharing mechanisms that may be in force from time to time. Where we transfer personal data between our group companies, we have covered these transfers by entering into standard contractual clauses adopted by the European Commission.

You may request further information on the measures used for such transfers via the contact details given in this Privacy Notice.

10. Your rights

Object to our processing of your personal data where we are relying on legitimate interest (or those of a third-party), and you want to object to processing on this ground, as you feel it impacts on your fundamental rights and freedoms. You also have a right to object where we are processing your personal data for the purposes of direct marketing or profiling. You can object at any time and we shall stop processing the information you have objected to, unless we can show compelling legitimate grounds to continue that processing.

Access your personal data. If you make this kind of request and we hold personal data about you. We are required to provide you with information on it, including a description and copy of the personal data and why we are processing it. We will require you to prove your identity before granting access to your personal data. We will process your request within the timeframe required under the relevant law.

Request the transfer of your personal data. We will provide to you or a third party you have chosen your personal data in a structured, commonly used, machine-readable format. Please note this right applies to the personal data you have provided to us; and if we use your personal data on the basis of consent or where we used the information to perform a contract with you.

Request erasure (deletion) of your personal data. You have a right to ask us to delete or remove your data where you have successfully exercised your right to object, or where we are required to erase your personal data to comply with local law. Please note, we may be required to retain certain information by law and/or for our own legitimate business purpose. But when we do so, we will inform you

Request correction or updating of your personal data. This enables you to have any incomplete or inaccurate data we hold about you corrected. Request the restriction of our processing of your personal data in some situations. If you request this, we can continue to store your personal data but are restricted from processing it while the restriction is in place.

Withdraw your consent. Where you have provided your consent to our processing of your personal data you can withdraw your consent at any time. If you do withdraw consent, that will not affect the lawfulness of what we have done with your personal data before you withdrew consent.

Make a Complaint. We will do our best to resolve any complaint. However, if you feel we have not resolved your complaint, you have a right to make a complaint to your local data protection authority.

If you exercise the rights above and there is any question about who you are, we may require you to provide information from which we can satisfy ourselves as to your identity.

11. Children's Privacy

Machintel does not knowingly collect or maintain any information via the website from persons under the age of sixteen (16), and no part of our website is directed to persons under the age of sixteen (16). If an underage person provides such information and Machintel has unknowingly collected said information, then Machintel will take the appropriate steps to delete this information immediately upon discovery. If you believe Machintel is processing said information, please contact privacy@machintel.com.

12. Transfer of Rights

Should Machintel be acquired, merged, or endeavour to become closed for business, Machintel reserves the right to transfer or assign the information collected during the due course of business. This information may be held as part of any such acquisition, merger, sale, or other change of control or business entity status.

13. Communications

On occasion, as deemed necessary by Machintel, we will send you various communications as part of the Service, such as, but not limited to, account activity alerts and updates. Said communications shall originate from Machintel and be conducted in compliance with this Privacy Policy. At any time, the user may opt-out of such communications as instructed in the email.

14. Changes and Updates

We reserve the right to amend this privacy policy as we deem necessary or appropriate due to legal or regulatory requirements or changes to our business practices. Please review this Privacy Policy from time to time for any changes that may have been made.


15. Contact Us

For more information, or if you have questions or concerns regarding Machintel’s Privacy Policy, you may email us at privacy@machintel.com or you can send correspondence to either of the following addresses:

Machintel Corporation
4275 Executive Square
La Jolla, CA 92037