This Privacy Statement sets out details on how M2P Solutions Limited and its affiliates (“M2P”) collect, use, share and store your data.
The protection of individuals via the lawful, legitimate and responsible processing and use of their personal data is fundamental human right. Individuals may have a varying degree of understanding or concern for the protection of their personal data. M2P respect the right of the individuals to have control over their personal data and ensure it always acts in full compliance with legislative and regulatory requirements.
Purpose of this Statement
This Statement set out how M2P collect, use, share and store your data. It outlines M2P’s responsibilities under the applicable laws and regulation, setting out how it will comply and provide instruction for handling personal data.
Type of Personal Data
M2P will be processing and storing the following type of data: –
- Personal information like name, contact number, email etc
- Corporate information like the name of the company
- Any other information that you provide us
Reasons for Collecting Personal Data
M2P collects personal data for to fulfill any requirement/requests
Methods of Collecting Personal Data
M2P collects personal data through the request form in the website.
Reasons/Legal basis for Processing Personal Data
Compliance with Legal Obligations
M2P may process your personal data, when it is necessary for the compliance with a legal obligation, e.g. to comply with court order or judicial proceedings.
M2P may process your personal data when there is a weighed and balanced legitimate interest where the processing is needed, and such interest is not overridden by the rights of others, including yours. e.g., to provide the service required, internal documentation, contact customers in relation to the transaction or for customer care initiatives.
In certain scenarios, M2P will process personal data from you only after you have provided your consent for that specific purpose. For example, before sending direct marketing materials to customers and/or potential customers.
M2P will process your personal data to comply with its contractual obligations. For example: M2P will transfer your personal data to third parties in order to provide the service required by you and in alignment with the terms and conditions of such service.
Personal Data Sharing
In alignment with the purposes established in this privacy statement, M2P may disclose personal data from you to:
Data Sub-Processors: M2P will share personal data with third-party service providers, acting on behalf of M2P (hereinafter Data Sub-Processors) including affiliates of M2P acting as Data Sub-Processors to perform services on M2P behalf, for example: information technology, data hosting, marketing, customer care, fraud prevention, etc. M2P takes reasonable measures to ensure that personal data that is processed by sub- Processors is protected and not used or disclosed for purposes other than as directed by M2P.
Party Data Controllers and Joint Controllers: M2P will share personal data with third parties acting independently from M2P but only in connection to the services required by you, for example: any intermediary banks or other financial institutions involved in the transaction of M2P services.
Successors: If M2P is purchased by/sold to a third party, in which case personal data held by M2P including you as our customer will be transferred. We will notify you of this through the most appropriate means.
Relevant Authorities: M2P may disclose your personal data as necessary to meet legal and regulatory requirements. This may include lawful requirements to disclose personal data to government and regulatory authorities, for example, disclosures in compliance with suspicious activity reporting requirements under anti-terrorism, anti-money laundering and similar laws and regulations.
Method of securing Personal Data
M2P shall ensure that appropriate technical and organisational measures are adopted to protect personal data against unauthorised or unlawful Processing and against accidental loss or destruction of, or damage to, such personal data. In the event of an unauthorised intrusion (including any loss of devices containing personal data or unauthorised disclosures) whether physical, electronic or otherwise, to any personal data held by a data processor, the data processor shall inform the data controller of the incident as soon as reasonably practicable.M2P shall also inform the appropriate regulator or the data protection authority of the incident as soon as reasonably practicable
Tenure of Personal Data Retention
M2P retains personal data while you have a contractual relationship directly or indirectly with us. Thereafter, M2P will keep the personal data for so long as is necessary to comply with the record retention applicable laws.
Transfer of Personal Data
M2P shares personal data to regulatory and government organizations, partners and clients. All these transfers are made to fulfill the obligations of its contracts and to comply with laws and regulations. Further, if M2P shares personal data to a third party, for storing, M2P ensures that such third parties have sufficient safeguards for data protection as well as it is bound well through required contractual obligations. Further, M2P does not allow such third parties to use the personal data for their own purposes.
Cross border Data Transfers
In providing services to its customers, M2P may transfer the personal data collected to destinations outside of the country where the personal data was originally collected, within the M2P group of companies, with third party processors, or with M2P partners. This is because the personal data is processed in those other locations. Where M2P do so, M2P ensure that security measures and appropriate safeguards are put in place to protect the personal data and ensure that all transfers comply with applicable data protection law. M2P also ensures that processing is only carried out in accordance with its instructions.
In all cases where M2P transfers personal data across borders, M2P rely on acceptable and defined legal mechanisms to ensure that M2P protects personal data at all times. M2P may use agreements and adequacy’ protections that have been defined by the applicable regulations.
Your Rights as Data Subjects
Your rights as data subjects whose personal data is processed by M2P are as follows:
- Right to be provided with a copy of the personal data that M2P possess and t the details of parties to whom the personal data is shared
- Right to update the personal data which is in the possession of M2P
- Right to erase the Personal Data which is in the possession of M2P
Contact Person for Data Subjects
For any details on personal data that M2P possess or processes, you may please write to email@example.com (India) and firstname.lastname@example.org (UAE).
Breach of Data Protection
Any breach of Personal Data should be notified in writing to email@example.com (India) and firstname.lastname@example.org (UAE). Further, M2P has the responsibility to bring it to the attention of the relevant authority as soon as the breach is identified.
Changes to this Statement
M2P reserves its right to update this Statement at any time. Therefore, you as data subjects should periodically review M2P website to make sure they are aware on the latest version.