PRIVACY POLICY
‍Mavi.IO, Inc. (“Mavi.IO”, “We” or “Us”) is committed to taking reasonable steps to protect the privacy of information in its care. This Privacy Policy applies to data provided to Mavi.IO by its business Customers and other individuals who provide us with information. Customer data received by Mavi.IO includes information about individual purchases made from Customers’ online stores.

OVERVIEW AND DEFINITIONS
Mavi.IO’s analysis of data helps Customers optimize their business performance across their ecommerce channels. Mavi.IO offers a variety of data points, analytics, and actionable insights, providing Customers with a better understanding of their performance, competition, risks, and potential in growing their business. Mavi.IO also provides inventory solutions. For pricing, Mavi.IO continuously monitors the competitive landscape around Customers’ products and provides information on optimal pricing and aggressiveness based on numerous considerations given the product, competitors, and business goals. For inventory, Mavi.IO provides insights and recommendations related to replenishment of the Customer’s inventory.

COLLECTION AND USE OF PERSONAL INFORMATION

INFORMATION PROVIDED TO US
We may collect and store Personal Information that is voluntarily provided to us by a Customer or other individual. When information is provided to us by a Customer, the Customer affirms that it has the right to provide the information to us. Information we collect and store may include Customer name, email address, phone number, and other information about the Customer’s business. Additionally, Customers typically provide End-Client information including name, email address, and shipping address, as well as the quantity and price of specific goods that the End-Client purchased from the Customer’s ecommerce store(s). We use this information to help Customers optimize their business performance and for other business purposes. We encrypt and/or hash all Customer and End-Client passwords. Mavi.IO relies on legal bases listed in EU GDPR for processing of all personal data.

CORRESPONDENCE
We do contact organizations or executives as part of our sales and marketing campaigns. We do so, as we believe we have a legitimate interest to promote our products and services, and it also benefits our prospects. We do not do any mass mailing and carefully reach out to selected professionals with a personalized approach. The emails we send you as part of our marketing campaigns allow us to know if you have received or opened the email or clicked a link within the email. If you do not want us to collect this information from marketing emails, you can opt out of receiving such emails by clicking on the unsubscribe button.

INFORMATION FROM OTHER SOURCES
We may combine information that a Customer or other individual provides to us with other information about an individual from other sources, such as vendors, service providers, business partners, healthcare providers, and other third partners, transactions, and communications. We also may combine that information with data that is publicly available and data from third parties. This information may be used to provide an individual or Customer with information that may be of interest to the individual or Customer. If an individual or Customer does not wish to receive these notifications, we ask that the individual or Customer please send us an e-mail or write to us at the address listed below. We also may receive information about individuals or Customers from third-party social platforms, such as Facebook, Instagram, Twitter, or other platforms. When our Website is accessed or used through such a third-party social platform, such use allows the third-party social platform to collect information about the access to our Website, and allows us to access or collect information made available by the third-party website in accordance with its privacy policy. This information may be available from the individual or Customer’s third-party social platform profile or account, or from cookies or other tracking tools placed on the individual or Customer’s device by the third-party platform.

INFORMATION ABOUT OTHERS

We may collect Personal Information about other people that an individual or any Customer provides to us, such as name and email address. DO NOT TRACK Some browsers have a “Do Not Track” feature that lets an individual tell websites that the individual does not want to have their online activities tracked. These features are not yet uniform, and we currently are not able to respond to those signals.

HOW DO WE USE THE INFORMATION COLLECTED?
We do store Information and data files on our servers and the servers of companies we hire to provide services to us. We do not share, sell, or lease any kind of information collected to any third parties for their marketing uses. We use this information to:

• To fulfill our contractual commitment and to enhance the performance of our contract with our controller.
• Provide our controller with the services, support, or information requested and monitor the effectiveness of our contractually agreed services.
• Improve our website’s user experience and communicate better to engage users.
• Enhance the effectiveness of our marketing campaigns. To send marketing emails or messages related to our products and services.
• Monitor aggregate metrics to conduct our market research and understand our customers better.
• To process open job applications for an open position.
• Analyze, diagnose, and fix issues in our service offerings.

We may transfer information to our agents, third parties, or service providers to conduct our business. For example, third parties and service providers working with us may handle credit card processing, shipping, customer service, data management, e-mail distribution, market research, information analysis, promotions management, social media marketing, and similar services. We may use cloud service providers to host websites and store data, and these service providers inform us that they apply security measures they consider adequate for the protection of the information within their system. All such transfers are protected by standard contractual clauses and data protection addendums. We share information with Customers concerning their End-Clients. We may transfer your information in order to comply with the law, regulation, valid legal process (e.g., search warrant, subpoena, or court order), or governmental or regulatory request; to address disputes or claims; to protect the security or integrity of Mavi.IO’s Website and services; to enforce an agreement; or to protect our rights, property, or safety, or the rights, property, or safety of our employees or others.

If we merge with or are acquired by another company, and if all of our assets are acquired by another company, this information will most likely be one of the assets to be transferred. However, we will not transfer any personal information of our customers until absolutely necessary to provide you with a continuity of service and only when the new owner maintains and provides the same level of data privacy standards as we do. In such cases, we will provide you with notice and an opportunity to opt-out of the transfer of identifiable data.

SECURITY MEASURES
We understand that the security of your information is vital and have in place strong administrative, technical, and physical security controls and measures to keep data safe and secure. Our privacy practices are designed to provide protection for your personal information, all over the world.To protect information stored in our servers, through secure server infrastructure at various locations in the US, access is limited (through user/password credentials and two-factor authentication) to those employees who require it to perform their job functions. We use industry-standard Secure Socket Layer (SSL) encryption technology to safeguard the account registration process and sign-up information. Other security safeguards include but are not limited to multifactor authentication, data encryption, firewalls, and physical access controls to building and files.We would like to caution our visitors about phishing attacks, wherein unscrupulous third parties seek to extract sensitive and confidential information from you by posing as a genuine website or by sending an email misrepresenting it to be from a genuine source. Please be aware that we never seek sensitive or confidential information such as regarding your financial or health record through emails or through our websites. If you receive such a message claiming to be from Mavi.IO, then please do not reply to it and immediately bring it to our attention by contacting the DPO

VISITING OUR WEBSITE FROM OUTSIDE THE UNITED STATES
For Website visitors outside of the United States, please be aware that information about your visit may be transferred to, stored, and processed in the U.S., where our servers are located and our central database is operated. Please be aware that the data protection and other laws of the U.S. might not be as comprehensive as those in your country. By visiting our Website, you agree that your information may be transferred to our facilities and those third parties with whom we share it, as described in this Privacy Policy.

INAPPLICABILITY OF PRIVACY POLICIES OF ANY LINKED WEBSITES OR OTHER THIRD PARTIES
This Privacy Policy only addresses our use and disclosure of information. It does not address, and we are not responsible for, the privacy or security practices of any third parties, including our third-party service providers (including cloud service providers) and any other third party operating any software application or website to which our Website contains a link. The inclusion of a link on the Website does not imply endorsement of the linked software application or website by us. We encourage visitors to carefully read the Privacy Policies of other websites you visit.

CAN THIS INFORMATION BE REVIEWED?
In some cases, and at our discretion, this information may be accessed by respective organizations to correct any mistake in that information, and to delete any information we no longer have business reasons for retaining. You can do this by sending us an email. Mavi.IO strives to comply with all applicable laws around the globe that are designed to protect your privacy and information, no matter where that information is collected, transferred, or retained. Although legal requirements may vary from country to country, we intend to adhere to the principles set forth in this Privacy Policy even if information is transferred from your country to other countries that may not require an adequate level of protection for your information.

RIGHTS OVER YOUR PERSONAL DATA
Under certain circumstances, by law you have the right to:
• Be informed about the processing of your personal data (i.e., for what purposes, what types, to what recipients it is disclosed, storage periods, any third-party sources from which it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance, and envisaged consequences).
• Object to your personal data being processed for a particular purpose or to request that we stop using your information.
• Request not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data.
• Ask us to transfer a copy of your personal data to you or to another service provider or third party where technically feasible and otherwise required by applicable regulations.
• Withdraw, at any time, any consent that you have previously given to us for our use of your personal data.
• Ask us to stop or start sending you marketing messages at any time.
• Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your working relationship with us.
• Request the erasure of your personal data. This enables you to ask us to delete or remove personal data where you think that we do not have the right to process it.
• Any request for access to or a copy of your personal data must be in writing and we will endeavor to respond within a reasonable period and in any event within one month in compliance with Data Protection Legislation. We will provide this information free of charge unless the request is manifestly unfounded or excessive. We will comply with our legal obligations as regards any individual’s rights as a data subject.

If you would like to contact us in relation to any of the rights set out above, please contact us by email info@mavi.io. To protect your privacy and security, we may take reasonable steps to verify your identity before providing you with the details.

RIGHT TO COMPLAIN TO THE SUPERVISORY AUTHORITY
You can contact your regional data protection authority if you have any concerns about how Mavi.IO has handled your personal data and you also have the right to make a complaint at any time to the Supervisory Authority for data protection issues. You can contact the ICO via their helpline on 0303 123 1113. You can find out more information about your rights as a data subject, their regulatory powers, and actions they can take on their website https://ico.org.uk/

NOTIFICATION OF CHANGES
If we decide to change our privacy policy, we will post those changes on this page so our users are always aware of the information we collect and how we use it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected. Where links are provided to other websites, it should be noted that they are not and cannot be governed by our Privacy Statement. We cannot guarantee your privacy when you access other websites through any link provided on this website. Contact Information “Mavi.IO” welcomes your comments regarding this Statement of Privacy. If you believe that Mavi.IO has not adhered to this Statement, please contact Mavi.IO at info@mavi.io. We will use commercially reasonable efforts to promptly determine and remedy the problem. If you have any questions, you can drop an email at info@mavi.io.