Privacy Policy

Last update: July 18, 2023

This Privacy Policy is enacted by MacPaw Way Ltd., a company duly operated in Cyprus under company registration number 428214  (‘MacPaw’).

MacPaw runs this Website (https://moonlock.com) to showcase the cybersecurity technology it develops as well as share news, insights, and helpful instructions on cybersecurity. 

This policy (“Privacy Policy”) applies to you when: 

  • You are visiting the Website;
  • You are browsing the Website; or
  • You provided your personal details to us in another way for communication purposes (e.g. by subscribing to our newsletters, making a request of any type, etc.).

This Privacy Policy provides detail about how we process personal information and how we support your rights to your data. MacPaw Way Ltd. is the controller of the personal data that is being processed via this Website. Use of the Website is further governed by the Website’s Terms of Use.

Processing of data

How we process your personal information depends upon how you use and interact with the Website. Some information is provided directly by you, while other information is processed through automated technologies and our partners.

In principle, we process personal data only insofar as this is necessary to provide a functioning Website. The processing of personal data takes place regularly only with consent. An exception applies to cases in which prior consent cannot be obtained for reasons of fact and the processing of the data is permitted by law.

The processing of your data is either based on your consent, or in case the processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract, or based on legitimate interest, cf. GDPR art. 6(1)(a)-(b), (f).

If the processing is based on your consent, you may at any time withdraw your consent by contacting us.

In some cases, we may have a legal obligation to process your personal information or to process your personal information in order to exercise, establish or defend legal claims.

Types of data we may process

We process the following types of information from you

Types of personal dataPurposeOur legal basis for this use of data and aim of use of data
Contact details (email address);To send you email communications (such as newsletters);to contact you; to respond to the requests.Contractual necessity (To respond to inbound requests from you);Consent.
Technical details (IP address, browser type and version, operating system, location information); To improve our Website.Necessary for legitimate interests to improve the Website and make the use of the Website more user-friendly.
Website use details (pages visited, how long you stayed, websites from which you came to us, sites that you visit from our Website, time of visit of our Website).To improve our Website.Necessary for legitimate interests to improve the Website and make the Website more user-friendly.Consent (in case of analytical data to be processed – see our Cookie Policy).

Minors

Our activities are not aimed at children under 13 years. We do not knowingly collect information from children under the age of 13. If you have not reached the age limit, do not use the functionality of the Website and do not provide us with your personal information. If you are a parent of a child below the age limit and you learn that your child has provided  MacPaw with personal information, please contact us at  [email protected]  and insist on exercising your rights of access, correction, cancellation and / or opposition. If you are a resident of California and are under 18 years of age and wish to erase publicly available content, please contact us at  [email protected]

Website access

We process information when you provide it directly to us through the Website, or visit a Website.

Data collected from third parties

We may receive information about you from other sources, and combine this data with information we already have about you. This helps us to update, expand and analyze records, identify new users, and provide information about the articles that may be of interest to you. 

Cookies

We and our service providers also use cookies to store the website journey and preferences which enables us to process standard information your browser sends to certain websites you visit such as your IP address, browser type and language, and the site you came from as well as pages you visit and links you click on within the Website. Having technical information like this helps us to improve the Website. For additional information on the automated information processing technologies we use, please review the Cookie Policy.

How we use personal information

Any of the information we collect from you may be used for one or more of the following purposes of MacPaw: 

  • To improve our Website; 
  • To establish a primary channel of communication with you;
  • To find out from which page you have accessed the Website;
  • To provide the information on your request.

Requests on the Website

We use information processed from the Website to respond to visitors’ requests. We do not sell, rent, lease, trade or share Website visitors’ personal information other than as outlined in this Privacy Policy. When you provide us with your personal information or otherwise choose to sign up to receive email communications from us, we will use that information to send those communications to you. Individuals may “opt out” of receiving email communications through links available on emails received or by contacting us.

Data retention

Where we serve as the controller of the data, such as where we use personal information for MacPaw’s own independent purpose of the activity, we will retain your information for the necessary period of time that it serves the purpose for which it was originally processed or subsequently authorized and in accordance with applicable law. We delete, block or anonymize the personal data of the data subject as soon as the purpose of the storage is fulfilled.

Online presence in social networks

We maintain an online presence in social networks in order to communicate there with users of the Website and interested parties to showcase our cybersecurity technologies and share our knowledge.  

The users’ data is usually processed by the social networks concerned for market research and advertising purposes. In this way, usage profiles can be created based on the interests of the users. For this purpose, cookies and other identifiers are stored on the users’ computers. On the basis of these usage profiles, advertisements, for example, are then placed within social networks but also on third-party websites. 

As part of the operation of our online presences, it is possible that MacPaw can access information such as statistics on the use of our online presences, which are provided by social networks. These statistics are aggregated and may include, in particular, demographic information and data on the interaction with our online presence and the posts and content distributed via them. Please refer to the list below for details and links to the data of the social networks that MacPaw can access as operators of the online presence. 

The legal basis for data processing is a contractual (pre-contractual) necessity and your consent in order to stay in contact with and inform the users of the Website and interested parties. 

For the legal basis of the data processing carried out by the social networks on their own responsibility, please refer to the data protection information of the respective social network. The links below also provide you with further information on the respective data processing and the options to object. 

MacPaw would like to point out that data protection requests can be asserted most efficiently with the respective provider of the social network, as only these providers have access to the data and can take appropriate measures directly. Below is a list with information on the social networks on which we operate online presences: 

Facebook (USA and Canada: Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA; all other countries: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). 

Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). 

Google/ YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). 

Twitter (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland). 

LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; OR LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085, USA)

  • Privacy policy: https://www.linkedin.com/legal/privacy-policy

Reddit (Reddit, Inc., 548 Market St. #16093, San Francisco, California 94104; OR Reddit Ireland Limited, Attn: Reddit EU Data Inquiries, Georges Quay Plaza, Floor 2 – 101,Dublin D02 F856, Ireland )

RSS.COM (RSS America, LLC, 16192 Coastal Highway, Lewes, Delaware 19958, United States of America)

GitHub (GitHub Inc.,  88 Colin P Kelly Jr Street San Francisco, CA 94107 United States; or GitHub B.V., Prins Bernhardplein 200, Amsterdam, 1097JB, Netherlands).

  • Opt-Out: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#your-choices-regarding-our-processing-of-your-personal-data

Your inquiries regarding data processing

We acknowledge that you may have the right to access your personal information and work to manage your inquiries as applicable. Your rights are as follows:

  • You may request to access, correct, update or request deletion of your personal information based on information collected from accessing the Website. 
  • You may request additional information related to the purposes for which MacPaw processes your personal information, the categories of personal information we process, where we originally collected the information, who MacPaw shares it with, and how long MacPaw will retain it. 
  • You may object to the processing of your personal information, request that MacPaw restricts the processing of your personal information or request portability. 
  • You have the right to opt-out of email communications we send you at any time. You can do so by clicking the “unsubscribe” or “opt-out” link in the communicational emails we send you, including MacPaw’s newsletter. Where we have collected and processed your personal information with your consent, you can withdraw your consent at any time. However, withdrawing your consent will neither affect the lawfulness of any processing MacPaw conducted prior to your withdrawal nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent. 
  • Upon your request, and where it is technically feasible, we will provide you with a copy of your personal data or transmit it directly to another controller. You have the right to submit a complaint to a data protection authority about the collection and use of your personal information. To make a request please email MacPaw at [email protected] with “Personal Data Request” in the subject line, and provide us with full details in relation to your request, including your contact information and any other detail you feel is relevant. We will provide a response to an access request within 30 days of receiving such request with respect to the personal information we hold or if we cannot, we will notify you and provide you with the reason for the delay.

You may have other rights as may be provided by the applicable legislation.

Identity verification requirement

MacPaw is required by law to verify that any request submitted was made by someone with the legal right to access the data.  Therefore, prior to providing any information pursuant to a data subject access request, MacPaw may request that you provide MacPaw with additional information in order for MacPaw to verify your identity and legal authority.

In certain situations, MacPaw may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. MacPaw reserves the right to disclose your personal information as required by law and when MacPaw believes in good faith that disclosure is necessary to protect MacPaw’s rights and/or comply with a judicial proceeding, court order, or legal process served on to MacPaw. 

Reporting issues

You have a right to report grievances related to privacy with your local data privacy supervisory authority. 

In Cyprus the Commissioner for Personal Data Protection is responsible for monitoring the implementation of Regulation (EU) 2016/679 (GDPR) and other laws aiming at the protection of individuals with regards to the processing of their personal data. The Office of  Commissioner for Personal Data Protection can be contacted by email at [email protected].

In Ukraine this is the Ukrainian Parliament Commissioner for Human Rights and it can be reached at https://www.ombudsman.gov.ua which can also be contacted by email at [email protected]

If you have questions about this Privacy Policy or if you receive any unwanted, unsolicited e-mail sent by MacPaw or purporting to be sent via MacPaw, please contact us directly via  [email protected].

Data breaches

All breaches will be reported to the relevant supervisory authority within 72 hours after becoming aware of such breaches if such breach has a risk to the rights and freedoms of natural persons, and unless the data was anonymised or encrypted.

Breaches of this Privacy Policy by staff, contractors, officers of MacPaw will be dealt with under MacPaw’s grievance and disciplinary policy and may lead to a disciplinary sanction.

We will communicate the personal data breach to you when the data breach is likely to result in a high risk to the rights and freedoms of natural persons.

If MacPaw learns of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us or by posting a notice on the Website. Depending on where you live, you may have a legal right to receive such notices in writing.

Service providers with whom we share your personal data 

We share information with third parties that help us operate the Website, improve the Website, and advertise our Website. We share your personal information with the following types of service providers:

  • cloud storage providers (Amazon) – to store the information, which is necessary for the proper work of the Website;
  • data analytics providers (Facebook, Google) – to analyze and understand our audience, improve our functionality (including our user interface experiences and service performance); 
  • marketing partners (in particular, social media networks, marketing agencies, email delivery services, Facebook, Google) – to contact you; to respond to the requests; to send emails; to advertise our Website. Note that we contact you by email only upon you providing us with such an email and receiving your prior consent. 

Data storage and transfers

We use data centers that store our website and databases, IT service providers that maintain our systems, and consulting companies. Therefore, for the date of acceptance of these Terms by you, the information submitted to MacPaw can be transferred to, processed, and stored in Ukraine, United Kingdom of Great Britain and Northern Ireland, the United States of America and the countries of the European Union. Data stored and processed by MacPaw may sometimes be moved between these zones (in a secure manner). If you post or transfer any information to or through our Website, you are agreeing to such information, including Personal Data, being hosted and accessed in Ukraine, United Kingdom of Great Britain and Northern Ireland, the United States of America and the countries of the European Union.

MacPaw may use services of other providers that are partly located in third countries (outside the European Union or the European Economic Area). Where this is the case and there is no adequacy decision for these countries, MacPaw undertakes to take appropriate precautions to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses in force at the time of transfer of data, or binding internal data protection regulations. 

If a third country transfer is provided for and no adequacy decision or appropriate safeguards are in place, it is possible and there is a risk that authorities in the respective third country (e.g. intelligence services) may gain access to the transferred data in order to collect and analyze it, and that enforceability of your data subject rights cannot be guaranteed.

However, we will always take steps to ensure that any international transfer of personal data is carefully managed to protect your rights and interests. Data transfers to service providers and other third parties are protected by contractual obligations and, where appropriate, by other guarantees, such as standard contractual terms issued by the European Commission or certification schemes.

Changes to the Privacy Policy

We may need to update this Privacy Policy to keep pace with changes in our Website and activities, and laws applicable to us and you. We will, however, always maintain our commitment to respect your privacy. We will notify you of any material changes that impact your rights under this Privacy Policy by email (to your most recently provided email address) or post any other revisions to this Privacy Policy, along with their effective date, in an easy-to-find area of the Website, so we recommend that you periodically check back here to stay informed of any changes. Please note that your continued use of the Website after any change means that you agree with, and consent to be bound by, the new Privacy Policy. If you disagree with any changes in this Privacy Policy and do not wish your information to be subject to it, you will need to stop using the Website.