Privacy policy
This Privacy Policy (“Privacy Policy”) explains how certain information, including your personal data, is collected, used, and disclosed by Mudjik Games ("Mudjik," the "Company," "we," "our," or "us"), as well as the choices you can make regarding this information. This Privacy Policy forms an integral part of our Terms of Use (“Terms”). Capitalized terms not defined herein have the meanings assigned to them in our Terms.
This Privacy Policy governs the information we collect when you access or use Mudjik’s mobile, web, and desktop applications (collectively, the “Application”) and the free or paid services (“Services”) provided therein, or when you visit our website: https://mudjik.com/ (the “Website”). The Policy does not cover any offline activities.
If you are a resident of California and the California Consumer Privacy Act (“CCPA”) applies to you, please review our CCPA Privacy Notice. If you reside in Colorado, Connecticut, Virginia, or Utah, please refer to Section II of this Privacy Policy for additional information regarding privacy rights for residents of these U.S. states.
A. PRIVACY NOTICE:
Before we detail the methods and purposes of our data practices, we kindly ask you to review the following three sections. These sections explain how to contact us, how we will publish changes, and who is eligible to use our Application and Services:
1. CHANGES:
We reserve the right to modify this Privacy Policy at our sole discretion from time to time. The most current version of the Privacy Policy will always be posted on our website. The date of the updated Privacy Policy will be indicated under the "Last Modified" heading. If these changes are significant, we will notify you and, where required by applicable law, obtain your consent. Changes to the Privacy Policy will take effect 30 days after the revised Policy is made available. We recommend periodically reviewing the Policy to ensure you understand our most current privacy practices.
2. CONTACT INFORMATION:
Mudjik Games, Registration Number 494351-5, AŞIK VEYSEL MAH. TALATPAŞA CAD. KAMELYA EVLERI B3 BLOK NO: 6 E IÌ‡Ç KAPI NO: 20, ESENYURT/ISTANBUL - TURKEY ("Data Controller").
If you have any questions, concerns, or complaints regarding this Privacy Policy or wish to exercise your rights, please contact us as follows:
By Email: contact@mudjik.com
By Mail: AŞIK VEYSEL MAH. TALATPAŞA CAD. KAMELYA EVLERI B3 BLOK NO: 6 E IÌ‡Ç KAPI NO: 20, ESENYURT/ISTANBUL - TURKEY
Data Protection Officer ("DPO"):
The Data Controller has appointed a Data Protection Officer who can be reached at: contact@mudjik.com
3. INFORMATION WE COLLECT AND PURPOSE OF COLLECTION
This section explains the purposes for which we process your personal data, the legal basis for such processing, the definitions of “personal” and “non-personal” data, and how such data is technically processed.
Depending on your interaction with our Website, Application, and Services, certain information will be collected as described in detail below. We may collect this information through automated methods and tracking technologies, or when you voluntarily provide it to us, such as by registering and creating an account.
“Non-Personal Data” refers to information that does not identify a specific natural person and cannot reasonably be used to identify such a person. This may include information related to the use of the Website, Application, or Services, such as the scope, frequency, time, and date of access; interactions with content on our Website, Application, or Services; language preferences; and other technical details about the device on which the application is installed. When this information is aggregated or not combined with online identifiers, it is considered Non-Personal Data.
“Personal Data” refers to information that identifies or can reasonably identify an individual. This includes online identifiers such as an IP address, name, or email. Personal Data also includes insights derived from your preferences and behaviors, profiling data, or other information associated with you.
The table below provides a detailed explanation of the processing of Personal Data, its purpose, legal basis, and the processing activities involved:
DATASET
PURPOSE AND PROCESSING ACTIVITIES
LEGAL BASIS
If you wish to use our Application, you will need to log in and connect to our Application via your phone number and, depending on the game you wish to play or the feature you wish to use, through your Spotify or Apple Music account (via Spotify or Apple). We will retrieve your publicly available information, such as your name and email address, as enabled through your account settings (“Account Information”).
After completing the registration process and connecting your Spotify or Apple Music account, you may choose to share additional information about yourself, such as your age and gender. However, please note that sharing this information is not mandatory for using our Application.
We will collect this information to create and activate your account and to provide you with the Services.
We process this Account Information based on the necessity of the contract.
We may collect information related to your use and interaction with the Application and Services. This data may include analytics data, clickstream data, interests, etc. (“Usage Data”), and since it is associated with an online identifier, it may be considered Personal Data.
We will collect this information for purposes such as providing you with the Services and improving the functionality and performance of the Application.
We process this Usage Data based on our legitimate interests.
If you choose to use our paid services, payments will be processed through Apple Pay, Google Pay, or Stripe (“Payment Providers”). In this case, we will receive transaction IDs or tokens from the Payment Providers as proof of payment (“Payment Information”). We do not store or process credit card or other financial information.
We will collect and use this information to enable you to purchase paid services.
Your Payment Information will be processed in accordance with the policies of the respective Payment Provider: Google Pay's Privacy Policy is available HERE; Apple Pay's Privacy Policy is available HERE; Stripe's Privacy Policy is available HERE.
If you voluntarily contact us through the website or via email regarding your interest in our Services, support, or other inquiries, you may be required to provide certain information, such as your name, email address, and any additional information you choose to share with us (“Contact Information”).
We will use and record your Contact Information and communication history with us to respond to your request, provide support, assistance, or any other information you have requested.
We process this Contact Information based on our legitimate interests in order to respond to your request.
If you use our games and features, we may profile you based on your performance in the games, the listening data you allow us to process, and the music you listen to, and connect you with other users who have similar music tastes.
The created profile only defines your music taste and does not include your behaviors or other information. This profile is solely for providing you with personalized comments, statistics, and listening recommendations.
We will process this data based on the necessity of the contract.
We recommend that you avoid including Personal Data when chatting and messaging with another user; if such data is included, it will be subject to this privacy policy.
We process this information to enable you to chat with other users. Such chat communications will be retained until you delete them or delete your account.
We will process this data based on the necessity of the contract.
If you register to receive our newsletter or other marketing materials ("Marketing Materials"), you will be required to provide your contact information, such as your email address.
We will use your email address to send you our newsletter and other Marketing Materials.
We process these Marketing Materials subject to your consent. You can withdraw your consent at any time by using the "unsubscribe" link in the email or by contacting us directly.
On our website, we use our own cookies as well as third-party cookies; these cookies provide us with analytics and marketing services, as explained in more detail below. The processed Personal Data includes an online identifier such as a cookie identifier, IP address, etc. ("Online Identifiers").
We will use your Online Identifiers for analytics and marketing purposes.
We will process this data based on your consent provided in the cookie notice (unless otherwise required by law).
Please note that the processing activities may vary depending on the purpose of use and the legal basis detailed in the table above. These processing activities typically include a series of operations carried out by automated means, such as collection, storage, use, disclosure through transmission, deletion, or destruction. The transfer of personal data to third countries is based on the same legal basis outlined in the table above, as further detailed in the Data Transfer section.
Additionally, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, abuse, violations, identity theft, and any other misuse of the Services, enforce the Terms, protect the security or integrity of our databases and Services, and take precautions against legal liability. Such processing is based on our legitimate interests.
HOW WE COLLECT INFORMATION
Depending on the nature of your interaction with our Services, we may collect information in the following ways:
Automatically – We may use cookies, SDKs, and similar tracking technologies to automatically collect certain information when you access our website (as explained in the Tracking Technologies Section below).
Voluntarily Provided – We will collect information when you choose to provide it to us, such as when you contact us or share user-generated content in our chat feature.
COOKIES AND SIMILAR TRACKING TECHNOLOGIES
We use “cookies” and similar tracking technologies such as Software Development Kits (SDKs) in our Application and Services. A cookie is a small text file placed and stored on your device when you visit a website. These tracking technologies are very useful and can be used for various purposes. These purposes include: (i) enabling efficient navigation between pages; (ii) automatically activating certain features; (iii) remembering your preferences; and (iv) making interactions with our Services faster and easier. SDKs and cookies provide an opportunity to enhance the functionality of the Application and Services and are used for performance and analytics purposes (for example, allowing us to count visits and traffic sources, which helps us measure and improve the performance of our Services and marketing campaigns, knowing which features are most and least popular, etc.) and for marketing and targeting purposes.
The specific cookies, SDKs, and similar tracking technologies we currently use, their purposes, privacy policies, and opt-out controls are outlined in the table below:
COOKIES/SDK/API
PURPOSE
PRIVACY POLICY
Google Analytics
Google AdMob
Analytics and Measurement
www.google.com/policies/privacy/partners
https://policies.google.com/technologies/managing?hl=en
https://tools.google.com/dlpage/gaoptout
Google ürünlerinin kullanımımızla ilgili ek bilgi için **buraya** tıklayın.
ironSource
Purchasely
Spotify
Providing services
Providing services
Providing services
Providing services
Apple Music & Apple ID
Providing services and signing in / logging in
Firebase
Analytics and providing services
Please note that some cookies or tracking technologies are classified as “strictly necessary” – meaning they are essential for the functioning of our Services and cannot be disabled. When we use third-party advertising cookies, these third parties may independently collect Personal Data through these tracking technologies and use this information to combine it with other information they independently collect about your online activities on their websites to provide enhanced targeting functionality, deliver personalized ads, and provide aggregated analytics about the performance of the ad campaigns you interact with. These third parties collect and use this information according to their own privacy policies.
​
Most browsers allow you to delete cookies from your computer's hard drive, block cookies from being accepted, or receive a warning before a cookie is stored. You can set your browser's privacy and security settings to block all cookies, including those related to our website, or to notify you when a cookie is used by us. You can also use your device settings to change your preferences for tracking technologies and data collection via the Application. For guidance on how to adjust your privacy and security settings, please refer to your browser’s or device’s support page. Please note that when you choose to opt-out of cookies or disable cookies, some features of the Services may not function properly, and your online experience may be limited.
​
6. DATA SHARING – CATEGORIES OF RECIPIENTS WITH WHOM WE SHARE PERSONAL DATA
We may share your data with third parties, including trusted partners or service providers, who assist us in providing and improving our Services:
RECIPIENT CATEGORY
DATA TO BE SHARED
PURPOSE OF SHARING
Trusted Representatives and Service Providers
All data, to the extent necessary and applicable, for the provision of services.
We may disclose Personal Data to our trusted representatives (e.g., legal advisors) and service providers (e.g., cloud providers, Google Analytics, Firebase Crashlytics, CRM providers, etc., including but not limited to these) to perform requested services on our behalf. These providers are prohibited from using your Personal Data for any purposes other than providing us with the requested services. When sharing information with service providers, we ensure that they have access only to the information strictly necessary for the provision of the Services. These parties must safeguard the data they receive and use it solely for the previously agreed-upon purposes, and they must comply with all applicable data protection regulations (these service providers may use other non-personal data for their own purposes).
Affiliates and subsidiaries, or any company that acquires our business.
All datas
We may share Personal Data internally within our group or in the event of a corporate transaction (e.g., the sale of a significant part of our business, merger, consolidation, or asset sale). In such cases, our affiliates or the acquiring company will also assume the rights and obligations outlined in this Policy.
We may disclose certain data to law enforcement, government authorities, or authorized third parties in response to a verified request related to terrorism, criminal investigations, or alleged illegal activities, or any activities that could expose us, you, or other users to legal liability, and this will only be done to the extent necessary to comply with that purpose.
Legal authorities and law enforcement agencies
To a request by law enforcement authorities, subject to their request and legal requirements.
When we share Personal Data with service providers and partners, we ensure that they only have access to the information that is strictly necessary for the provision of the Services. These parties are required to secure the data they receive and use it solely for the purposes previously agreed upon, ensuring compliance with all applicable data protection regulations (these service providers may use other non-personal data for their own purposes).
7. INTERNATIONAL DATA TRANSFER
Our databases are currently located in Germany.
Any Personal Data you provide to us may be transferred and processed in countries outside the country where you access the Services. If you are a resident of the European Economic Area ("EEA"), we will take the necessary measures to ensure that your Personal Data receives an adequate level of data protection when transferred outside the EEA. If you reside in a region where your consent is required for the transfer of your Personal Data, your approval of this Privacy Policy includes your explicit consent for such data transfers.
DATA RETENTION
The Personal Data we collect and store will be retained according to the following criteria: (i) Purpose of collection: Unless otherwise stated, we will retain Personal Data as long as necessary and relevant to fulfill the purposes for which it was collected; (ii) Compliance with legal obligations: We will retain Personal Data when required for legal, regulatory, tax, or accounting requirements; (iii) Disputes, claims, and legal proceedings: We will retain Personal Data in order to have an accurate record of our dealings with you in the event of any complaints or disputes, or when we reasonably believe there is a possibility of legal action regarding the information or transactions. If we determine that the data is no longer necessary for these purposes, we may, at our discretion, delete or modify the information from our systems without notice.
SECURITY
We implement comprehensive security measures to reduce the risks of damage to Personal Data, data loss, unauthorized access, or misuse. We use appropriate data collection, storage, and processing practices, as well as security tools to protect Personal Data from unauthorized access, alteration, disclosure, or destruction. However, you should be aware that no security measures are completely error-free, and it is impossible to prevent all threats to data and systems security. Therefore, the processing of digital Personal Data inherently carries risks, and we cannot guarantee that our services and databases will be fully protected against malicious attempts, failures, unauthorized intervention or access, malware attacks, or other forms of misuse. The security of information also partially depends on the security of the computer, device, or network you use to contact us, and the security measures you take to protect your username and password, so please ensure that you take appropriate steps to protect this information.
Our data processing activities take place across various regions. When we transfer your Personal Data outside of your jurisdiction, we will take appropriate measures to ensure that the data is transferred securely and protected.
PRIVACY RIGHTS
We recognize that different individuals have different privacy concerns and preferences. Our goal is to be transparent about the Personal Data we collect so that you can make informed choices about how your data will be used. We provide you with certain choices, rights, and controls in relation to your information, depending on your relationship with Mudjik, your jurisdiction, and the applicable data protection laws. The table below outlines some of the key rights that may apply (depending on your jurisdiction and additional conditions), how you can exercise these rights, and how you can appeal a decision we make regarding them.
As explained below, please note that some rights can be exercised independently through your browser settings, app settings, etc., while for certain rights, you may need to submit a request by contacting us at contact@mudjik.com.
Right to be Informed
You have the right to be informed about our personal data collection and privacy practices. All information is detailed in this Privacy Policy, but if you have any questions or need further information, you can exercise this right by contacting us.
Information and Access Rights
You have the right to confirm whether we are collecting your Personal Data, as well as the right to know which specific Personal Data we hold and to obtain or access a copy of such data. You can exercise this right by sending a request to contact@mudjik.com.
You have the right to request the updating of inaccurate Personal Data, considering the type and purposes of processing. You can exercise this right by sending a request to contact@mudjik.com, and for certain types of Personal Data, you can directly correct the information through the Application settings.
Right to Rectification/Correction
You have the right to request the deletion of certain Personal Data if specific conditions are met. This right is not absolute. We may refuse your request in certain circumstances, including but not limited to compliance with legal obligations, defending against legal claims, legitimate interests such as record keeping, completing transactions, providing the goods or services requested, carrying out actions reasonably expected in the context of an ongoing business relationship, fulfilling the conditions of a written guarantee, detecting security incidents, protecting against or prosecuting malicious, misleading, fraudulent, or illegal activities, debugging product errors to identify and fix faults that impair the current functionality, exercising freedom of expression, enabling another consumer's freedom of expression rights, or exercising another right provided by law, cases where deleting the data would likely make the research impossible or severely hinder it when you had previously given informed consent, and participation in public interest or peer-reviewed scientific, historical, or statistical research, in compliance with all other applicable ethical and privacy laws.
You can exercise your right to erasure through the application settings or, if you do not have an account or for other reasons, by sending a request to contact@mudjik.com.
Right to Rectification/Correction
You may have the right to restrict the processing of your Personal Data under the following conditions: when you dispute the accuracy of your Personal Data, and during the period that allows us to verify its accuracy; when the processing is unlawful and you oppose the deletion of your Personal Data, requesting instead the restriction of its use; when we no longer need the Personal Data for processing purposes, but it must be retained by you for the establishment, exercise, or defense of legal claims; when the verification is pending regarding whether our legitimate interests override your request, while you have objected to the processing (as detailed below).
You can exercise this right by sending a request to contact@mudjik.com.You can exercise your right to erasure through the application settings or, if you do not have an account or for other reasons, by sending a request to contact@mudjik.com.
Right to Rectification/Correction
You have the right to obtain a copy of your Personal Data in a portable format that allows you to transmit it to another organization without hindrance, provided it is technically feasible. We will determine the format in which we will provide your copy.
You can exercise this right by sending a request to contact@mudjik.com.
Right to Data Portability
You have the right to withdraw your consent when the legal basis for processing your Personal Data is based on your consent. You can withdraw your consent at any time by sending a request to contact@mudjik.com. However, in certain cases of Personal Data processing, you may exercise your rights independently. For example, you can unsubscribe from our mailing list at any time by using the “unsubscribe” link provided in the message.
Additionally, if the processing is based on our legitimate interests, you have the right to object to the processing of your Personal Data. However, we may continue processing if our legitimate interests override your rights, or if the processing is necessary for the establishment, exercise, or defense of a legal claim or right.
We do not engage in profiling that significantly affects you or other individuals, so there is no opt-out option for that.
We do not "sell" or "share" your Personal Data in the conventional sense that most people understand. We do not disclose your Personal Data in exchange for money or other compensation, nor will we do so. However, while promoting our website, App, or Services, we may share Personal Data for analysis and marketing purposes, including targeted advertising. In most cases, we automatically collect Personal Data from our website through cookies and do not combine this with your actions on other websites. However, third-party partners may do so when providing us with analytics or advertising services.
You have the right to opt-out of the "sale" or "sharing" of your Personal Data for "targeted advertising," also known as "cross-context behavioral advertising" or "interest-based advertising." You can exercise this right as described in the “Cookies and Tracking Technologies” section above.
By setting privacy controls in your browser settings, you can signal your opt-out preference to all the websites you visit automatically (e.g., “Global Privacy Control”).
In any case, please note that opt-out tools are limited to the browser or device you are using, as they work with your browser or device identifier. Therefore, you will need to opt-out separately on each browser and device you use. Your browser may store some information in its cookies and cache to preserve your privacy preferences. Clearing these may remove your opt-out preferences and require you to opt-out again.You can exercise this right by sending a request to contact@mudjik.com.
Right to Withdraw Consent/Opt-Out/Right to Object. Specifically in the United States, the Right to Opt-Out includes: (i) the Sale of Personal Data; (ii) Targeted Advertising; and (iii) Profiling.
If we refuse to process your request, we will inform you without undue delay in accordance with applicable laws. The notification will include the reason for the refusal and, where applicable, instructions on how you can lodge an appeal.
Under the GDPR, you have the right to lodge a complaint with the relevant Data Protection Authority in the EU or the Information Commissioner’s Office in the United Kingdom.
In certain U.S. states, you have the right to object according to the applicable legal procedures. For more information, please refer to Section II – "U.S. Jurisdictions – Special Privacy Notices" in this Privacy Policy.
Right to Object or Lodge a Complaint
Denial of Goods or Services, Different Service Levels or Prices
We do not discriminate against users or our Services, however, we reserve the right to deny a good or service, provide a different level or quality of service, or charge different prices, in accordance with applicable laws.
If you believe that our Services have caused you to face discrimination, please contact us directly at: contact@mudjik.com.
Right to not be discriminated
11. ELIGIBILITY AND CHILDREN'S PRIVACY
Our Services are not designed for use by children (for the purposes of this section, "child" refers to the age defined by applicable law; for the EEA, this is under 16 years old, for the US, under 13 years old, and for Turkey, under 18 years old), and we do not knowingly process information from children. If we discover that we have received information from a user that is deemed to be from a "child," we will immediately delete the information. If you have reason to believe that a child has shared information with us, please contact us at contact@mudjik.com.
​
b. PRIVACY NOTICES SPECIFIC TO THE US JURISDICTION:
NOTICE FOR CALIFORNIA RESIDENTS This section applies only to residents of California and is governed by the California Consumer Privacy Act ("CCPA"), which took effect in November 2020, and as amended by the California Privacy Rights Act, effective January 1, 2023. Please review the CCPA Notice, which explains the categories of personal information we collect, the purpose for processing, the source, the categories of recipients with whom personal information is shared for business purposes, whether the personal information is sold or shared, the retention period, and how you can exercise your rights as a California resident.
2. ADDITIONAL NOTICE TO COLORADO RESIDENTS
Under the Colorado Privacy Act ("CPA"):
The term “Personal Data” refers to "information that is linked or reasonably linkable to an identified or identifiable individual" and does not include the following: publicly available information, de-identified or aggregated consumer information, and information outside the scope of the CPA. Examples of excluded information include health or medical information under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) or 42 CFR Part 2 – "Confidentiality of Substance Use Disorder Patient Records," personal data covered by sector-specific privacy laws such as the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), the Driver’s Privacy Protection Act of 1994, the Children’s Online Privacy Protection Act of 1998 (COPPA), the Family Educational Rights and Privacy Act of 1974, the Securities Exchange Act of 1934, data related to higher education, and employment data.
“Sensitive Data” includes:
(i) racial or ethnic origin, religious beliefs, mental or physical health conditions or diagnoses, sexual life or sexual orientation;
(ii) genetic or biometric data processed for the purpose of uniquely identifying an individual; or
(iii) data concerning children.
We do not process or collect sensitive data.
In Section I.3 “Information We Collect and Purpose of Collection” of our Privacy Policy, we describe the collection and processing of Personal Data, the categories of Personal Data collected or processed, and the purposes of such collection. Section I.6 “Data Sharing – Categories of Recipients With Whom We Share Personal Data” details the categories of third parties with whom we share Personal Data for business purposes. Further information about your privacy rights and how to exercise them is explained in Section I.10 “Privacy Rights.”
How to Submit a Request Under the CPA?
You or someone legally authorized to act on your behalf may submit a request to access or delete your Personal Data. If a request is submitted by someone other than the consumer about whom the information pertains, proof of authorization (e.g., a power of attorney or legal documents) will be required.
We will respond to a verifiable consumer request within 45 days of receipt, with a maximum of two responses in a twelve-month period. We reserve the right to extend the response period by an additional 45 days when reasonably necessary and will notify you of such an extension within the initial 45-day period. If we deny your request, you have the right to appeal our decision. You may file an appeal by contacting us at contact@mudjik.com and indicating your intention to appeal. We will provide a written response to your appeal within 60 days of receipt, including an explanation of any actions taken or not taken and the reasons for the decision. If your appeal is denied, you may file a complaint with the Colorado Attorney General at https://coag.gov/file-complaint/.
If you have an account with us, we will deliver our written response to that account or, at our discretion, via email. If you do not have an account with us, we will deliver our written response either by mail or electronically, based on your preference. You are not required to create an account to submit a request.
The disclosures we provide will only cover the twelve-month period preceding our receipt of your request. Our response will also explain any reasons why we cannot comply with a request, if applicable.
3. ADDITIONAL NOTICE TO VIRGINIA RESIDENTS
Under the Virginia Consumer Data Protection Act, as amended ("VCDPA"), if you are a Virginia resident acting in an individual or household context (and not in an employment or commercial context), you have the following rights regarding your Personal Data.
The term “Personal Data” refers to any information that is linked or reasonably linkable to an identified or identifiable natural person. "Personal Data" does not include de-identified data or publicly available information. It also excludes information regulated by laws such as HIPAA, GLBA, nonprofit organizations, higher education, employment data, and other exempted categories such as data under the Fair Credit Reporting Act (FCRA), the Driver’s Privacy Protection Act of 1994, the Family Educational Rights and Privacy Act, and the Farm Credit Act.
The VCDPA requires us to disclose:
The categories of data we process and the purposes for each category, as detailed in Section I.3 “Information We Collect and Purpose of Collection” of this Privacy Policy; and
The third parties with whom we share Personal Data, as detailed in Section I.6 “Data Sharing – Categories of Recipients With Whom We Share Personal Data.”
Additionally, Section I.10 “Privacy Rights” of this Privacy Policy details your rights under the VCDPA and how to exercise those rights.
How to Submit a Request Under the VCDPA?
We will respond to your request within 45 days of receipt. If reasonably necessary, we reserve the right to extend the response time by an additional 45 days, provided we notify you of the extension within the initial 45-day period. If we deny your request, you have the right to appeal our decision by contacting us at contact@mudjik.com and indicating your intention to appeal. We will provide a written response to your appeal within 60 days of receipt, including an explanation of any actions taken or not taken and the reasons for the decision.
If your appeal is denied, you may file a complaint with the Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform.
We will provide the requested information free of charge up to twice annually. However, we may charge a fee for requests that are manifestly unfounded, excessive, or repetitive. If we are unable to verify your identity using commercially reasonable efforts, we may request additional information reasonably necessary to verify you and your request. If we cannot verify you or your request, we will not be able to fulfill your request.
4. ADDITIONAL NOTICE TO CONNECTICUT RESIDENTS
Under the Connecticut Data Privacy Act, Public Act No. 22-14 (“CDPA”), if you are a Connecticut resident acting in an individual or household context (and not in a commercial or employment context or as a representative of a business, nonprofit, or governmental entity), your rights regarding your personal data are described below.
The term “Personal Data” refers to any information that is linked or reasonably linkable to an identified or identifiable individual. It does not include de-identified data or publicly available information. It also excludes information regulated by laws such as HIPAA, GLBA, nonprofit organizations, higher education, employment data, and other exempted categories such as data under the Fair Credit Reporting Act (FCRA), the Driver’s Privacy Protection Act of 1994, the Family Educational Rights and Privacy Act, and the Farm Credit Act.
The categories of personal data processed and the purposes for processing are detailed in Section I.3 “Information We Collect and Purpose of Collection” of this Privacy Policy. The categories of personal data shared with third parties and the categories of third parties with whom data is shared are detailed in Section I.6 “Data Sharing – Categories of Recipients With Whom We Share Personal Data.”
Information about your rights and how to exercise them is provided in Section I.10 “Privacy Rights.”
How to Submit a Request Under the CDPA?
We will respond to your request within 45 days of receipt. If reasonably necessary, considering the complexity and number of requests, and if we notify you of the extension within the initial 45-day period, we may extend the response time once by an additional 45 days.
If we deny your request, we will inform you without undue delay, and no later than 45 days after receipt of your request. This notification will include the reason for the denial and instructions on how to appeal our decision. We will respond to your appeal within 60 days of receipt, providing a written explanation of any actions taken or not taken in response to the appeal and the reasons for our decision.
If your appeal is denied, you may file a complaint with the Connecticut Attorney General at https://www.dir.ct.gov/ag/complaint/ or by calling (860) 808-5318.
We will provide information in response to your requests free of charge up to twice annually. However, we may charge a fee if the requests are manifestly unfounded, excessive, or repetitive. If we are unable to verify your identity using commercially reasonable efforts, we may request additional information reasonably necessary to verify you and your request. If we cannot verify you or your request, we will not be able to fulfill it.
5. ADDITIONAL NOTICE TO UTAH RESIDENTS
Under the Utah Consumer Privacy Act (“UCPA”), if you are a Utah resident acting in an individual or household context (and not in a commercial or employment context), your rights regarding your personal data are outlined below.
The term “Personal Data” refers to data linked or reasonably linkable to an identified or identifiable individual. It does not include de-identified data or publicly available information.
The categories of personal data processed and the purposes for processing are detailed in Section I.3 “Information We Collect and Purpose of Collection” of this Privacy Policy. The categories of personal data shared with third parties and the categories of third parties with whom data is shared are detailed in Section I.6 “Data Sharing – Categories of Recipients With Whom We Share Personal Data.”
Information about your rights and how to exercise them is provided in Section I.10 “Privacy Rights.”
6. NOTICE TO NEVADA RESIDENTS
Nevada law allows Nevada residents to opt out of the sale of certain types of personal information. Subject to a few exceptions, Nevada law defines “sale” as the exchange of specific types of personal information for monetary consideration with another party.
Currently, we do not sell personal information as defined by Nevada law. However, if you are a Nevada resident, you may submit a verified request to opt out of sales, and we will record your instructions to apply them in the event of a future policy change.
To submit an opt-out request, please contact us at contact@mudjik.com.