Data Privacy Notice

Effective Date: Jun 14, 2022

Modular Marketing, LLC ("we," "us," or "our") is committed to protecting the privacy and security of the data we interact with as part of our services. This Privacy Notice explains how we handle data when providing lifecycle marketing services to our clients.

Scope

This Privacy Notice applies to our agency's handling of data provided to us by clients or accessed in the course of delivering our services. As a service provider, we typically do not collect or process personal information directly from individuals.

Types of Personal Information Processed 

As part of our services, we may process the following categories of personal information on behalf of our clients:

  • Contact information (email addresses, phone numbers, physical addresses)
  • Identity information (names, usernames, account IDs)
  • Demographic information (age, gender, location)
  • Behavioral data (email engagement, website interactions, purchase history)
  • Marketing preferences and consent status
  • Transaction and customer history
  • Device and technical information (IP addresses, browser type, device identifiers)

Legal Basis for Processing 

When processing personal data on behalf of our clients, we do so based on the following legal grounds:

  • Performance of Contract: Processing necessary for the fulfillment of our contractual obligations to our clients
  • Legitimate Interests: Processing necessary for our clients' legitimate interests in marketing, customer service, and business development
  • Consent: Where required, processing based on the consent obtained by our clients from their customers
  • Legal Obligations: Processing necessary to comply with applicable laws and regulations

Data Handling Practices

1. Data Usage:

We only access data as required to perform agreed-upon services, such as campaign execution, analytics, or platform configuration. Any data we handle remains the property of our clients.

2. Data Access:

Access to client data is limited to authorized personnel who require it for service delivery. We enforce strict access controls and use secure methods for data transfer and storage.

3. Data Security:

We follow best practices to protect client data, including:

  • Encryption for data in transit and at rest
  • Secure access management (e.g., role-based permissions)
  • Regular training for our team on privacy and security practices

4. Third-Party Services:

When working with third-party platforms (e.g., Braze, Meta, Google Ad Manager), we adhere to their security requirements and ensure that integrations are set up securely.

5. Data Retention:

We do not store client data beyond the duration of the project or as required for contractual obligations. Any temporary storage is securely managed and promptly deleted when no longer needed.

Your Rights

Our clients have full control over their data and can request information about how it is being handled at any time. We are committed to transparency and open communication regarding data use.

Individuals whose personal data we process on behalf of our clients have certain rights under applicable data protection laws, including:

  • The right to access their personal data
  • The right to rectification of inaccurate data
  • The right to erasure of their personal data
  • The right to restrict or object to processing
  • The right to data portability
  • The right to withdraw consent (where processing is based on consent)

As a data processor, we will assist our clients in fulfilling these rights when requested. Individuals should primarily contact our clients (the data controllers) to exercise these rights.

Right to Lodge a Complaint

If you believe that the processing of your personal data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority. For EU residents, you can find your data protection authority at https://edpb.europa.eu/about-edpb/board/members_en. For UK residents, you can contact the Information Commissioner's Office at https://ico.org.uk/.

Updates to this Notice

We may update this Privacy Notice periodically to reflect changes in our practices or legal requirements. Clients will be notified of significant updates.

Contact Us

If you have any questions or concerns about our privacy practices, please contact us at:
Email: security@modularmarketing.co

Alignment with Master Services Agreement (MSA)

This Privacy Notice is intended to supplement the confidentiality and data handling terms outlined in our Master Services Agreement (MSA). The following points ensure alignment with the MSA:

  1. Confidential Information: All client-provided data is treated as confidential and used solely for the purposes outlined in the MSA or applicable Statements of Work (SOWs).
  2. Data Ownership: Clients retain ownership of all materials, data, and intellectual property shared with us. We do not claim ownership of client data and process it strictly to deliver the agreed-upon services.
  3. Limited Use of Data: Any access to client-provided data is limited to what is necessary for service delivery, in compliance with the scope and terms defined in the MSA.
  4. Data Retention and Return: Upon completion or termination of services, all client data is securely deleted or returned, as specified in the MSA.
  5. Third-Party Platforms and Integrations: Any data shared with third-party platforms or tools is handled in accordance with the MSA and the client's compliance obligations. Modular is not responsible for ensuring third-party compliance but works to ensure secure integrations.
© Modular Marketing, LLC 2024
Copyright Modular Marketing, LLC, 2023