Privacy Policy
1. Introduction
At md-ind.com, we are firmly committed to safeguarding your privacy and ensuring the protection of your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you visit our website, interact with our services, or communicate with us. We take our obligations under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), seriously and implement industry best practices to uphold your rights.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of md-ind.com and governs the handling of personal data collected through this website, our platforms, or associated contact methods.
MD Industries is the data controller responsible for the processing of your personal data, as defined under relevant data protection laws. As the data controller, we determine the purposes and means of processing your personal information in accordance with legal and regulatory requirements.
For any questions regarding this policy or our data protection practices, contact us at: [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Information regarding your visit to md-ind.com, including browser type and version, IP address, referring/exit pages, time zone settings, date and time of visits, session duration, and site interaction data.
b. Account Data
Data provided upon account creation or profile registration, such as full name, residential or billing address, email address, phone number, and login credentials.
c. Profile Data
Details concerning your preferences, account settings, purchase history, product usage patterns, interests, and behaviors observed while using our services.
d. Communication Data
Records of your communications with us, including support requests, submitted forms, customer service inquiries, email correspondence, and interaction logs.
e. Technical Data
Device identifiers, operating system details, browser plug-ins, internet service provider data, screen resolution, and other technical configuration data that facilitate your connection to our services.
f. Transaction Data
Details related to purchases and financial transactions, including payment card information (processed through secure third-party providers), transaction history, delivery address, invoices, and order confirmations.
g. Preference Data
Information you provide regarding your interests in specific products or services, marketing preferences, opt-in or opt-out status, and communication frequency preferences.
4. Legal Bases for Processing Personal Data
We process your personal data under the following lawful bases as permitted by the GDPR:
– Contractual Necessity: Where data processing is necessary to enter into or perform a contract, such as processing your order or delivering purchased goods.
– Legitimate Interests: For purposes such as fraud prevention, product improvement, internal analytics, and service optimization—unless such interests are overridden by your rights and freedoms.
– Consent: For sending marketing communications or setting non-essential cookies, where legally required.
– Legal Obligation: When processing is necessary for compliance with legal obligations, including financial regulations, tax reporting, or law enforcement requirements.
For residents of California, we ensure compliance with rights under the CCPA and will not discriminate against you for exercising these rights.
5. Your Rights
Under applicable data protection laws, you are entitled to:
– Access: Request access to the personal data we hold about you.
– Rectification: Request correction of inaccurate or incomplete information.
– Erasure: Request deletion of your personal information, where applicable.
– Restriction: Request limitation of how your data is processed.
– Portability: Request to receive your personal data in a structured, commonly used format.
– Objection: Object to processing based on legitimate interests or for direct marketing purposes.
– Withdrawal of Consent: Withdraw consent at any time when processing is based on your consent.
To exercise any of these rights, you may contact us at [email protected].
6. Security Measures
We implement robust technical and organizational safeguards to ensure the confidentiality, integrity, and availability of your personal data:
– Data transmission is encrypted using TLS (Transport Layer Security).
– Access to your data is limited to authorized personnel trained in data protection.
– Regular data backups, role-based access controls, and multilayered security infrastructure are used to prevent unauthorized access, loss, misuse, or alteration of your data.
– Internal policies and staff training reinforce a privacy-by-design culture.
7. International Transfers
If your information is transferred outside of your jurisdiction, including to countries that may not provide the same level of legal protection as your own, we ensure adequate safeguards are in place, such as:
– Standard Contractual Clauses (SCCs) approved by the European Commission.
– Compliance with regional data transfer requirements under applicable laws.
– Additional technical, contractual, and organizational measures as needed.
8. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal, regulatory, or contractual obligations, as summarized below:
– Usage and Technical Data: Up to 24 months.
– Account and Profile Data: For the duration of your account and up to 5 years following inactivity.
– Transaction Data: Maintained for a minimum of 7 years to comply with financial and legal obligations.
– Communication Records: Retained for up to 3 years for quality assurance and resolution purposes.
– Marketing Preferences: Stored until opt-out is registered or consent is withdrawn.
9. Cookie Policy
Our website, md-ind.com, uses cookies and other similar technologies. These serve the following functions:
– Essential Cookies: Required for core website functionality, including login and account management.
– Functional Cookies: Enhance usability, such as remembering your preferences or settings.
– Analytics Cookies: Collect aggregated data to help us understand website usage and performance.
– Performance Cookies: Improve load times, responsiveness, and user experience by monitoring performance.
We do not use cookies for profiling or sell your personal data to third parties.
10. Cookie Management and Compliance with GDPR & CCPA
Upon your first visit, md-ind.com presents a cookie banner that complies fully with GDPR and CCPA requirements, allowing you to accept or reject non-essential cookies. You may adjust your cookie preferences at any time using the ‘Cookie Settings’ section of our site or by clearing cookies via your browser settings.
Under the CCPA, users may also request to opt out of the sale of personal information, although md-ind.com does not sell user data in any form.
11. Special Protections for Children
md-ind.com does not knowingly collect, process, or solicit personal data from children under the age of 13. If you are a parent or legal guardian and believe your child has provided us with personal information, please contact us immediately at [email protected] so we may take appropriate steps to remove such data.
12. Policy Updates and Notifications
We reserve the right to modify this Privacy Policy as necessary to reflect changes in laws, our practices, or operational requirements. Updates will be posted on md-ind.com, and where significant, we will provide clear notification or seek renewed consent when applicable.
13. Contact Information
If you have any questions regarding this Privacy Policy, your rights, or our data handling practices, please do not hesitate to reach out to us:
MD Industries
Email: [email protected]
We strive to maintain full compliance with global privacy regulations and are committed to transparency and fairness in all aspects of data processing. Users are encouraged to contact us with any concerns or requests related to privacy and personal data.