Mavarick Data Protection Principles‍

Mavarick (“we”, “us”, or “our”) is the data processor and adheres to the legal responsibilities of this role. As the Data Processor, Mavarick respects the privacy and confidentiality of all users who engage with Mavarick Services, or organisations that engage in partnership, or project work with Mavarick. Mavarick strives to ensure that all data that is shared with us, as a Data Processor, is treated with full respect regarding privacy and is protected in line with all legal responsibilities and recognised best practice standards and processes. Mavarick will only collect the minimum levels of personal data necessary to support our operational processes and will never share, or sell, personally identifiable data collected while maintaining our business processes without asking for and receiving fully informed consent from any Service users, or clients, who may be affected by that action.

Definitions ‘Services’ refers to the “Carbon Management System” and marketing website (https://mavarick.ai) provided by Mavarick.

Purpose of the Privacy Policy

This Privacy Policy is published to comply with the provisions of the General Data Protection Regulation (GDPR), and the Data Protection Act 2018. Mavarick publishes this Privacy Policy:

• to ensure all data capture, data management and data utilisation processes are transparent to our end users
• to clearly explain what data we collect
• to explain how Mavarick uses any personal information that our end users supply to us

Types of Data Collected

Mavarick only capture the minimum number of data items required for the delivery of contractual obligations with the client. Mavarick only collects the following data items, depending on your interactions with the Service or the organisation itself:

• Personal Identification Information: Names, addresses, email addresses and phone numbers, resume’s, cover letters.
• Technical Data: IP addresses, device types, browser types, and usage data (e.g., cookies, analytics).

Legal Basis for Data Processing

All data is held in accordance with the terms of the General Data Protection Regulation (GDPR), and the Data Protection Act 2018. The legal basis for processing personal data is that the data is needed to fulfil a contract with the user.

Data Processing Purposes

The reasons why Mavarick collects and processes personal data are to fulfil the following:

• Providing services or products to the user
• Customer support
• Marketing (email newsletters, promotions, targeted advertisements)
• Legal or regulatory compliance
• Analytics and improving services

Data Retention Period

Mavarick keeps personally identifiable data for a period of two years following the closure of a user account, for legal and audit purposes. After this period all personally identifiable data items are destroyed in line with best practice data destruction standards.

Data Sharing and Transfers

Third-Party Service Providers: Mavarick uses Amazon Web Services (AWS) to provide compute power for the “Carbon Management System” and Mongo to store data for the “Carbon Management System” with both AWS and Mongo hosted in Dublin, Ireland. Mavarick use Lead feeder and Apollo to understand platform utilisation on the Mavarick marketing site https://mavarick.ai.

Mavarick will not pass personal details to other people, or organisations, without first obtaining consent. Mavarick reserves the right to share aggregated information with other companies that we own, or other companies that help us provide any of our Services. A data subject (“individual”) has the following rights under the GDPR and Data Protection Acts 1988-2018:

• Right to Access: Users can request a copy of the data held about them.
• Right to Rectification: Users can correct inaccurate or incomplete data.
• Right to Erasure (Right to be Forgotten): Users can request the deletion of their personal data under certain circumstances.
• Right to Restrict Processing: Users can request the restriction of their data processing.
• Right to Data Portability: Users can request their data in a structured, commonly used format and transfer it to another service.
• Right to Object: Users can object to processing based on legitimate interests, direct marketing, or profiling.
• Right to Withdraw Consent: If processing is based on consent, users can withdraw it at any time.

Users are not required to pay any charge for exercising their rights. If users make a request, Mavarick has one month to respond. However, Mavarick aims to provide a response to all Data Rights Requests within 24 hours, with full completion of related actions within seven working days. Users can contact us at info@mavarick.ai if they wish to request any changes to the data Mavarick holds about them or to withdraw consent. It should be stated in the heading of the email which right or rights the user wishes to exercise.

Your Consent

By providing Mavarick with personal information, the end user is agreeing to Mavarick’s use of that information as stated in this Privacy Policy.

Security Measures

All data that is captured through user interactions with Mavarick Services is stored securely in protected databases and only accessible to accredited administrative users with specific access permissions. Data transferred between Mavarick Services webpages and the data stores we utilise is fully encrypted in transit, in line with best practice encryption methodologies (certified 256bit encryption) to minimise the risk of that data being intercepted or breached. Mavarick Services use TLS 1.2 to transmit data securely when the items are accessed via a browser.

Cookies and Tracking Technologies

i) Our use of cookies : Cookies are small text markers stored on your computer that enable us to understand how people use our websites. No personally identifiable information is stored in cookies. In common with many similar websites, Mavarick Services uses them to help remember preferences and for anonymous statistical measurements – for example so we know how many ‘visits’ a page has had. Mavarick Services uses cookies to:

• remember certain information about users so they don’t have to repeatedly provide that information
• recognise if users are already logged in to certain areas of the website
• measure how people use our website so we can continually improve how information is provided.

Users can control and delete cookies even though Mavarick Services do not use cookies to collect personally identifiable information about them. If users still want to restrict or block cookies, they can do this through their chosen internet browser (Internet Explorer, Google Chrome, Mozilla Firefox etc.) by using the help function within the specific browser to find out how. However, if users restrict cookies for the Mavarick website then there is a risk they will not be able to access the full functionality of the Mavarick website and the user experience may be undermined as a result.

ii) What cookies are used on Mavarick sites? : Mavarick use Lead feeder and Apollo to understand platform utilisation on the Mavarick marketing site, https://mavarick.ai.

iii) Embedded third party services : Occasionally Mavarick embed things like video, audio and pictures from other websites such as such as YouTube, Vimeo, Flickr or Soundcloud. This means it looks like one of our web pages, but the video is being fed through from another site (i.e. YouTube). When this embedded content is accessed via the Mavarick site, the owner of that content sites may use their own cookies to record that you watched or viewed the content. Mavarick has no control over these cookies so you should check the relevant website for more information.

Marketing Communications

Users can opt-out of email marketing communications by clicking an opt-out link at the bottom of Mavarick emails.

Changes to:

i) the Privacy Policy: Mavarick may update the Privacy Policy from time to time. When we make changes, we will update the “Last Updated” date at the top of this page. If users use the website after changes are made they will be agreeing to those changes.

ii) Personal details: If personal details change, users can help the Mavarick team to keep those details up to date by telling us about any changes. If users want to see what information we have about them, or need to tell us about any changes to the information that they have given to us, please contact:

Data Protection Officer: info@mavarick.ai

Contact Information

If users need to contact Mavarick regarding their privacy rights they can contact us here via email or via post to the company address below:

Data Protection Officer : info@mavarick.ai

Users can also file complaints with the Data Protection Commission (DPC) in Ireland (https://www.dataprotection.ie/en) if they believe their rights have been violated.

‍