- "Account" means a Customer’s account, which is identified by the Customer’s information entered during the registration of the Customer in the Company’s system, and which contains the Customer’s balance;
- "Company", means MTX Connect S.a.r.l. and/or any of its affiliates, subsidiaries, and parent companies involved in rendering the Services to the Customer;
- "Customer" means a registered or potential user of the Services;
- "Data Controller" means an entity that determines the purposes and means of the Processing of Personal Data;
- "GDPR" means either or both (as the case may be) the EU Data Protection Directive 95/46/EC and the European Union’s (EU) General Data Protection Regulation EU 2016/679;
- "Service" or "Services" mean the telecommunication services provided by the Company in accordance with the description and terms and conditions of services specified on the Website;
- "Personal Data" means any information relating to an identified or identifiable natural person;
- "Processing" means any operation(s) performed on the Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- "SIM Card" means a SIM card manufactured upon request of and in accordance with requirements of the Company and which is designed to facilitate internet access on the designated territory, at the price of and under the terms and conditions as are set out on the Website;
- "Website" means www.mtxc.eu.
B. PRIVACY STATEMENT
C. NOT FOR CHILDREN
- A Customer must be at least 18 years old. Children under 18 years old are not permitted to use the Services and the Website and must not send the Company any information. If a child under 18 submits any information through any part of the Website, such information will be treated by the Company as the information submitted by a person over 18 years old. Should the Company becomes aware that the person submitting the information is under 18, the Company will attempt to delete this information as soon as possible and to the extent permitted by applicable law. The Company neither knowingly collects any Personal Data about children under 18, nor it knowingly uses nor discloses such information.
D. PERSONAL DATA COLLECTION AND PROCESSING POLICY
D1. INFORMATION COLLECTED
D1A. INFORMATION PROVIDED BY CUSTOMER:
- SIM Card Ordering and Account Opening. When the Customer orders a SIM Card or opens an Account, the Company may ask for the Customers’ contact information, including the name, company name, date of birth, mailing, billing or shipping address, email address, and telephone number.
- The Company may store certain Personal Data for the purposes of authentication in connection with the use of the Services or access to the information related to the Services, such as: user name, password, personal identification number, password hints, and similar data.
- Payment Information. When the Customer adds his/her financial account information to the Account, that information is directed to our third-party payment processor who is subject to the GDPR requirements. The Company does not store the Customers’ financial account information on the Company systems; however, the Company has access to, and may retain, the Customer’s information through the Company’s third-party payment processor for the purposes of financial and audit control of the Company as well as for any legal interception in case of fraudulent or similar incidents.
- Communications. If the Customer contacts the Company directly, the Company may ask such person to provide the following Personal Data in order to properly handle a respective query to the satisfaction of the requesting person: name, email address, phone number, the contents of the message and/or attachments, and any other information the contacting person may choose to provide along with his/her query. The Company may also receive a confirmation when the Customer opens a message from the Company.
D1B. INFORMATION COLLECTED WHEN THE CUSTOMER USES THE SERVICES, INCLUDING INFORMATION RECEIVED FROM THE THIRD PARTIES:
- Cookies and Other Tracking Technologies. When the Customer engages in specific activities on the Website, such as ordering or applying for the Services, the Company requests the Customer to provide certain information by submitting it online. To allow the Company to improve the Website and to better respond to the Customer’s orders and requests, the Company uses "cookies" to track the Customer’s visits. The Company also collects statistics on visitors’ traffic to the Website so that the Company can constantly improve the Website usefulness. All such statistics are anonymous and do not identify each particular visitor.
- A cookie is a piece of information sent to the website visitor’s browser by a web server that uniquely identifies the website visitor’s browser and tracks a visit. This information does not identify the website visitor’s personally and such visitor remains anonymous, unless the visitor visits the website under his/her login and password and can be identified in accordance with his/her previously provided Personal Data. Most browsers are structured to accept cookies but the Customer can set his/her browser to turn the cookies off or to set up a notification upon receipt of a cookie, which gives the Customer an option whether to accept the cookie or not. The Customer can see the cookies in the cookies folder on his/her devise used to access the website and can delete the cookies at any time. However, if the Customer disables the cookies, he/she may not be able to access certain areas or to take advantage of certain features or services available on a particular website, including the Company’s Website.
- Device Identification Data: Data that identifies a device from which (or to which) electronic communications are sent (or received); may include Internet Protocol (IP) address, Media Access Control (MAC) address, International Mobile Equipment Identity (IMEI) number, International Mobile Subscriber Identity (IMSI) number, Serial Number, and Unique Device Identifier (UDID).
- Electronic Communications Metadata: Data processed in an electronic communications network for the purposes of transmitting, distributing, or exchanging electronic communications content (but excluding the electronic communications content), includes the data used to trace and identify the source and destination of a communication, data on the location of the device generated in the context of providing electronic communications services, and the date, time, duration, and type of communication.
- Data Received from Third Party Accounts: Should the Customer choose to link the Company’s Services to a third-party account, the Company will receive information about that account, such as authentication token from the third-party account, to authorize the linking. Should the Customer wish to limit the third party information available to the Company, the Customer should visit the privacy settings of his/her third-party accounts to learn about available options.
D2. INFORMATION PROCESSED
- The Company processes the information it collects to operate the Services, to maintain and to improve the performance and utilization of the Services, to develop new features, to protect the security and safety of the Services and the Customers, and to provide customer support. The Company also uses this data to develop aggregate analysis and business intelligence that enable the Company to operate, to protect, to make informed decisions, and to report on the performance of business.
- The information is also processed for credit card verification, fraud and similar incident prevention and compliance purposes, including the enforcement of the terms and conditions for the Company’s Services, or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.
- Should the Company ask the Customer to provide the Personal Data to comply with a legal requirement or to make a contract with the Customer, the Company will make this clear at the relevant time and advise the Customer whether the provision of the Customer’s Personal Data is mandatory or not (as well as of the possible consequences if the Customer fails to provide Personal Data).
E. INFORMATION SHARING POLICY
- The Company may share the Customer’s information with the Company’s affiliates and contractors for the limited purposes:
- Vendors and Service Providers. The Company may share certain information with third-party vendors and service providers that are subject to the GDPR requirements and participate in rendering the Services by the Company.
- Aggregate Information. Where legally permissible, the Company may use and share the information about its Customers with the Company’s partners in aggregated or de-identified form that can’t reasonably be used to identify the Customer.
- Advertising. The Company engages various third-party advertising partners to promote the Services. For the marketing and promotional purposes the Company may share certain statistical anonymized data with its advertising partners, without any disclosure of any Personal Data.
- Business Transfers. Information may be disclosed and otherwise transferred to any potential acquirer, successor, or assignee as a part of any proposed merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of the Company’s business assets.
- Customer’s Consent. The Company may share information upon the Customer’s consent.
F. INFORMATION RETENTION POLICY
- The Company retains the collected Personal Data for the purposes of ongoing legitimate business needs, such as to comply with applicable legal, tax, or accounting requirements and for other similar legitimate purposes.
- In case where there is no ongoing legitimate business needs to process the Personal Data, the Company either deletes or anonymizes it or, if this is not possible (for example in a situation when the Personal Data has been stored in backup archives), then it is securely stored and isolated from any further processing until deletion is possible.
- The information provided by the Customer may be archived or stored periodically by the Company according to the backup processes conducted in the ordinary course of business for the disaster recovery purposes.
- The Company stores the Customer’s Personal Data only for as long as it is necessary to achieve the purpose for which it was collected. The Company may purge the Customer’s Personal Data and other data from its system within 18 months of the Customer’s Account inactivity. The Company will purge the Customer’s Personal Data if the Customer cancels or terminates his/her Account. Should the Customer want his/her Personal Data deleted at any time, the Customer shall contact the Company via email at: [email protected].
- Where required by law, the Company will store transactional data, even when the Account is cancelled, terminated or closed due to inactivity.
G. DATA ACCESS
- The Customer may access certain information associated with the Customer’s Account by logging into the Company’s Customer Self-Care portal (https://selfcare.mtxc.eu) or by emailing the Company at [email protected].
- To protect the Customer’s privacy and security the Company may also take reasonable steps to verify the Customer’s identity before updating or removing Customer’s information.
- The Customer’s ability to access and correct the Customer’s information may be temporarily limited where access and correction could: inhibit the Company’s ability to comply with a legal obligation; inhibit the Company’s ability to investigate, make or defend legal claims; result in disclosure of Personal Data about a third party; or result in a breach of contract or disclosure of trade secrets or other proprietary business information belonging to the Company or to a third party.
H. CUSTOMER DATA PROTECTION RIGHTS UNDER GDPR
- Customers being the residents of the European Economic Area have the following data protection rights:
- The Customer may at any time access, correct, update, or request deletion of the Customer’s Personal Data by emailing to [email protected].
- The Customer can object to the processing of Customer’s Personal Data, ask the Company to restrict the processing of Customer’s Personal Data, or request portability of Customer’s Personal Data. The Customer can exercise these rights by emailing to [email protected].
- The Customer has the right to opt-out at any time from the Company’s marketing communications. The Customer can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails sent by the Company. To opt-out of other forms of marketing, the Customer should contact the Company by emailing to The Customer can object to the processing of Customer’s Personal Data, ask the Company to restrict the processing of Customer’s Personal Data, or request portability of Customer’s Personal Data. The Customer can exercise these rights by emailing to [email protected].
- Similarly, if the Company has collected and processed the Customer’s Personal Data with the Customer’s consent, the Customer can withdraw such consent at any time. Withdrawing the consent by the Customer will not affect the lawfulness of any processing the Company conducted prior to the withdrawal, nor will it affect the processing of the Customer’s Personal Data conducted in reliance on lawful processing grounds other than consent.
- Customer has the right to complain to a data protection authority about the Company’s collection and use of the Customer’s Personal Data. For more information, the Customer should contact the local data protection authority.
- The Company responds to all requests received from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
I. OPTING IN AND OUT
- Upon registering an Account the Customer may choose an option of receiving the information from the Company about updates to the Services, promotions, and special offers. To opt out from such information the Customer shall send a request at [email protected] or via post addressed to the Customer Support at:
- MTX Connect S.à r.l. 4, rue A. Graham Bell L-3235 Bettembourg, Luxembourg
- Some of the features of the Services are available without registering, thereby limiting the type of information that the Company may collect.
J. WEBSITE LINKS
- The Company is committed to protecting its Customers’ Personal Data. To do so, the Company maintains physical, electronic, and procedural safeguards in connection with the collection, processing and storage of the Customer’s Personal Data, designed to protect the information from unauthorized access, use, or disclosure. The measures the Company uses are designed to provide a level of security appropriate to the risk of processing Personal Data. .
L. INTERNATIONAL DATA TRANSFERS
- MTX Connect S.à r.l. 4, rue A. Graham Bell L-3235 Bettembourg Luxembourg
- The data controller of the Personal Data is MTX Connect S.a r.l.