February 17, 2021 / Last updated
Mint Labs, Inc. a Delaware corporation, with offices at 241 A Street Suite 300, 02210 Boston, MA, United States, trading as QMENTA and its subsidiaries (the “Company” or “QMENTA”, “we”, “us” or “our”) are committed to protecting the privacy of our clients, potential clients and users of our website. We want to provide a safe and secure user experience. We will ensure that the information you submit to us, or which we collect, via various channels (including our website, through written correspondence including e-mail is only used for the purposes set out in this policy.
Right to Object: You have a legal right to object at any time to:
- use of your personal information for direct marketing purposes; and
- processing of your personal information which is based on our legitimate interests, unless there are compelling legitimate ground for our continued processing.
Online Privacy Practices
The following website www.qmenta.com (“the Site”) is operated by Mint Labs Inc whose European office is located at C/ Roger de Llúria 46, Pral. 1ª 08009 Barcelona, Spain.
We are keen to strike a fair balance between your personal privacy and ensuring that you obtain full value from the products and services (“the Services”) that we may provide to you.
The Company is registered with the Spanish Data Protection Agency as a data controller, with registration number O00007128e2100004296.
The Information we collect about you
• Information that you provide in order for us to contact you/ your colleagues and schedule appointments.
- Information that you provide in order for us to invoice your organisation.
• We may ask for your consent to use your contact details for future marketing purposes. You have the right to withdraw your consent at any time.
• Details of your visits to this website (including, but not limited to, traffic data and location data) whether this is required for our own purposes or otherwise, and the resources that you access.
• If you contact us, we may keep a record of your email or other correspondence.
The Legal Basis for Processing your Personal Information
Under GDPR, the main grounds that we reply upon in order to process personal information of our users are the following:
(a) Necessary for entering into, or performing, a contract – in order to perform obligations that we undertake in providing a service to you, or in order to take steps at your request to enter into a contract with us, it will be necessary for us to process your personal data;
(b) Necessary for compliance with a legal obligation – we are subject to certain legal requirements which may require us to process your personal data. We may also be obliged by law to disclose your personal data to a government agency, regulatory body or law enforcement agency;
(c) Necessary for the purposes of legitimate interests – either we, or a third party, will need to process your personal data for the purposes of our (or a third party’s) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your personal data protected. Our legitimate interests include responding to requests and enquiries from you or a third party, optimising our website and customer experience, informing you about our products and services and ensuring that our operations are conducted in an appropriate and efficient manner;
(d) Consent – in some circumstances, we may ask for your consent to process your personal data in a particular way.
How long we will hold your information
In particular, we will store certain categories of your personal information for the following periods of time:
|Category of Personal Data||Storage time period|
|Marketing data on customers||5 years|
|Marketing data on prospective customers||5 years|
|Customer details for accounts and invoicing purposes.
We are legally obliged to keep these for 6 years.
|6 years after last invoice|
|Website and analytics data||6 years|
How we share your Personal Information
We may disclose your personal information to relevant third parties who will supply the services you requested.
Trusted Third Parties
We will only share your personal information with trusted third parties where we have retained them to provide services that you have requested or for our legitimate business purposes such as our consultants, IT or professional support services.
New Business Owners
If we or our business merges with or is acquired by another business or company, we will share your personal information with the new owners of the business or company and their advisors. If this happens, we will notify you of such an event.
Transfer of Information outside the EEA
Under the General Data Protection Regulation, we are required to tell you if we transfer or intend to transfer information which we hold on you to countries outside the European Economic Area (“EEA”). We currently do not transfer such information outside the EEA.
Visitors to our website
When someone visits www.qmenta.com we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Other websites which provide information about cookies and allow you to manage your privacy can be found at www.aboutads.info or optout.networkadvertising.org for US-based users and www.youronlinechoices.eu for users in the EU.
Security and performance
QMENTA uses a third party service to help maintain the security and performance of the Site.
We respect your information and have put in place measures to ensure the security of the information we collect and store about you. We are committed to protecting your personal data from unauthorised disclosure and/or access including through the use of network and database security measures (though these cannot always guarantee the security of any data which is collected and stored).
Internet based transfers
Given that the Internet is a global environment, using the Internet to collect and process personal data necessarily involves the transmission of data on an international basis. Unfortunately the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site via third party networks; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Links to other websites
Our site may contain links to websites of other third parties. If you follow a link to any of these other websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or for these third party websites. This privacy notice does not cover the links within these sites linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Your rights on the information we hold about you
You have certain rights in relation to personal information we hold about you. Details of these rights and how to exercise them are set out below. We will require evidence of your identity before we are able to act on your request.
Right of Access
You have the right at any time to ask us for a copy of the personal information about you that we hold. Where we have good reason, and if the GDPR permits, we can refuse your request for a copy of your personal information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reasons for doing so.
Right of Rectification
If personal information we hold about you is not accurate, out of date or incomplete, you have a right to have the data rectified, updated or completed. You can let us know by contacting us.
Right of Erasure
In certain circumstances, you have the right to request that personal information we hold about you is erased e.g. if the information is no longer necessary for the purposes for which it was collected or processed or our processing of the information is based on your consent and there are no other legal grounds on which we may process the information.
Right to object to or restrict processing
In certain circumstances, you have the right to object to our processing of your personal information by contacting us. For example, if we are processing your information on the basis of our legitimate interests and there are no compelling legitimate grounds for our processing which override your rights and interests. You also have the right to object to use of your personal information for direct marketing purposes.
You may also have the right to restrict our use of your personal information, such as in circumstances where you have challenged the accuracy of the information and during the period where we are verifying its accuracy.
Right of Data Portability
In certain instances, you have a right to receive any personal information that we hold about you in a structured, commonly used and machine-readable format.
You can ask us to transmit that information to you or directly to a third party organisation.
The above right exists only in respect of personal information that:
- you have provided to us previously; and
- is processed by us using automated means.
While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third party organisation’s systems. We are also unable to comply with requests that relate to personal information of others without their consent.
You can exercise any of the above rights by contacting us at firstname.lastname@example.org
To the extent that we are processing your personal information based on your consent, you have the right to withdraw your consent at any time. You can do this by using the details in the Contact Us section below.
Most of the above rights are subject to limitations and exceptions. We will provide reasons if we are unable to comply with any request for the exercise of your rights.
If you are unhappy about our use of your personal information, you can contact us using the details in the Contact Us section below. You are also entitled to lodge a complaint with the Spanish Data Protection Agency using any of the below contact methods:
Telephone: +34 901 100 099
Post: C/Jorge Juan, 6, 28001 Madrid, Spain. / +34 91 266 35 17.
If you live or work outside Spain or you have a complaint concerning our activities outside the Spain, you may prefer to lodge a complaint with a different supervisory authority.
Further Information on Data Protection and Personal Privacy
If you have any enquiries or if you would like to contact us about our processing of your personal information, including to exercise your rights as outlined above, please contact us centrally by any of the methods below.
When you contact us, we will ask you to verify your identity.