Personal Data Policy
Privacy Policy
European Economic Area
Last update: 05/22/2026, Version 5.0
Who are we and how can you contact us?
This privacy notice aims at giving you information on how your personal data are processed by Maestra B.V. In this notice, we refer to ourselves as ‘we’, ‘us’ and ‘our’.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us using:
• Email: dpo@maestra.io
The policy extends to:
• Our email
• Our product
• Our website
What data, for what purposes, on what basis, and for how long do we process?
A. Processing where we act as a Controller
1. Sales
| Purpose | Legal ground | Data | Storage period | Data recipients |
|---|---|---|---|---|
| Collecting data from potential clients through a web-site form | Contract
If you choose not to give your data, we won't be able to receive your request for additional information |
Name Company name Phone number |
90 days from the date of data collection | Maestra DigitalOcean LLC HubSpot Inc. Slack Technologies, LLC |
| Communication with a potential client (application processing, recommendations) | Contract
If you choose not to give your data, we won't be able to contact you |
Name Company name Phone number Communication history (including emails' content) Recording of video calls Run-downs of video calls |
1 year after the last communication | Maestra Google LLC Hubspot Inc. |
| Secondary communication with leads who have rejected | Legitimate interest to provide the potentially interested person with information on our services | Name Company name Phone number Communication history (including emails' content) Recording of video calls Run-downs of video calls |
1 year after the last communication | Maestra Google LLC Hubspot Inc. Sybill Inc. |
| Manage clients' complaints | Contract
If you choose not to give your data, we won't be able to solve your problem related to our services |
Full name Complaint Position of an employee |
Until the resolution of the problem + 6 months after for possible following questions + 5 years in case of legal claims | Maestra Slack Technologies, LLC |
| Communicate developments / updates / sales and discounts to prospective / former clients | Legitimate interest to provide the potentially interested person with information on our services | 1 year after the last communication | Maestra Google LLC Hubspot Inc. |
|
| Train sales managers with the help of scripts made during calls with clients | Legitimate interest to ensure high quality of our services | Name Company name Run-downs of video calls |
1 year after the termination of a contract | Maestra Sybill Inc. Hubspot Inc. |
| Assess a sales manager on the basis of the script made during a call with a client | Legitimate interest to ensure high quality of our services | Name Company name Run-downs of video calls Position of an employee |
3 months after the respective call | Maestra Sybill Inc. Hubspot Inc. |
| Allocation of bonuses based on sales results (clients) | Legitimate interest to ensure the quality of our services | Name Company name Internal ID |
1.5 years after conclusion / prolongation of the contract with the client | Maestra Google LLC Xero Limited |
2. Contract conclusion, payment processing and reporting
| Purpose | Legal ground | Data | Storage period | Data recipients |
|---|---|---|---|---|
| Invoicing and managing accounts receivable | Contract
If you choose not to give your data, your receivable account will not be managed |
Full name (legal) Payment amount Status of payment Company name Date Cardholder's name Bank card hash |
As long as it is needed for accounting or tax purposes according to applicable law | Maestra Xero Limited Google LLC Business Express Technologies Inc |
| Manage accounts payable | Contract
If you choose not to give your data, your payable account will not be managed |
Full name (legal) Payment amount Status of payment Company name Date |
As long as it is needed for accounting or tax purposes according to applicable law | Maestra Xero Limited Google LLC |
| Data storage for reporting (accounting) | Legal obligation
If you object to this processing, we will still be obliged to conduct it. Otherwise, we will be in breach of national legislation. |
Full name (legal) Phone number Position of an employee Company name Signature |
As long as it is needed for accounting or tax purposes | Maestra Hubspot Inc. Xero Limited Google LLC |
| Conduct Internal Audits (also with the help of third-party consultants) | Legitimate interest to meet legal obligations, ensuring company health, preparing for potential partnerships and responding to vendor requests | Full name (legal) Audit report Position of an employee Company name Any other personal data needed to conduct an audit Communication with an auditor |
As long as it is needed for legal purposes | Auditor |
| Conclude a contract with clients | Contract
If you choose not to give your data, you will not be able to enter into contract with us |
Full name (legal) Phone number Position of an employee Company name Signature Payment amount |
2 years after the termination of a contract | Maestra HubSpot Inc. Google LLC DocuSign Inc. |
| Reinvoicing of expenses on sending SMS messages | Contract
If you choose not to give your data, we will not have an opportunity to reinvoice the expenses |
Company name Payment amount |
As long as it is needed for accounting or tax purposes | Maestra Xero Limited |
| Advising the client (also prospective client) as to the payment plan | Contract
If you choose not to give your data, we will not be able to help you choose the best payment option |
Name Company name |
Until contract end or refusal + 2 years | Maestra Google LLC |
3. Security
| Purpose | Legal ground | Data | Storage period | Data recipients |
|---|---|---|---|---|
| Investigate security incidents | Legitimate interest to maintain security of our product | Username Access level Internal ID (employee) Event data (login, wrong password, project change) Logs data Maestra ID (customer) |
Until resolution of the problem | — |
| Block of the account in case of 5 failed attempts to enter the password | Legitimate interest to maintain security of our product | Name Username Access level Event data (login, wrong password, project change) Internal ID Position of an employee Logs data |
Until resolution of the problem | Maestra Amazon Web Services, Inc. |
4. Project Maintenance
| Purpose | Legal ground | Data | Storage period | Data recipients |
|---|---|---|---|---|
| Offer access to a demo of the Maestra service | Contract
If you choose not to give your data, you will not get access to demo version |
Name Phone number Company name Position of an employee |
30 days after demo ends | Maestra Hubspot Inc. |
| Create a new project (client-owner account) | Contract
If you choose not to give your data, you will not be registered in our system |
Login Company name Name Internal ID |
Duration of contract + 6 months | Maestra Amazon Web Services, Inc. |
| To manage clients' subscription | Contract
If you choose not to give your data, we will not be able to change the modules you are subscribed to |
Company name Selected modules Internal ID |
Duration of contract + 6 months | Maestra Amazon Web Services, Inc. |
| Product support to clients (handling requests, consulting on Maestra system, project support, assistance in building filters in Maestra system for mailing lists) | Contract
If you choose not to give your data, we will not be able to provide you support |
Name Request Company name Ticket ID |
Duration of contract + 6 months | Maestra Google LLC Intercom, Inc. 37signals LLC Slack Technologies, LLC |
| Schedule appointments and send reminders | Contract
If you choose not to give your data, you will not be able to have a meeting with us |
Recording of the meeting if requested Name Company name |
1 year after the last communication | Maestra Google LLC Zoom Video Communications, Inc. |
| Communicate developments / updates to clients | Legitimate interest to keep our clients updated on the product features / Art. 13.2 ePrivacy Directive | Until the termination of a contract | Maestra Google LLC Hubspot Inc. |
|
| Troubleshoot bugs | Legitimate interest to keep our products working with as minimal bugs and delays as possible | All CDP data that are necessary for troubleshooting | Until the termination of a contract + 6 months | Maestra Amazon Web Services, Inc. |
| Creating backups | Legitimate interest to keep our products working despite any malfunction or deletion of data | Any personal data | Half a year | Maestra Amazon Web Services, Inc. |
| Copying data to internal storage for further use (client reports) | Legitimate interest to keep providing accurate reports with historical data | All CDP data | Until the termination of a contract | Maestra Amazon Web Services, Inc. |
| Integration of Maestra system with testing environment | Legitimate interest to ensure the quality of our services | Client's database | 30 days after the termination of a contract | Maestra Amazon Web Services, Inc. |
5. Marketing
| Purpose | Legal ground | Data | Storage period | Data recipients |
|---|---|---|---|---|
| Track online behavior (websites) | Consent | IP address Location (country or town) OS type and version Browser type and version Type of device and its display resolution Traffic source for the visitor OS and browser language Which buttons are being clicked What pages are being opened |
From 6 hours to 1 year 1 month according to the respective cookie retention period according to the Cookie Policy | Maestra Google LLC Meta Platforms, Inc. LinkedIn Corporation Hubspot Inc. DigitalOcean, LLC |
| Obtain and publish clients' feedback | Consent | Name Company name Position of an employee Photo Success story LinkedIn profile |
Until you withdraw consent or 3 years | Maestra Digital Ocean LLC Google LLC |
6. Machine Learning
| Purpose | Legal ground | Data | Storage period | Data recipients |
|---|---|---|---|---|
| AI-assistant service (Maestra algorithm helps the Client to use Maestra system) | Legitimate interest to raise effectiveness and usefulness of Maestra services for the clients | Internal ID Actions taken within the account All CDP data |
Until the termination of a contract | Maestra Amazon Web Services, Inc. OpenRouter, Inc |
| Copying data to the internal storage for further use (analytics for internal needs and development) | Legitimate interest to perform analytics, improve CDP, raise effectiveness and usefulness of Maestra services for the clients | All CDP data | Until the termination of a contract | Maestra Amazon Web Services, Inc. OpenRouter, Inc |
B. Processing where we act as a Processor (Maestra software)
We process data on behalf of the client and act as a processor in the following processings.
1. Client profile maintenance
| Purpose | Data | Data recipients |
|---|---|---|
| Creating a client's employee account in the system | Login Password Internal ID (employee) Name Phone number Role |
Maestra Amazon Web Services, Inc. |
| Logging all logins and actions in the Client's account | Login Time of the login Internal ID (employee) Actions with client's data (editing, deletion, merging of the profiles etc.) Logs data |
Amazon Web Services, Inc. |
| Authorization of user (client's employee or representative) in the system | Login Password Phone number Internal ID (employee) Event data (login, wrong password, project change) |
Amazon Web Services, Inc. Google LLC |
| Client's management of access roles and settings for the client's employees | Login Access level Internal ID |
Amazon Web Services, Inc. Google LLC |
| Product support to clients (if assistance with personal data of the client's customers is needed) | Customers' data Maestra ID (customer) |
37signals LLC Google LLC Intercom, Inc. Slack Technologies, LLC |
2. Collecting and sharing personal data of client's customers
| Purpose | Data | Data recipients |
|---|---|---|
| Merging customer profiles of the same person | Name Phone number IP address Sex Date of birth Type of device and its display resolution Additional info Extra fields added by client Browser type and version Location (country or town) App ID Web ID Maestra ID (customer) Registration date |
Amazon Web Services, Inc. |
| Saving the history of customer's actions on client's website, interactions with mailing lists etc. (actions) | What pages are being opened Which buttons are being clicked Whether the emails have been read (opening rate) Orders history Product lists Information about the loyalty program Maestra ID (customer) Information about the lead form where the request was left Whether the customer is logged in to the site Loyalty card activation Bonuses accrual Viewing product categories Viewing product Subscription status Other actions Logs data |
Amazon Web Services, Inc. |
| Creating a customer profile in the system | Maestra ID (customer) Name Login Access level Internal ID Phone number IP address Sex Date of birth Type of device and its display resolution Additional info (from the comments field) Extra fields added by client Browser type and version Location (country or town) Registration date App ID Web ID |
Maestra Amazon Web Services, Inc. Webhook provider (if relevant) |
| Segmentation of customers for further marketing activities (by behavior, purchases, and other personal data) | Segment Maestra ID (customer) Phone number IP address Sex Age What pages are being opened Which buttons are being clicked Whether the emails have been read (opening rate) Orders history Product lists Information about the loyalty program Whether the customer is logged in to the site Loyalty card activation Bonuses accrual Viewing product categories Viewing product Subscription status Other actions Device UUID Location (country or town) |
Amazon Web Services, Inc. |
| Building and starting communication scenarios (chains of actions that trigger certain reactions like emails, messages, promo codes etc.) | Behavioral trigger Maestra ID Phone number |
Amazon Web Services, Inc. |
| Collecting potential customer's contact data when they fill in a lead form on the client's website | Name Company name Phone number Information about the lead form where the request was left Maestra ID |
Amazon Web Services, Inc. |
| Setting up loyalty programs | Maestra ID (customer) Information about the loyalty program |
Amazon Web Services, Inc. |
| Uploading data of the client's customers to the client's system | Client's database | Amazon Web Services, Inc. |
| Integration with third-party services for data collection (clients connect services they are using for collection of customers' data on orders, website usage etc. to Maestra software to operate these databases) | Client's database Maestra ID (customer) |
Amazon Web Services, Inc. Clients' third-party service providers |
| Transfer of personal data of the client's customer to an AI agent (third-party service) chosen and connected by the client | Maestra ID (customer) Segment Age What pages are being opened Which buttons are being clicked Whether the emails have been read (opening rate) Orders history Product lists Interactions Information about the loyalty program Other actions |
Amazon Web Services, Inc. Clients' third-party AI agent |
3. Newsletters and push-notifications
| Purpose | Data | Data recipients |
|---|---|---|
| Email newsletter | Segment Subscription status Behavioral trigger Order/delivery status Name Date of birth Maestra ID (customer) Sex |
Amazon Web Services, Inc. |
| SMS newsletter | Segment Phone number Subscription status Maestra ID (customer) |
Amazon Web Services, Inc. SMS newsletters providers Mobile operators |
| Sending mobile push-notifications | Segment Subscription status Filter indicated by the client Clicks on the push Device settings concerning sending mobile pushes Sender ID ID of the project in the firebase Secret key Tracker (configuration of parameters of service worker and firebase) Device settings considering sending mobile pushes Maestra ID (customer) |
Amazon Web Services, Inc. Apple Push Notifications Push Kit (Huawei) Firebase Cloud Messaging (Google LLC) |
| Sending web push-notifications | Segment Subscription status Filter indicated by the client Clicks on the push Whether the browser allows to send push Token (if the browser allows to send push) Sender ID ID of the project in the firebase Secret key Tracker (configuration of parameters of service worker and firebase) Maestra ID (customer) |
Amazon Web Services, Inc. Google LLC |
| Sending Viber newsletter | Segment Phone number Subscription status Filter indicated by the client Maestra ID (customer) |
Amazon Web Services, Inc. Viber Media S.à.r.l. |
| Integration with advertising tools | Client's database Segment Phone number Sex Date of birth Surname Name Region City Index Maestra ID (customer) |
Amazon Web Services, Inc. Meta Platforms, Inc. Google LLC Albato Limited |
4. Personalisation
| Purpose | Data | Data recipients |
|---|---|---|
| Sending marketing messages on the basis of the customer's location | Segment Maestra ID (customer) Advertising ID Location (city or town) |
Amazon Web Services, Inc. |
| Customization of popups, banners, embeddings and widgets | Segment Name Subscription status UTM-tags URL from which new lead was obtained Domain City City ID Date and time of creation Number of purchases Orders history History of client's interaction with products, newsletters, etc. Time spent on the website Bonuses accrual Phone number Promocode History of website visits Type of device and its display resolution Commentaries left in the form Items in the shopping bag Traffic source for the visitor Actions on the website page |
Amazon Web Services, Inc. |
| Setting up lookalike marketing on the basis of the client's loyal audience | Segment Information about the loyalty program Maestra ID (customer) Loyalty card activation |
Amazon Web Services, Inc. Meta Platforms, Inc. Google LLC |
| Finding lookalike audiences in relation to the products they buy | Behaviour of similar clients History of client's interaction with products, newsletters, etc. Maestra ID (customer) |
Amazon Web Services, Inc. Meta Platforms, Inc. Google LLC |
| Setting up audiences for advertising tools | Segment Client's database Maestra ID (customer) Advertising ID |
Amazon Web Services, Inc. Meta Platforms, Inc. Google LLC Albato Limited |
| Automatic update of data used for advertising tools | Segment Client's database Maestra ID (customer) Advertising ID |
Amazon Web Services, Inc. Meta Platforms, Inc. Google LLC Albato Limited |
| Targeting by personal data and behavior on the site | Segment Maestra ID (customer) Phone number IP address Sex Age What pages are being opened Which buttons are being clicked Whether the emails have been read (opening rate) Orders history Product lists Information about the loyalty program Other actions |
Amazon Web Services, Inc. Meta Platforms, Inc. Google LLC |
5. Reports generation
| Purpose | Data | Data recipients |
|---|---|---|
| Advertising campaign analytics and report generation (conversion, advertising effectiveness measurement) | What pages are being opened Which buttons are being clicked Whether the emails have been read (opening rate) Maestra ID (customer) Logs data Other actions Advertising ID Date of birth Sex Phone number Location (country or town) |
Amazon Web Services, Inc. Meta Platforms, Inc. Google LLC |
| Generating reports on newsletters | Clicks on the newsletter Openings of the newsletter Name of the newsletter Newsletter campaign Newsletter channel Newsletter type Tag Brand Conversions Unsubscriptions Revenue Orders Maestra ID (customer) |
Amazon Web Services, Inc. |
| Generating reports on customers | Subscription status Brand Date of subscription Whether client is registered on the chosen channel Average Open rate Average Click rate Orders history Age Sex Region Segment Viewing product Viewing product categories Information about the loyalty program |
Microsoft Corporation LLC Amazon Web Services, Inc. |
| Generating a report on billing actions | Client's billing actions Date of actions Client's database |
Amazon Web Services, Inc. |
Where did we get your data from?
Browser
Your internet browser (such as Mozilla Firefox, Google Chrome, or Microsoft Edge) automatically transmits some information to us every time you access content on one of our internet domains. Examples of such information include the URL of the particular Web page you visited, the IP (Internet Protocol) address of the computer you are using, or the browser version that you are using to access the website.
Our client
Our clients (the company you have direct contact with as a customer) can upload their databases to our system, which will create a profile of you as a client's customer. The client should inform you about that in their privacy notice. The same applies if our client is your employer or the company you represent.
Directly from you
We may obtain personal data directly from you, e.g. when you contact us or when our cookies are enabled on the clients' websites.
Cross-border transfer
We transfer certain personal data processed to recipients located outside of the European Economic Area. Please check this section for more information about data recipients.
Maestra
Maestra (the U.S. entity) registers part of the information systems in its own name and therefore acts as a processor (if the controller is a Dutch company) or as a sub-processor (if the controller is the client).
Maestra works in accordance with this Privacy Policy. The relevant agreements are used to ensure that your personal data are properly protected.
Xero Ltd
Xero is an accounting software. The recipient is located in New Zealand, which is considered by European Data Protection Board to provide adequate level of data protection. Relevant Privacy Policy.
Digital Ocean LLC
The recipient is a cloud provider that can host websites, apps and data using services (IaaS). Digital Ocean is located in the USA. Relevant Privacy Policy. Digital Ocean participates in Data Privacy Framework which ensures an adequate level of protection of your personal data.
Google LLC
The services for internal data storage and communications are provided by Google LLC. Address: Google LLC, Google Data Protection Office, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. Relevant privacy policy. Google participates in Data Privacy Framework which ensures an adequate level of protection of your personal data.
DocuSign Inc.
We use DocuSign in order to sign the agreements with customers electronically. Address: 221 Main St., Suite 1000 San Francisco, USA. Relevant privacy policy. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to ensure that they are properly protected.
Atlassian Pty Ltd
To manage the tasks within our team, we use such tools as Trello
and Slack. Some of your personal information (such as support request) may be processed within these tools. Relevant privacy policy. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to ensure that they are properly protected.
37signals LLC
We use Basecamp provided by 37signals LLC located in the USA to manage our projects. Relevant privacy policy. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to ensure that they are properly protected.
Slack Technologies, LLC
We use Slack provided by Slack Technologies, LLC located in the USA to communicate internally and with our clients. Relevant privacy policy. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to ensure that they are properly protected.
Zoom Video Communications, Inc.
The video conference calls services are provided by Zoom Video Communications, Inc. Address: 55 Almaden Boulevard, 6 th Floor, San Jose, California 95113, USA. Relevant privacy policy of Zoom. Zoom participates in Data Privacy Framework which ensures an adequate level of protection of your personal data.
LinkedIn Corporation
The marketing services are provided by Linkedin Corporation. Address: 1000 West Maude Avenue Sunnyvale, CA 94085, USA. Relevant privacy policy of Linkedin. LinkedIn participates in Data Privacy Framework which ensures an adequate level of protection of your personal data.
Sybill Inc.
The Sybill Inc. provides our Sales team with a tool for analysing calls. Address: 2483 Old Middlefield Way, Mountain View, California, 94043, USA. Relevant privacy policy. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to ensure that they are properly protected.
Business Express Technologies Inc.
UCollect is a software which automates the collection of invoices. It is provided by Business Express Technologies Inc, 55 Albert Street, Suite 105 Markham, ON L3P 2T4 Canada. The recipient is located in Canada, which is considered by European Data Protection Board to provide adequate level of data protection. Relevant Privacy Policy.
OpenRouter, Inc.
We use OpenRouter, a platform to access AI models through a unified API, provided by OpenRouter, Inc. located in the USA to manage our clients. Relevant privacy policy. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to ensure that they are properly protected.
Amazon Web Services, Inc.
Amazon provides could services called «Amazon Web Services» where we store customer’s data. Relevant privacy policy. Amazon Web Service, Inc. is located in the United Staes of America and an active member of the Data Privacy Framework, enjoying an adequacy decision of the European Commission. Maestra B.V. bases its transfer of personal data to Amazon Web Services, Inc. on Article 45 of the GDPR.
Meta Platforms, Inc.
The marketing services are provided by Meta Platforms, Inc. Relevant privacy policy. Meta Platforms participates in Data Privacy Framework which ensures an adequate level of protection of your personal data.
HubSpot Inc.
The services for storing customer databases for sales and marketing purposes, communications are provided by HubSpot Inc., the U.S. Relevant privacy policy. HubSpot participates in Data Privacy Framework which ensures an adequate level of protection of your personal data.
Infobip
Infobip provides global mobile messaging and infrastructure services for enterprice business communication. Relevant privacy policy. The recipient is located in the United Kingdom, which is considered by European Data Protection Board to provide adequate level of data protection.
Apple
If you are Maestra Customer and your clients use iPhone, when Maestra send mobile push notification to them, Apple Push Notification service (APNs) receives your clients’ data. Relevant privacy policy. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to ensure that they are properly protected.
Push Kit
If you are Maestra customer and your clients use Huawei phone, when Maestra send mobile push notification to them, Push Kit, operated by Huawei receives your clients’ data. Relevant privacy policy. Unfortunately, the country of data recipient doesn’t ensure an adequate level of protection of your personal data. Standard Contractual Clauses are used to transfer your data to ensure that they are properly protected.
Firebase Cloud Messaging
If you are Maestra customer and your clients use Andriod phone, when Maestra send mobile push notification to them, Firebase Cloud Messaging, operated by Google LLC receives your clients’ data. Relevant privacy policy. Google participates in Data Privacy Framework which ensures an adequate level of protection of your personal data.
Mobile operators
When we send SMS newsletters, some personal information may be collected by mobile operators. The client chooses which mobile operator will be operating the processing.
SMS newsletter providers
When we send SMS newsletters, the client may refer to the services of SMS newsletter providers and choose the appropriate one.
Automated decisions
Our client can activate the module based on machine learning. How it works: we collect data on which tools you use and suggest other options that may also be useful to you. The system only proposes and recommends measures while the final decision is made by a human.
You may request information about the Legitimate Interest Assessment on such processing.
Your rights
Request information about the processing of your personal data
Obtain access to the personal data held about you
Under Article 15 of the GDPR, individuals have a right of access that gives them the right to obtain a copy of their personal data, as well as other supplementary information. It helps individuals to understand how and why companies are using their data and check the lawfulness of the processing.
Ask for incorrect, inaccurate or incomplete personal data to be corrected
Under Article 16 of the GDPR, individuals have the right to have inaccurate personal data rectified. An individual may also be able to have incomplete personal data completed – although this will depend on the purposes for the processing.
Request that personal data be erased when they are no longer needed or if processing is unlawful
Under Article 17 of the GDPR, individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.
Request the restriction of the processing of your personal data in specific cases
Article 18 of the GDPR gives individuals the right to restrict the processing of their personal data in certain circumstances. This means that an individual can limit the way that an organization uses their data. This is an alternative to requesting the erasure of their data.
Receive your personal data in a machine-readable format and send them to another controller (‘data portability’)
Under Article 20 of the GDPR, individuals have the right to data portability that gives individuals the right to receive personal data they have provided to a controller in a structured, commonly used and machine readable format. It also gives them the right to request that a controller transmits those data directly to another controller.
Object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation
Article 21 of the GDPR gives individuals the right to object to the processing of their personal data at any time. This effectively allows individuals to stop or prevent you from processing their personal data.
Request that decisions based on automated processing are made by natural persons
You also have the right to express your point of view and to challenge the decision concerning you or significantly affecting you and based on your personal data.
Withdraw your consent at any time
If we process your data based on your consent, you have the right to withdraw your consent at any time. If you would like to exercise your right to withdraw your consent, please contact us.
Lodge a complaint with a supervisory authority
In accordance with Article 77 of the GDPR, you, as a data subject, have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or where an alleged infringement of the GDPR has taken place.
Contact us
If you have any questions about the protection of your personal data or you want to exercise any of your rights as a data subject, you can contact us by using our email: dpo@maestra.io.
Previous versions of the Privacy Policy:
Privacy Policy – Version 4.0, Last updated: 18.11.2024