Maze has two distinct roles when it comes to data processing and data privacy:
a) Maze is a vendor of software as a service (SaaS) to it business partners (clients) and will in this respect process personal data only on behalf of its clients (data controllers). Maze is then a data processor only and is instructed by its clients to handle their customers data. Any query originating from Maze handling of clients customers personal data should be directed to the client.
b) Maze is also in the marketplace to attract and acquire new clients and is responsible for the operation of www.mymaze.com, and we are a data controller with respect to the handling of this information.
Our sites may have links to other third-party sites or integration with social media. When you click onto third party links from our websites or use social media features such as «like» or «share», you should be aware that third party sites may have different privacy policies than ours. If you submit private information to these sites, your information may be governed by other practices.
2. Personal data we collect
Personal data is information that can be used to identify an individual person. This information includes your name, location, phone number, IP-address, e-mail or a combination of these. When you use our digital services, the following information is collected:
Information provided by you
Maze will collect the information you provide when you register with us, and other information that you voluntarily submit. For instance, when you visit www.mymaze.com as a prospective or existing client, and provide contact information or other personal data.
Information we collect when you use our services
Maze will collect information when you use our digital services. This may include your IP- address, browser type, internet service provider, network, time and date stamp, clickstream data etc. We also collect information about the use and traffic on our websites, such as the number of log-ins and users, the accessed content, and use and navigation patterns. When you subscribe to newsletters, we will also collect information regarding the e-mailed newsletters you open, your e-mail provider, your location when opening the letters, and what you click on. We use website visitor tracking software for marketing and sales purposes which is tracking when individuals from a particular company have visited our website.
Information we collect from others
Maze will collect information from social media regarding content from our sites. This may include the personal information of those who share, like and comment on such content.
3. Processing or your personal data
Maze will process personal data only when there is a legal basis and a defined purpose. Maze will process personal data for the following purposes, and based on the following legal bases:
|Provision of newsletter
If you request our newsletters, we will process personal data as necessary to provide these newsletters
|Presentation of website
If you visit our website, we will process personal data as necessary to present to you our website
|The legitimate interest of being able to present our website
|Organizing events and courses
If you register for a Maze event or course, we will process personal data necessary to organise the event or course.
|Provision of support
If you ask for support when using our services we will process personal data necessary to provide this support.
|Performance of contract
|Analysing behaviour on social media
We use personal data for analyzing activity related to Maze on social media, such as who shares, likes and comments on content from our sites.
|The legitimate interest of improving our services.
4. Disclosure of personal data
Maze may disclose personal data to the subsidiaries of Maze, and to companies who provide Maze with technical or administrative services connected to the operation of our digital publications and related services. Maze will ensure compliance with legal requirements when sharing information.
When transmitting data to processors outside of the EEA, Maze will ensure that sufficient safeguards are in place, and in compliance with EU(GDPR) legislation.
Accumulated and anonymized data may be disclosed to third parties.
5. Security of personal data
Maze is committed to protecting your personal data. We have implemented a comprehensive information security management system to protect the confidentiality, integrity and availability of personal data. This system includes the assessment and management of risks, documented and applied operational procedures and routines, as well as advanced technology to detect, prevent and respond to any unauthorized access and misuse. Our practices include storing data in certified high security data centres, applying industry best practices, segregating customer data, continuously scanning and monitoring our network, and role-based access control.
For more information on security, we refer you to the Maze Security Policy, https://en.mymaze.com/maze-security-policy/
Personal information that you have submitted yourself will be stored until the relevant purpose is no longer applicable. For example, the data given when signing up for our newsletters will be stored until you unsubscribe to these newsletters, data given in relation to an event or course will be stored until such event or course is completed, and data given when asking for support will be deleted when such support has been given.
Information we collect when you use our services, such as IP-address, information about the browser etc. will be stored for no longer than 12 months.
7. Your rights
Please contact Maze if you have any questions regarding the use of your personal data. Under certain conditions, you have the right to ask us to:
- provide you with further details on how we use your personal data;
- provide you with a copy of the information that you have provided to us;
- update your personal data;
- delete any personal information that we no longer have legal grounds to process;
- provide you with your personal data in a structured, commonly used and machine- readable format or transmit the data to another controller;
- stop particular processing where this is based on legitimate interests unless our reasons for processing the information outweigh any prejudice to your data protection rights; and restrict how we use your information whilst a complaint is under investigation.
If the processing of your personal data is based on your consent, you may withdraw your consent at any time.
If you are of the opinion that Maze violates data protection law, you may lodge a complaint to the relevant regulatory authority.
9. Contact us
If you want us to update your personal information, you do not want us to send you information that you already requested, you want to opt-out of future marketing, or if you have any other questions or requests, please contact us.
10. Additional information for when Maze acts as a data processor on behalf of our clients
When Maze is a data processor, we guarantee to implement appropriate technical and organizational measures to meet legal requirements. Maze will enter a contract with the client that will specify the subject matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the controller.
Maze-Privacy-Policy v.1.4, 24 October 2022
Copyright © 2022. Maze Feedback AS. All rights reserved.