MadBenefits

Privacy Policy

1. Introduction

Your privacy is important to us. This Privacy Policy explains how Investin Vision Ltd (“MadBenefits”) collects, uses, and protects your personal data when you use our mobile application (“App”) and website (“Website”). We are committed to processing your data in compliance with the General Data Protection Regulation (GDPR) and other applicable privacy regulations.

  • Legal Name: Investin Vision Ltd
  • DBA Name: MadBenefits
  • Registered Address: Agias Zonis, 1, NICOLAOU PENTADROMOS CENTER, 4th floor, Flat/Office 406, 3026, Limassol, Cyprus
  • Registration Number: HE 426354
  • Contact Information: support@madbenefits.com

By accessing our services, you agree to this Privacy Policy. If you do not agree, please discontinue use.

2. Definitions

  • “Personal Data”: Any information relating to an identified or identifiable individual.
  • “Processing”: Any operation performed on personal data (e.g., collection, storage, sharing).
  • “Data Controller”: The entity that determines the purposes and means of processing personal data.
  • “Data Processor”: The entity that processes data on behalf of the data controller.

3. Personal Data We Collect

We collect personal data to provide and improve our services. This includes:

A. Information You Provide

  • Registration Data: Full name, email address, password (encrypted and not accessible to MadBenefits), company affiliation, age group, city, and gender. This information is essential for verifying eligibility and tailoring offers.
  • Account Data: Preferences, settings, and profile information configured within the app, such as favorite merchants and preferred notification settings.
  • User Communications: Messages sent to our support team, feedback submitted via surveys, merchant reviews, and responses to promotional events.

B. Data Collected Automatically

  • Usage Data: Merchant searches, QR code scans, clicks, favorites, and interactions with app features (e.g., offer browsing duration and redemption timestamps).
  • Device Data: IP address, browser type, operating system, device type, screen resolution, unique device identifiers, and crash reports.
  • Location Data: City-level location provided during registration or through manual app settings. GPS data is used solely to display nearby merchants to the user. Providing location access is optional, and this information is not stored or retained.

We collect this data to ensure a personalized experience, monitor service performance, and provide relevant offers tailored to user preferences.

4. Purpose of Data Collection

We process your personal data for the following purposes:

1. Service Provision

  • Verifying and authenticating your account for secure access.
  • Providing access to exclusive discounts and offers based on your preferences.
  • Personalizing the user experience by tailoring content, location-specific offers, and recommendations.

2. Analytics and Service Improvements

  • Monitoring app performance (e.g., load times, feature usage).
  • Understanding user behavior and engagement trends to enhance user experience.
  • Conducting research and diagnostics to fix errors and improve stability.

3. Communication

  • Sending essential account-related notifications (e.g., verification emails, updates to terms).
  • Responding to user inquiries and support requests.
  • Sending promotional offers, rewards, and event invitations, with user consent.

4. Legal and Regulatory Compliance

  • Complying with applicable laws and regulatory obligations (e.g., GDPR, financial regulations).
  • Responding to lawful requests from regulatory authorities.
  • Enforcing our Terms and Conditions, investigating security breaches, and protecting against fraudulent activities.

5. Legal Basis for Processing

Our processing of personal data is carried out based on the following legal grounds:

1. Performance of a Contract

We process your personal data as necessary to provide the services you requested, such as user authentication, discount access, and app functionality.

2. Legitimate Interests

We process your data to improve and secure our services, analyze usage patterns, and provide personalized content, provided this does not override your fundamental rights and freedoms.

3. Consent

For activities such as sending marketing communications, promotional offers, or optional surveys, we seek your explicit consent. You may withdraw consent at any time.

4. Legal Obligation

We process your data when required to comply with legal and regulatory obligations, such as tax laws, anti-fraud requirements, and responding to legal requests from authorities.

6. Data Sharing and Recipients

We do not sell your personal data. However, we may share it under specific circumstances to enhance our services and comply with legal obligations.

  • Third-Party Service Providers: For hosting, analytics, and app performance monitoring.
  • Regulatory Authorities: We may share data if legally required or to comply with court orders, law enforcement requests, or regulatory mandates.
  • Corporate Transactions: In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the new entity, with appropriate notice and user rights maintained.

7. International Data Transfers

We work with third-party service providers that may process personal data outside the EU/EEA. In such cases, we ensure that your data remains protected by implementing appropriate safeguards, including:

  1. Standard Contractual Clauses (SCCs): Legal agreements ensuring that data transfers meet EU data protection standards.
  2. Adequacy Decisions: Transfers to countries recognized by the EU as offering an adequate level of data protection.
  3. Technical Safeguards: Encryption, secure data transfer protocols, and regular compliance reviews.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy. Our retention periods include:

  1. Account Data: Retained while your account remains active to provide continuous service.
  2. Usage Data: Retained for analytical purposes to improve service performance and user experience.
  3. Legal Obligations: Some data may be retained longer to comply with legal and regulatory requirements (e.g., tax regulations, fraud prevention).

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

  1. Right to Access: Request a copy of your personal data.
  2. Right to Rectification: Request correction of inaccurate data.
  3. Right to Erasure (Right to be Forgotten): Request deletion of your data.
  4. Right to Restriction: Request limited use of your data.
  5. Right to Data Portability: Request your data in a structured, commonly used format.
  6. Right to Object: Object to the processing of your data for direct marketing or legitimate interests.
  7. Right to Withdraw Consent: Withdraw consent where data processing is based on your consent.
  8. Right to Lodge a Complaint: File a complaint with the Office of the Commissioner for Personal Data Protection in Cyprus or your local supervisory authority.

To exercise your rights, contact us at support@madbenefits.com.

10. Data Security

We implement robust technical and organizational measures to secure your personal data and protect it from unauthorized access, loss, or misuse. Our security framework includes:

  • Encryption: Ensuring data is encrypted both in transit (e.g., during data transfers) and at rest (e.g., when stored in databases).
  • Access Controls: Restricting data access to authorized personnel only, based on the principle of least privilege.
  • Monitoring and Auditing: Conducting regular security audits, vulnerability assessments, and compliance checks to uphold data protection standards.

11. Data Breach Notification

We are committed to transparency and user protection in the event of a data breach. If a breach occurs that may impact your rights and freedoms, we will:

  1. User Notification: Inform affected users promptly, providing details of the breach, the potential impact, and recommended protective steps.
  2. Regulatory Notification: Report the incident to the relevant Data Protection Authority (e.g., Cyprus Data Protection Commissioner) within the legally required timeframe.
  3. Mitigation Measures: Implement immediate containment and remediation steps, followed by a full investigation to prevent future incidents.

12. Cookies and Tracking Technologies

Our website uses cookies to enhance user experience and analyze website traffic. The types of cookies we use include:

  1. Strictly Necessary Cookies: Essential for core website functionality, such as secure logins and navigating secure pages.
  2. Performance Cookies: Track user interactions to understand website usage and improve performance.
  3. Functionality Cookies: Remember user preferences to personalize content and simplify future visits.
  4. Advertising Cookies: Display relevant advertisements based on browsing behavior and interactions.

Users can manage their cookie preferences through the cookie banner, adjusting settings for non-essential cookies according to their preferences.

13. Children’s Privacy

Our services are exclusively intended for employees of participating companies and organizations who are aged 18 and older. The app is not available to individuals who are not part of these organizations.

We do not knowingly collect data from individuals under 18. If we discover that a minor has registered for our services, we will take immediate steps to delete the information.

Parents and guardians are encouraged to contact us at support@madbenefits.com if they believe their child has mistakenly provided personal data.

14. Corporate Restructuring

In the event of mergers, acquisitions, corporate reorganizations, or sales of assets, your personal data may be transferred to the new entity to ensure the continuity of services.

  • Notification: Users will be informed of such changes via email, the app, or the website.
  • User Rights: You will be given the opportunity to manage your data, including options to request data deletion or review how the new entity will use your information.

We remain committed to protecting your data throughout any corporate transition.

15. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our services, legal requirements, or industry best practices.

  • Notification: Significant changes will be communicated through the app, website, or email.
  • User Review: Users are encouraged to review the Privacy Policy regularly to stay informed.
  • Acceptance of Updates: Continued use of our services after updates have been made constitutes your acceptance of the revised Privacy Policy.

For any questions regarding updates, users can contact us at support@madbenefits.com

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, you can contact us electronically at:

We encourage you to reach out if you need assistance with privacy-related matters, and we are committed to responding promptly and transparently to all inquiries. We prioritize electronic communication for timely and transparent responses to all privacy-related inquiries.