Last Updated: June 23, 2022

Talent Growth Solutions Pty Ltd (ABN 18 135 320 428) Trading as The Martec (“The Martec”) is committed to protecting and respecting your privacy.  
This policy and any other documents referred to in it sets out the basis on which any personal data (as defined in the Privacy Act 1988 (“Privacy Act”)) (the “Personal Data”) we collect from account holders or individual users or visitors to our Platform, or that is uploaded to our Platform, will be processed by us. Account holders, users and visitors of our Platform or owners of Personal Data collected by us (each, “you”) should read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it.
By providing any Personal Data to us, you consent to the collection, use, disclosure and transfer of such Personal Data in the manner and for the purposes set out below.

Your rights

The following provides a brief overview of the Australian Privacy Principles for further information please continue reading or refer to the Office of the Australian Information Commissioner's website.

• APP 1: Open and transparent management of personal information. This ensures that APP entities manage personal information in an open and transparent way. This includes having a clearly expressed and up to date privacy policy.
• APP 2: Anonymity and pseudonymity. Requires APP entities to give individuals the option of not identifying themselves, or of using a pseudonym. Limited exceptions apply.
• APP 3: Collection of solicited personal information. Outlines when an APP entity can collect personal information that is solicited. It applies higher standards to the collection of sensitive information.
• APP 4: Dealing with unsolicited personal information. Outlines how APP entities must deal with unsolicited personal information.
• APP 5: Notification of the collection of personal information. Outlines when and in what circumstances an APP entity that collects personal information must tell an individual about certain matters.
• APP 6: Use or disclosure of personal information. Outlines the circumstances in which an APP entity may use or disclose personal information that it holds.
• APP 7: Direct marketing. An organisation may only use or disclose personal information for direct marketing purposes if certain conditions are met.
• APP 8: Cross-border disclosure of personal information. Outlines the steps an APP entity must take to protect personal information before it is disclosed overseas.
• APP 9: Adoption, use or disclosure of government related identifiers. Outlines the limited circumstances when an organisation may adopt a government related identifier of an individual as its own identifier or use or disclose a government related identifier of an individual.
• APP 10: Quality of personal information. An APP entity must take reasonable steps to ensure the personal information it collects is accurate, up to date and complete. An entity must also take reasonable steps to ensure the personal information it uses or discloses is accurate, up to date, complete and relevant, having regard to the purpose of the use or disclosure.
• APP 11: Security of personal information. An APP entity must take reasonable steps to protect personal information it holds from misuse, interference, and loss, and from unauthorised access, modification or disclosure. An entity has obligations to destroy or de-identify personal information in certain circumstances.
• APP 12: Access to personal information. Outlines an APP entity’s obligations when an individual requests to be given access to personal information held about them by the entity. This includes a requirement to provide access unless a specific exception applies.
• APP 13: Correction of personal information. Outlines an APP entity’s obligations in relation to correcting the personal information it holds about individuals.

Legal basis for data processing on our website

Based on your consent: Insofar as you have given us consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent. Consent given can be revoked at any time. The revocation of consent does not affect the lawfulness of the data processed until the revocation.

For the fulfilment of contractual obligations: In some cases, the processing of your data is also carried out for the fulfilment of a contract concluded with you at your request or for the fulfilment of a pre-contractual measure, such as in the context of a service obligation towards you. Further details on the relevant data processing purposes can be found in the relevant contractual documents and conditions of participation.

Within the framework of the balancing of interests: Where necessary, we process your data to protect our legitimate interests or the legitimate interests of third parties. These are, for example:

• Assertion of legal claims and defence in legal disputes
• Ensuring stability and security.

Purposes of data processing on our website: Insofar as we process your personal data on our website, this is done for the purposes outlined below:

• Technical provision of the website and monitoring its functionality
• Statistical analysis of the use of the website

Information we may collect

We may collect and process the following data which may contain Personal Data:

• information that you provide by filling in forms including information provided at the time of registering to use our Platform, subscribing to any services provided by us, or requesting further services;
• information and data that you upload onto our Platform;
• details of transactions you carry out through our Platform;
• details of your visits to our Platform, resources that you access and actions you are working on through the Platform;
• if you contact us, a record of that correspondence; and
• responses to surveys that we send to you, although you do not have to respond to them.

IP Addresses

We may also collect and process information about your device, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our business partners. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.

Where we store your data

The Personal Data that we collect may be transferred to, and stored at, a destination outside Australia. It may also be processed by staff operating outside Australia who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your services ordered by you, the processing of your payment details and the provision of support services. By submitting any Personal Data to us, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to share the password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our Platform; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Uses made of the information

We use information held, including Personal Data, in the following manner:

• to ensure that content from our Platform is presented in the most effective manner for you and for your device;
• to provide you with information, products or services that you request from us, and to otherwise carry out our obligations arising from any contracts entered into between you and us;
• to provide you with information, products or services which we feel may interest you, where you have consented to be contacted for such purposes;
• to allow you to participate in interactive features of our service, when you choose to do so;
• to notify you about changes to our services;
• to investigate any complaints relating to the use of our Platform or any suspected unlawful activities;
• complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
• any other purposes for which you have provided the information; and
• carrying out whatever else is reasonable or related to or in connection with the above and our provision of goods and/or services to you.

Disclosure of your information

We may disclose your Personal Data to third parties:

• for the purposes of providing products or services that you request from us, fulfilling our obligations arising from any contracts entered into between you and us, processing payments in connection therewith or otherwise in connection with your use of our Platform;
• where a third party claims that any content posted or uploaded by you to our Platform constitutes a violation of their rights under Australia law, in which case we may disclose your identity to that third party;
• in the event that we sell or buy any business or assets, in which case we may disclose your Personal Data to the prospective seller or buyer of such business or assets; or
• if we or substantially all of our shares or assets are acquired by a third party, in which case Personal Data held by us about our customers will be one of the transferred assets.
  

We may also disclose your Personal Data to a governmental or regulatory body, law enforcement, or other authorities, in order to enforce our terms of use for the Platform, to cooperate with any direction, request or order from such parties or to report any suspected unlawful activity.

Consent

By providing your Personal Data to us, you consent to the collection, use and disclosure of your Data by us for the purposes set out in this privacy policy (“Purposes”). Where any Personal Data relates to a third party, you represent and warrant that the Personal Data is up-to-date, complete, and accurate and that you have obtained the third party’s prior consent for our collection, use and disclosure of their Personal Data for the Purposes. You agree that you shall promptly provide us with written evidence of such consent upon demand by us. Each use of our services by you shall constitute a fresh agreement for us to collect, use and disclose the Personal Data in accordance with this privacy policy.You may withdraw your consent and request us to stop using and/or disclosing your Personal Data for any or all of the Purposes by submitting your request to us in writing to privacy@themartec.com. Should you withdraw your consent to the collection, use or disclosure of your Personal Data, it may impact our ability to proceed with your transactions, agreements, or interactions with us. Prior to you exercising your choice to withdraw your consent, we will inform you of the consequences of the withdrawal of your consent. Please note that your withdrawal of consent will not prevent us from exercising our legal rights (including any remedies) or undertaking any steps as we may be entitled to at law.

Access and correction

The Privacy Act gives you the right to access your Personal Data. Your right of access can be exercised in accordance with the Privacy Act. Any access request may be subject to a fee of an administrative fee at our rates then in force to meet our costs in providing you with details of the information we hold about you. In the event that you wish to correct and/or update your Personal Data in our records, you may inform us in writing of the same by sending us an email at privacy@themartec.com. In certain cases, Personal Data may also be corrected or updated via the Platform.We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the Privacy Act).

Accuracy

We endeavour to ensure that all decisions involving your Personal Data are based upon accurate and timely information. However, we rely on you to disclose all relevant information to us and to inform us of any changes in your Personal Data. As such, please disclose all relevant information necessary for us to provide services to you and ensure all information submitted to us is up-to-date, complete, and accurate. Kindly inform us promptly if there are any changes in your Personal Data.

Retention

We may retain your Personal Data for at least five (5) years, or such other longer or shorter period as may be necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws. We will cease to retain your Personal Data or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the Personal Data was collected, and is no longer necessary for legal or business purposes.

Data Intermediary

Where we process your Personal Data as a data intermediary on behalf of a third party, we will process your Personal Data in accordance with the instructions of the third party and shall use it only for the purposes agreed between you and the third party. All such Personal Data will be protected and retained in accordance with this privacy policy and the terms of the Privacy Act.
We will take steps to inform the third party of any requests, complaints, or questions that you may have regarding such Personal Data.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on our Platform and, where appropriate, notified to you by e-mail.

Contact

Questions, comments and requests regarding this privacy policy are welcome and should be addressed to our Data Protection Manager at privacy@themartec.com.

Last Updated: March 16, 2023

This GDPR Compliance Statement sits in line with our Privacy Policy, is supplemental and applies to all users within the European Union that are using our services. As such The Martec proceeds with all data processing procedures (e.g., collection, processing and transmission) in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation). Nothing in this Statement is intended to contradict or limit the applicability of the information provided in our Privacy Policy.

The following provides you with an overview of the type of data collected and how it is used and passed on, the security measures we take to protect your data and how you can exercise your rights.

The Processor

The responsible entity according to Art. 24 GDPR is:

Talent Growth Solutions Pty Ltd (ABN 18 135 320 428) Trading as The Martec (hereinafter referred to as “The Martec”).

Contact

You may contact us via email privacy@themartec.com. if you:

• have any questions about this Policy Statement, 
• wish to file a complaint about a possible violation of data protection laws, 
• have any requests related to your rights, and 
• wish to access, correct incomplete, inaccurate or outdated data.

Please note that deletion of information essential to account management and services may result in termination of services provided to you.

We will make every effort to respond to your requests in the shortest possible time, and always in strict compliance with applicable law. In some cases, requests for deletion may not be honoured immediately, due to a legal obligation.

Our GDPR Principles

The Martec takes the privacy and security of individuals and their personal information very seriously. We are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles.

Our principles for processing personal information are:

• We will process all personal information fairly and lawfully.
• We will only process personal information for specified and lawful purposes.
• Where practical, we will keep personal information up to date.
• We will not keep personal information for longer than is necessary.

Your Rights

The Martec is committed to upholding and maintaining your personal rights. We operate our business in-line with the European Union’s General Data Protection Regulation and observe your rights to change or withdraw your opt-in options at any time. As part of our ongoing commitment to uphold your rights, The Martec will also extend advice on how you can issue formal complaints to relevant authorities.

First of all, we would like to inform you about your rights as a data subject. These rights are standardised in Art. 15 - 22 GDPR. This includes:

• The right to information (Art. 15 GDPR),
• The right to erasure (Art. 17 GDPR),
• The right to rectification (Art. 16 GDPR),
• The right to data portability (Art. 20 GDPR),
• The right to restriction of data processing (Art. 18 GDPR),
• The right to object to data processing (Art. 21 GDPR).

To assert these rights, please contact us. The same applies if you have questions about data processing in our company. You also have the right to lodge a complaint with a data protection supervisory authority. Please note that when you submit personal data on our website, you are giving The Martec your explicit consent that we can use that data in line with our Privacy Policy.

Our GDPR Compliance Plan

Here's an overview of our steps that we are taking to ensure compliance with GDPR at The Martec:

• We conducted a data mapping inventory and analysis of collected personal information in our systems and records.
•  We have established procedures and policies to restrict processing of personal information.
• We have updated our procedures for data breaches and incident responses.
• We have updated our company’s Data Protection Policy, Data Retention Policy, and Privacy Policy.
• We have reviewed all processing activities to identify the legal basis for processing personal information and to ensure that each basis is appropriate for the activity it relates to.

Legal Bases for Processing

The processing of your personal data may be based on the following legal grounds:

• Art. 6 (1) lit. a GDPR serves as our legal basis for processing operations where we obtain your consent for a specific processing purpose.
• Art. 6 (1) lit. b GDPR, insofar as the processing of personal data is necessary for the performance of a contract, e.g., if you purchase a product. The same applies to such processing operations that are necessary for the performance of pre-contractual measures, for example in the case of enquiries about our products or services.
• Art. 6 (1) lit. c GDPR, insofar as we are subject to a legal obligation that requires the processing of personal data, such as for the fulfilment of tax obligations.
• Art. 6 (1) lit. d GDPR in the event that vital interests of you or another natural person require the processing of personal data.
• Art. 6 (1) lit. f GDPR applies on the basis of our legitimate interests, e.g., when using service providers as part of order processing, such as shipping service providers or when carrying out statistical surveys and analyses and logging registration procedures. Our interest is directed towards the use of a user-friendly, appealing, and secure presentation as well as optimisation of our platform, which serves our business interests as well as meeting your expectations.

Duration of Storage and Routine Deletion of Personal Data

We process and store your personal data only for the period of time required to fulfil the purpose of storage or if this has been provided for, in laws or regulations. After the purpose has ceased to exist or has been fulfilled, your personal data will be deleted or blocked. 

In the case of blocking, deletion will take place as soon as legal, statutory, or contractual retention periods do not conflict with this, there is no reason to assume that deletion would impair your interests worthy of protection and deletion would not cause a disproportionately high expense due to the special nature of the storage.

Log Files

The legal basis for this data processing is Article 6 (1) sentence 1 lit. b of the GDPR, as the collection and storage of this data is necessary for the operation of the platform in order to ensure the functionality of the platform and to deliver the content of our platform correctly. 

In addition, the data serve us to optimise our platform and to ensure the security of our IT systems and the processing is based in this respect on Art. 6 (1) lit. f GDPR. For this reason, the data is stored for a maximum of 7 days as a technical precaution.

We also use this data for the purposes of advertising, market research and to design our services to meet your needs by creating and evaluating user profiles under pseudonyms, but only if you have not exercised your right to object to this use of your data (see information on the right to object under "Your rights").

Contractual Relationship

In order to establish or implement the contractual relationship with our customers, it is regularly necessary to process the personal master, contract and payment data provided to us. The legal basis for this processing is Art. 6 (1) b) GDPR. We also process customer and prospect data for evaluation and marketing purposes. This processing is carried out on the legal basis of Art. 6 (1) lit. f GDPR and serves our interest in further developing our offer and informing you specifically about our offers. Further data processing may take place if you have consented (Art. 6 para. 1 letter a) GDPR) or if this serves the fulfilment of a legal obligation (Art. 6 para. 1 letter c) GDPR). 

Commercial and business services

We process information of our contractual and business partners, e.g., customers and interested parties in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g., to answer enquiries.

We process this information to fulfil our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organisation. We only disclose the information of the contractual partners to third parties within the scope of the applicable law to the extent that this is necessary for the aforementioned purposes or for the fulfilment of legal obligations or with the consent of the contractual partners (e.g., to participating telecommunications, transport, and other auxiliary services as well as subcontractors, banks, tax and legal advisers, payment service providers or tax authorities).

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioural marketing. And the Legal bases are Art. 6 (1) b) GDPR, Art. 6 (1) c) GDPR, and Art. 6 (1) f) GDPR

Administration, financial accounting, office organisation, contact management

We process data in the context of administrative tasks as well as organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The processing bases are Article 6 (1) (c) GDPR, Article 6 (1) (f) GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities.

In this context, we disclose or transfer data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices and payment service providers.

Furthermore, based on our business interests, we store information on suppliers, and other business partners, e.g., for the purpose of contacting them at a later date. This data, most of which is company-related, is generally stored permanently.

Information processing for the purpose of fraud prevention and optimisation of our payment processes

Where applicable, we provide our service providers with further information, which they use together with the information necessary for the processing of the payment as our processors for the purpose of fraud prevention and optimisation of our payment processes (e.g., invoicing, processing of contested payments, accounting support). This serves to protect our legitimate interests in our protection against fraud or in efficient payment management, which outweigh our interests in the context of a balancing of interests.

Technical services

We process the data of our customers and clients in order to enable them to select, purchase or commission the selected services or works as well as associated activities and to pay for and deliver them or to execute or provide them. The required information is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information.

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organisational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioural marketing. And, the Legal bases are Contractual performance and pre-contractual inquiries, Legal obligation, and our Legitimate interests.

Data transfer to payment service providers

In order to fulfil the contract, we pass on specific data to the company commissioned with the payment, insofar as this is necessary for the payment of our services. Depending on which payment method you select, we pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by us or to the selected payment service provider. In some cases, the selected payment service providers also collect this data themselves. In this case, the privacy policy of the respective payment service provider applies.The subject policies of the payment service provider are applicable. The legal basis for the data processing is contract.

Exercising our rights

Based on Art. 6 para. 1 lit. c and f GDPR, we process your personal data and technical information to the extent necessary to prevent or prosecute misuse or other illegal behaviour on our platform, e.g., to maintain data security in the event of attacks on our IT systems. This also takes place insofar as we are legally obliged to do so, for example due to official or court orders, and for the exercise of our rights and claims as well as for legal defence.

Enquiries by e-mail or contact form

When contacting us via the provided email address or contact form, the personal data transmitted with the e-mail or contact form will be stored. This data is processed exclusively for the purpose of answering the enquiry. The legal basis for the processing is Art. 6 (1) lit. f.) GDPR or Art. 6 (1) lit. b) GDPR if the enquiry is aimed at concluding a contract. The data will be deleted when the purpose of the processing no longer applies, e.g., the enquiry has been conclusively answered. You can object to the processing of your personal data at any time by contacting us.

Use of customer data for direct marketing purposes

If you have provided us with your email address when using our Services, we reserve the right to regularly send you email offers for similar services. We do not need to obtain your separate consent for this. In this respect, the data processing is carried out solely on the basis of our legitimate interest Art. 6 (1) lit. f.) GDPR in personalised direct advertising. If you have initially objected to the use of your e-mail address for this purpose, we will not send you any e-mails. 

You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately. If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the marketing.

Cookies

We use cookies on our web sites. Cookies are small text files that are stored on your device and can be read. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. Cookies can contain data that make it possible to recognise the device used. In some cases, however, cookies only contain information on certain settings that cannot be related to a specific person.

We use session cookies and permanent cookies on our website. The processing is carried out on the basis of Art. 6 (1) lit. f.) GDPR and in the interest of optimising or enabling user guidance and adapting the presentation of our platform. You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time using the appropriate browser settings and prevent the setting of new cookies. Please note that our web sites may then not be displayed optimally, and some functions may no longer be technically available.

Insofar as you have given your consent to this in accordance with Art. 6 (1) lit. f.) GDPR, we use the following cookies and other technologies from third-party providers on our web site. After the end of the purpose and the end of the use of the respective technology by us, the data collected in this context will be deleted. You can revoke your consent at any time with effect for the future.

Disclosure of personal data to third parties

Your personal data will only be passed on if there is a legal obligation to do so or to service providers and partner companies that have been carefully selected in advance and are contractually obliged to comply with the requirements of data protection law.

a) Disclosure within affiliated companies pursuant to Art. 6 Para. 1 lit. b GDPR

We pass on your personal data for the conclusion and processing of contracts for offers on our platform to affiliated companies. This is particularly necessary so that you can use all our offers. If you contact a store or our customer hotline with questions, complaints or returns as well as other complaints, they will also receive access to your order data in order to be able to process your request.

b) Disclosure to service providers according to Art. 6 para. 1 lit. b and f GDPR

For the operation and optimisation of our platform and our services and for the processing of contracts, various service companies work for us, e.g., for central IT services or the hosting of our platform, for the delivery of services or for the dispatch of newsletters, to whom we pass on the data required for the fulfilment of the task (e.g., name, address).

Some of these companies act for us by way of commissioned processing and may therefore use the data provided exclusively in accordance with our instructions. In this case, we are legally responsible for appropriate data protection precautions at the companies we commission. We therefore agree on specific data security measures with these companies and monitor them regularly.

c) Disclosure to other third parties pursuant to Art. 6 para. 1 lit. c and f GDPR

We will disclose your data to third parties or government agencies within the framework of existing data protection laws if we are legally obliged to do so, e.g., due to official or court orders, or if we are entitled to do so, e.g., because this is necessary for the prosecution of criminal offences or for the exercise and enforcement of our rights and claims.

Data transfer to third countries

As a service provider based in USA, we take additional measures to ensure an adequate level of data protection for the transfer of personal data in accordance with Art. 44 of the GDPR and thus ensure that the transfer is generally permissible and that the special requirements for a transfer to a third country are met (e.g., by concluding EU standard contracts and additional guarantees, supplementary technical and organisational measures such as encryption or anonymisation).

General technical organisational measures

We have taken a variety of security measures to protect personal information to an appropriate extent and adequately. All information held by us is protected by physical, technical, and procedural measures that limit access to the information to specifically authorised persons in accordance with our Privacy Policy and this Statement.

Our platform is behind a software firewall to prevent access from other networks connected to the Internet. In addition, only employees who need the information to perform a specific job are granted access to personally identifiable information. These employees are trained in security and privacy practices and treat your information confidentially.

The transmission of your personal information during an order transaction in the online shop is encrypted using industry standard Secure Socket Layer ("SSL") technology, (SSL encryption version 3).

Google Analytics

Our web site uses Google Analytics to design and improve the web site according to your needs. Google Analytics uses so-called cookies, which are stored on your terminal device, and which enable an analysis of your use of the platform. The information generated by the cookie is usually transferred to a Google server in the USA and stored there. We use the extension of IP anonymisation (so-called IP masking) on this platform, i.e., your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

On behalf of the operator of this platform, Google will use this information for the purpose of evaluating your use of the platform, compiling reports on platform activity and providing other services relating to platform activity and internet usage to the platform operator.

The legal basis for the data processing is Art. 6 para. 1 lit. f) GDPR.

Google's services also include reports on the effectiveness of our advertising measures (including across devices), on the demographics and interests of our users, as well as functions for the cross-device delivery of online advertising if you are the owner of a Google account and have consented to the personalisation of advertising ("Ads Personalisation"). In this case, the legal basis for data processing is your consent to Google (Art. 6 para. 1 lit. a) GDPR).

You can object to the collection or analysis of your data by Google Analytics by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout 

The data sent by us and linked to cookies, user IDs (e.g., user ID) or advertising IDs are automatically deleted after 14 months.

For more information on the terms of use of Google Analytics, please visit https://www.google.com/analytics/terms/.

Changes

This Policy Statement and our commitment to protecting the privacy of your personal data can result in changes to this Policy Statement. Please regularly review this policy to keep up to date with any changes.

Queries and Complaints

Any comments or queries on this Policy Statement should be directed to us. If you believe that we have not complied with this Policy Statement or acted otherwise than in accordance with data protection law, then you should notify us using privacy@themartec.com

Last Updated: Sept 21, 2022

The following Cookie Policy is applicable to www.themartec.com operated by  Talent GrowthSolutions Pty Ltd (ABN 18 135 320 428) Trading as The Martec. This cookie policy sits in line withthe General Data Protection Regulation (GDPR) and the Privacy and Electronic CommunicationsRegulations (PECR) and should be read in line with our GDPR Compliance Statement. If you havequestions or comments, please contact us using privacy@themartec.com.

What are cookies?

Cookies are pieces of information that are transmitted from our web server or third-party web serversto the user's web browser and stored there for later retrieval. Cookies can be small files or other typesof information storage.

What are they used for?

We use cookies to learn more about the ways in which you interact with our content and to enable usto improve your experience when visiting our website. Cookies remember, for example, yourlanguage or preferences, which remain as default settings on a subsequent visit our website.

In addition, cookies enable us to offer you certain content, such as videos on our website. We may use insights about your behaviour on our website to send you targeted advertisements on third-party website in an effort to remarket our products and services to you.

What cookies do we use?

Session cookies: We use "session cookies", which are only stored for the duration of the current visit to our online presence (e.g., in order to be able to save your login status or the shopping basket function and thus enable the use of our online offer at all). A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. In addition, a cookie contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online offer and log out or close the browser, for example.
Performance cookies: these cookies help us understand how visitors interact with our website by providing data about which websites or search terms bring users to our website, how long they typically stay on our website, or how many subpages they view on average. We use this data to improve the content of our website and to compile statistics for internal market analysis purposes about individual use of our website.
Functional cookies: these cookies allow our website to remember the choices you make (for example, your username, language, or the region you live in) to provide you with a more personalised online experience. They also allow you to watch videos and interact with social tools.
Analytical cookies: Analytical cookies are used by third parties. These cookies allow third parties to recognise that you have visited our website. We and our third-party providers may also combine information obtained from these cookies with personal data available from other sources, including data collected about you when you use other websites and data collected about you when you are offline, whether on our website or data maintained by the third-party provider.
The legal basis for the use of technically non-essential cookies (and the associated collection and processing of personal data) is your consent given voluntarily when you first visit our website as part of our cookie banner.
You can revoke your consent at any time with effect for the future. Your consent to the use of technically non-essential cookies and the associated processing of your personal data is not necessary for the use of our website, i.e., you can also use our website without technically non-essential cookies.

Google Analytics

On the basis of our legitimate interests (i.e., interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) Google Analytics, a web analytics service provided by Google Inc ("Google"). Google uses cookies. The information generated by the cookie about the use of the online offer by the users is usually transmitted to a Google server in the USA and stored there. Google will use this information on our behalf for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. In doing so, pseudonymous user profiles can be created from the processed data.

How to delete and block cookies?

If you do not want cookies to collect information, you can change the setting in your internet browser. However, if you use your browser settings to block all cookies (including necessary cookies), you may not be able to access parts or all of our website. Our website places cookies whenever you visit our website. Disabling or deleting cookies does not prevent devices from being identified and associated data from being collected. This can only be achieved by changing your browser settings.

How do you disable cookies?

You can change your cookie settings in your browser. These settings are usually found under the "Options" or "Preferences" menus of your browser. The links below may be helpful in understanding these settings. You can also find more information under "Help" in your browser.

Can I withdraw my consent?

Unless you have changed your browser settings, when you visit our website, you are consenting to Simiyon` use of cookies. We store a cookie on your computer or device to remember you the next time you visit. Our cookies include an expiry date, but this is reset each time you visit our website again. If at any time you wish to withdraw your consent, you will need to change your browser settings

‍

Further information on data protection

For further information on data protection, please refer to our privacy policy. If you would like more detailed   information about our data protection practices, please contact us using privacy@themartec.com. We will be happy to assist you.

Last Updated: June 23, 2022

At The Martec, we understand the importance of protecting your data and adapted all services in accordance with the principles set out in the GDPR. In particular, were our Users use our products and services to process end-user data regardless of this being personal data and/ or Personal Data.

The following Data Processing Addendum governs the processing of personal data by The Martec when acting as data processor and on behalf of our Users, the data controllers. In other words, a data processing addendum is a legally binding contract that states the rights and obligations of each party concerning the protection of personal data where one company uses the services offered by another company to process data of its own end-users. As such, The Martec becomes a data processor of the data collected by our Users (data controllers).

Data Processing Addendum

In order that you as a service user and data controller (referred to as “Controller” or “you” or “User”) may use or continue to use The Martec’s platform (the “Services”) offered by us, Talent Growth Solutions Pty Ltd (ABN 18 135 320 428) Trading as “The Martec” and data processor (referred to as “The Martec” or “Processor”), you have agreed that these data processing terms (“Terms”) shall apply (notwithstanding any other terms and conditions applicable to the delivery of the Services to the contrary) in order to address the compliance obligations imposed upon The Martec and its Users pursuant to applicable Data Protection Law and in particular, Regulation (EU) 2016/679 (GDPR).
These Terms shall constitute a separate agreement, or they may be incorporated by reference in the relevant Services agreement, as the case may be.

Definitions

1. In this Agreement, capitalised words shall have the meaning as set out below or, as the case may be, elsewhere in this Agreement:
   1.1.  “Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with, a party from time to time during the Term.
   1.2.  “Data Protection Law” means the data privacy laws applicable to the processing in connection with the Services, including, where applicable, the GDPR, or the applicable data privacy laws of any other relevant jurisdiction.
   1.3.  “User” means any User of The Martec.
   1.4.  “Contractual Clauses” means the standard contractual clauses of the European Commission for the transfer of personal data across borders, as amended or replaced from time to time, or any equivalent set of contractual clauses approved for use under Data Protection Law; and
   1.5.  “Personal Data” means the personal data processed by Processor in connection with the Services on behalf of User during the Term and may include Personal Data, and Special Categories Data as specifically required and transferred by the User. The processing may include activities auxiliary to The Martec services, such as administrative and other services. This will include names and other information about data subjects included in User materials.
   1.6.  The words “data subject”, “personal data”, “processing” and variations, “controller” and “processor” shall have the meaning attributed to them in Data Protection Law.

Appointment

1. The Martec is designated by its Users or Parent/Legal Guardian if the user is a minor in the relevant Jurisdiction (collectively “Instructing Parties”) to provide and manage various services, including the Services on their behalf. Accordingly, Personal Data may contain personal data in relation to which User and its Instructing Parties are controllers. The Martec confirms that it is authorised to communicate to User any instructions or other requirements on behalf of User in respect of processing of Personal Data connection with the Services.
2. Processor is appointed by User to process Personal Data on behalf of User and/or the Instructing Parties, as the case may be, as is necessary to provide the Services or as otherwise agreed by the parties in writing.

Duration

The Terms shall commence on the Effective Date and shall continue in full force and effect until such time as all Services have ceased and all Personal Data in the Processor’s possession or within its reasonable control has been returned or destroyed (the “Term”)

1. Art. 6 (1) lit. a GDPR serves as our legal basis for processing operations where we obtain your consent for a specific processing purpose.
2. Art. 6 (1) lit. b GDPR, insofar as the processing of personal data is necessary for the performance of a contract, e.g., if you purchase a product. The same applies to such processing operations that are necessary for the performance of pre-contractual measures, for example in the case of enquiries about our products or services.
3. Art. 6 (1) lit. c GDPR, insofar as we are subject to a legal obligation that requires the processing of personal data, such as for the fulfilment of tax obligations.
4. Art. 6 (1) lit. d GDPR in the event that vital interests of you or another natural person require the processing of personal data.
5. Art. 6 (1) lit. f GDPR applies on the basis of our legitimate interests, e.g., when using service providers as part of order processing, such as shipping service providers or when carrying out statistical surveys and analyses and logging registration procedures. Our interest is directed towards the use of a user-friendly, appealing, and secure presentation as well as optimisation of our platform, which serves our business interests as well as meeting your expectations.

Data Protection Compliance

1. In relation to its processing of Personal Data, save as otherwise required by law, The Martec agrees to:
   1.1.  process Personal Data only as required in connection with the Services and in accordance with User and its Instructing Parties documented lawful instructions from time to time;
   1.2.  inform User and its Instructing Parties if, in The Martec`s opinion, an instruction infringes Data Protection Law;
   1.3.  ensure that all personnel authorised by The Martec to process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;
   1.4.  implement appropriate technical and organisational measures to appropriately safeguard Personal Data having regard to the nature of the personal data which is to be protected and the risk of harm which might result from any Security Breach (as defined below), at a minimum the measures set out in the Schedule;
   1.5.  promptly inform User and its Instructing Parties of any data subject requests under Data Protection Law or regulatory or law enforcement requests relating to Personal Data. The Martec shall not acknowledge or otherwise respond to the subject access request except with User and its Instructing Parties prior written approval, which shall not be unreasonably withheld;
   1.6.  provide such assistance as User and its Instructing Parties may reasonably require in order to ensure The Martec’s compliance with Data Protection Law in relation to data security, data breach notifications, data protection impact assessments and prior consultations with a competent authority;
   1.7.  at User and its Instructing Parties choice, without delay delete or return all Personal Data to User and its Instructing Parties, and delete existing copies of all Personal Data in the Processor’s possession or within its reasonable control (including those held by a Sub processor); and
   1.8.  make available to User and its Instructing Parties information reasonably necessary to demonstrate The Martec compliance with these Terms and allow for, and contribute to, audits and inspections carried out by User and its Instructing Parties.

Subprocessors

1. Processor will sub-contract, outsource, assign, novate or otherwise transfer obligations under these Terms or engage any subcontractors involved in the processing of Personal Data (each a “Sub processor”) only with User’s prior written consent and subject to subclause 5.2.
2. When engaging a Sub processor, Processor will:
   2.1.  carry out reasonable due diligence;
   2.2.  enter into a contract on terms, as far as practicable, same as those in these Terms, and which may include Contractual Clauses to provide adequate safeguards with respect to the processing of Personal Data; and
   2.3.  inform User of any intended changes concerning the addition or replacement of a Sub processor from time to time. If User object`s to any such change on reasonable grounds, then acting in good faith the parties will work together to resolve such objection.

Security Incidents

1. “Security Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
2. Processor will notify User without undue delay if Processor aware of any Security Breach.
3. Processor will investigate the Security Breach and take reasonable action to identify, prevent and mitigate the effects of the Security Breach. Processor will take such further action as User may reasonably request in order to comply with Data Protection Law.
4. Processor may not release or publish any filing, communication, notice, press release, or report concerning any Security Breach (“Notices“) without User`s prior written approval; such approval shall not be unreasonably withheld.

International Data Transfers

1. “Security Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
2. The Martec will notify User without undue delay if The Martec becomes aware of any Security Breach within 24 hours of discovering such Breach and provide User with:
   2.1.  a detailed description of the Security Incident;
   2.2.  the type of data that was the subject of the Security Incident;
   2.3.  the identity of each affected person, and
   2.4.  the steps The Martec takes in order to mitigate and remediate such Security Incident, in each case as soon as such information can be collected or otherwise becomes available.
3. The Martec shall use its best efforts to immediately mitigate and remedy any Security Incident and prevent any further Security Incident(s) at its sole expense.
4. The Martec agrees that User shall have the sole right to determine (i) whether notice of the Security Incident is to be provided to any individuals, regulators, law enforcement agencies, consumer reporting agencies or others as required by law or regulation, or otherwise in User’s discretion, (ii) the contents of such notice, and (iii) whether any type of remediation may be offered to affected persons, as well as the nature and extent of any such remediation.
5. In the event of a Security Incident involving Personal Data in The Martec’s possession or otherwise caused by or related to The Martec’s acts or omissions, and without limiting User’s other rights and remedies, The Martec will pay all costs and expenses of (i) any disclosures and notification required by applicable law or as otherwise determined as appropriate in User’s reasonable discretion, (ii) monitoring and reporting on the impacted individuals’ or entities’ credit records if determined in User’s reasonable discretion as reasonable to protect such individuals, and (iii) all other costs incurred by User in responding to, remediating and mitigating damages caused by such Security Incident.
6. The Martec will investigate the Security Breach and take reasonable action to identify, prevent and mitigate the effects of the Security Breach. The Martec will take such further action as User may reasonably request in order to comply with Data Protection Law.
7. The Martec may not release or publish any filing, communication, notice, press release, or report concerning any Security Breach (“Notices“) without User`s prior written approval; such approval shall not be unreasonably withheld.

Audit

1. User (or its designated representatives) may, on an annual basis or more frequently as reasonably requested by User, at User’s expense, conduct an audit to verify that The Martec is operating in accordance with this DPA. Such audit(s) may include a review of all aspects of The Martec’s performance, including, but not limited to, The Martec’s general controls and security practices and procedures. The Martec will cooperate with User in conducting any such audit, and will allow User reasonable access, during normal business hours and upon reasonable notice, to all pertinent records, documentation, computer systems, data, personnel and areas used to Process the User Data areas as User reasonably requests to complete such audit. User will take reasonable steps to prevent the audit from materially impacting The Martec’s operations.
2. The Martec shall correct any deviations from Security Best Practices that are identified in any security audit as soon as practicable, but in no event more than five days after receiving notice from User outlining any deviations (provided, however, that if five days is not a practicable cure period, then The Martec may instead present a remediation plan to User within such five day period that sets forth an achievable and reasonable timeframe, and The Martec must thereafter diligently proceed to correct any deviations in accordance with such plan).

International Data Transfers

1. The Martec will ensure that no Personal Data are transferred out of either:
   1.1. the by the User approved data environment; or
   1.2. any territory in which restrictions are imposed on the transfer of Personal Data across borders under Data Protection Laws,
   1.3. without the prior written consent of User.
   1.4. The Martec will ensure that Contractual Clauses or other applicable transfer mechanism, are in place to ensure adequate level of data protection.

Indemnity

Notwithstanding any provisions of the relevant Services agreement to the contrary, Processor shall and hereby agrees to indemnify User and Instructing Parties and their officers, employees, agents and subcontractors (each an “Indemnified Party”) from and against any claims, losses, demands, actions, liabilities, fines, penalties, reasonable expenses, damages and settlement amounts (including reasonable legal fees and costs) incurred by any Indemnified Party as a result of any gross negligence or wilful breach by Processor of these Terms.

Miscellaneous

1. Clause and other headings in these Terms are for convenience only and shall not affect the meaning or interpretation of these Terms.
2. To the extent of any conflict, these Terms shall prevail over any Services agreement or other agreement.
3. Nothing in these Terms will exclude or limit the liability of either party which cannot be limited or excluded by applicable law. Subject to the foregoing sentence, (i) these Terms, including any appendices, constitutes the entire agreement between the parties pertaining to the subject matter hereof and supersedes all prior agreements, understandings, negotiations and discussions of the parties relating to its subject matter; and (ii) in relation to the subject matter of these Terms neither party has relied on, and neither party will have any right or remedy based on, any statement, representation or warranty, whether made negligently or innocently, except those expressly set out in these Terms.
4. User shall agree any amendment to these Terms that may be required from time to time for us and Instructing Parties to comply with any amended Data Protection Laws.
5. All notices of termination or breach must be in English, in writing and addressed to the other party’s primary contact person or legal department. Notice will be treated as given on receipt, as verified by a valid receipt or electronic log. Postal notices will be deemed received 48 hours from the date of posting by recorded delivery or registered post.
6. The provisions of these Terms are severable. If any phrase, clause or provision is invalid or unenforceable in whole or in part, such invalidity or unenforceability shall affect only such phrase, clause or provision, and the rest of these Terms shall remain in full force and effect.
7. These Terms are governed by the law of Australia and the parties submit to the exclusive jurisdiction of the courts of New South Wales in relation to any dispute (contractual or non-contractual) concerning these Terms save that either party may apply to any court for an injunction or other relief to protect its property or confidential information.

Schedule

1. Security measures
   1.1. The Martec represents, warrants, and undertakes that it has established and for so long as The Martec Processes Personal Data it will at all times enforce, an ongoing program of Security Policies, Security Procedures, and Security Technical Controls, which reasonably ensures delivery of Security Best Practices, and which includes, without limitation, the following:
2. Information Security
   2.1. a privacy and security incident management program;
   2.2. a privacy and security awareness program;
   2.3. business continuity and disaster recovery plans, including regular testing; and
   2.4. procedures to conduct periodic independent security risk evaluations to identify critical information assets, assess threats to such assets, determine potential vulnerabilities, and provide for timely and appropriate remediation.
3. Physical Access
   3.1. physical protection mechanisms for all information assets and information technology to ensure such assets and technology are stored and appropriately protected;
   3.2. appropriate facility and room entry controls to limit physical access to systems that store or process User Data;
   3.3. processes to ensure access to facilities and rooms are monitored and is restricted on a “need to know” basis; and
   3.4. controls to physically secure all User Data and to securely destroy such information when it is no longer needed in accordance with this Agreement.
4. Logical Access
   4.1. appropriate mechanisms for user authentication and authorisation in accordance with a “need to know” policy;
   4.2. controls and auditable logs to enforce and maintain rigorous access restrictions for employees, and subcontractors;
   4.3. timely and accurate administration of user account and authentication management;
   4.4. processes to ensure The Martec-supplied defaults for passwords and security parameters are appropriately managed (e.g., changed periodically etc.);
   4.5. mechanisms to encrypt or hash all passwords or otherwise ensure all passwords are not stored unsecured in clear text; and
   4.6. processes to immediately revoke accesses of inactive accounts or terminated/transferred users.
5. Security Architecture and Design
   5.1. a security architecture that reasonably ensures delivery of Security Best Practices;
   5.2. documented and enforced technology configuration standards;
   5.3. regular testing of security systems and Security Best Practices;
   5.4. a system of effective firewall(s) and intrusion detection technologies necessary to protect User Data; and
   5.5. database and application layer design processes that ensure web applications are designed to protect the information data that is Processed through such systems.
6. System and Network Management
   6.1. mechanisms to keep security patches current;
   6.2. monitor, analyse, and respond to security alerts;
   6.3. appropriate network security design elements that provide for segregation of data from other third-party data;
   6.4. use and regularly update anti-virus software; and
   6.5. the integrity, resilience and availability of any software or services utilised to Process the User Data.
   6.6. Failure by The Martec to comply with Security Best Practices or its obligations hereunder shall constitute a breach of the Agreement.
7. Minimum technical measures
   7.1. Firewalls which are properly configured and using the latest software;
   7.2. user access control management;
   7.3. unique passwords of sufficient complexity and regular expiry on all devices;
   7.4. secure configuration on all devices;
   7.5. regular software updates, if appropriate, by using patch management software;
   7.6. timely decommissioning and secure wiping (that renders data unrecoverable) of old software and hardware;
   7.7. real-time protection anti-virus, anti-malware and anti-spyware software;
   7.8. https;
   7.9. encryption of all portable devices ensuring appropriate protection of the key;
   7.10.    encryption of personal data in transit by using suitable encryption solutions;
   7.11.    multi-factor authentication for remote access;
   7.12.    WPA-TKIP secured WiFi access;
   7.13.    delinquent web filtering and other appropriate internet access restrictions;
   7.14.    intrusion detection and prevention systems;
   7.15.    appropriate and proportionate monitoring of personnel; and
   7.16.    data backup and disaster recovery measures and procedures.
   7.17.    Minimal organisational measures
   7.18.    Vet all personnel including staff, contractors, vendors and suppliers (including Sub processors) on continuous basis;
   7.19.    non-disclosure agreements used with all personnel;
   7.20.    regular training of all personnel on confidentiality, data processing obligations, identification of Security Breaches and risks;
   7.21.    apply principle of least authority, including a restricted or strictly controlled transit of data and material outside of office;
   7.22.    physical security on premises including reception or front desk, security passes, clean desk policy, storage of documents in secure cabinets, secure disposal of materials, etc.;
   7.23.    apply appropriate policies, as appropriate.

Cross Border Data Transfer Mechanisms

1. In the event the Services are covered by more than one Transfer Mechanism, the transfer of personal data will be subject to a single Transfer Mechanism in accordance with the following order of precedence:
2. The Martec’s binding corporate rules as set forth in this Schedule
3. the applicable Standard Contractual Clauses as set forth in this Schedule
4. other applicable data Transfer Mechanisms permitted under Applicable Data Protection Law.

Binding Corporate Rules

1. The parties agree that The Martec will process personal data within the The Martec Services in accordance with the data protection policies that are approved by European data protection authorities after significant consultation with those authorities and enable multinational businesses, such as The Martec, to make intra-organisational transfers of personal data across borders in compliance with EU data protection law.
2. The parties further agree that, with respect to the The Martec Services, the Binding Corporate Rules will be the lawful Transfer Mechanism of User Account Data, User Content, and User Usage Data from the EEA, Switzerland, or the United Kingdom to The Martec in Australia.

Standard Contractual Clauses

1. The parties agree that the 2021 Standard contractual clauses for international transfers as publish and available at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc/standard-contractual-clauses-international-transfers_en will apply to personal data that is transferred via the Services from the European Economic Area or Switzerland, either directly or via onward transfer, to any country or recipient outside the European Economic Area or Switzerland that is:
   1.1. not recognised by the European Commission (or, in the case of transfers from Switzerland, the competent authority for Switzerland) as providing an adequate level of protection for personal data and
   1.2. not covered by the above Binding Corporate Rules. For data transfers from the European Economic Area that are subject to the 2021 Standard Contractual Clauses, the 2021 Standard Contractual Clauses will be deemed entered into (and incorporated into this Addendum by this reference) and completed as follows:
   1.2.1.   Module One (Controller to Controller) of the 2021 Standard Contractual Clauses will apply where The Martec is processing User Account Data and
   1.2.2.   User is a controller of User Usage Data and The Martec is processing User Usage Data.
   1.2.3.   Module Two (Controller to Processor) of the 2021 Standard Contractual Clauses will apply where User is a controller of User Content and The Martec is processing User Content.
   1.2.4.   Module Three (Processor to Processor) of the 2021 Standard Contractual Clauses will apply where User is a processor of User Content and The Martec is processing User Content.
   1.2.5.   Module Four (Processor to Controller) of the 2021 Standard Contractual Clauses will apply where User is a processor of User Usage Data and The Martec processes User Usage Data.
   1.3. For each Module, where applicable:
   1.3.1.   Data Exporter: User.
   1.3.2.   Contact details: The email address(es) designated by User in User’s account via its notification preferences.
   1.3.3.   Data Exporter Role: The Data Exporter’s role is set forth in this Agreement.
   1.3.4.   Signature and Date: By entering into the Agreement, Data Exporter is deemed to have signed these Standard Contractual Clauses incorporated herein, as of the Effective Date of the Agreement.
   1.3.5.   Data Importer: The Martec.
   1.3.6.   Contact details: The Martec Support Team
   1.3.7.   Data Importer Role: The Data Importer’s role is set forth in this Agreement.
   1.3.8.   Signature and Date: By entering into the Agreement, Data Importer is deemed to have signed these Standard Contractual Clauses, incorporated herein, including their Annexes, as of the Effective Date of the Agreement.
2. The categories of data subjects are described in this Agreement
   
3. The Sensitive Data transferred is described in this Agreement.
   
4. The frequency of the transfer is a continuous basis for the duration of the Agreement.
   
5. The nature of the processing is described in this Agreement.
   
6. The purpose of the processing is described in this Agreement.
   
7. The period for which the personal data will be retained is this Agreement.
   
8. The Schedule Security Measures of this Agreement serves as Annex of the Standard Contractual Clauses.
   
9. Conflict. To the extent there is any conflict between the Standard Contractual Clauses, and any other terms in this Agreement, or our GDPR Compliance Statement, the provisions of the Standard Contractual Clauses will prevail.