Privacy Policy
Last Updated: March 21, 2024
Welcome to www.meccavation.com (“Website”), which is owned and operated by Mecca Innovation & Technology LLC, a company incorporated under the laws of the United States, having its principal address at 34575 Linda Lane, Sterling Heights, Michigan, 48312 and its affiliates (“Mecca,” “we,” “us,” “our”). We are committed to protecting and respecting your privacy, and we aim to be clear about how we use personal data. When we use the term “personal data,” we mean any information about an individual from which that person can be identified.
This Privacy Policy sets out the types of information Mecca may collect from you when you visit our Website or interact with us, what is done with this information, with whom this information is shared, and your rights. It also explains how we process and protect personal data that we obtain through our dealings with other businesses and corporate entities that we have business or professional dealings with. This includes personal data relating to customers, vendors, job applicants, employees, officers, directors, shareholders, investors, and third-party representatives of those corporate entities or businesses (“you”). This Privacy Policy should be read in conjunction with our Cookie Policy and our Terms of Use, which provide additional details on our data processing and Website practices.
Please review this Policy carefully to understand what we do with your information, and where applicable, the following sections:
European and UK Users. If you are subject to the EU General Data Protection Regulation (“EU GDPR”), or the EU GDPR as it forms part of the laws of the United Kingdom by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments) (EU Exit) Regulations 2019 (the “UK GDPR”, and, together with the EU GDPR, the “GDPR”), we are the data controller for all personal data we collect. Please review the below section “Additional Information for European and UK Users” for additional disclosures and a description of your rights.
California Users. If you are a California resident and the California Consumer Privacy Act (with any implementing regulations and as may be amended from time to time, “CCPA”) applies to the processing of your information, please review the below section “Additional Information for California Users” for additional disclosures, our notice at collection, and a description of your rights.
1. Who We Are and How to Get in Touch
If you have any queries in relation to this Privacy Policy or any aspect of our data privacy practices, please feel free to contact us at:
Mitri Innovation & Technology Consulting LLC
d/b/a Mecca Innovation & Technology
34575 Linda Lane, Sterling Heights, MI 48312
Email: info@meccavation.com
2. Types of Personal Data We Collect
We may collect personal data and other information from the sources described below. When we use the term “personal data,” we mean information that can help us directly or indirectly identify you, such as your name, address, telephone number, email address, Internet Protocol (“IP”) address, or other online identifiers.
Personal Data You Provide to Us
Depending on how you interact with us, including if you are a job applicant or business contact, we may collect the following categories of personal data directly from you or from the business you represent:
Contact details such as your name, mailing address, telephone number, email address, online identifiers, or other similar identifiers.
Additional information protected under certain federal or state laws such as your Social Security Number, passport number, signature, education information, driver’s license number, state identification number, credit card, bank account, or other financial information.
Characteristics of protected classifications under certain federal or state law such as gender, national origin, citizenship status, marital status, criminal conviction, or health data.
Professional or employment-related information such as employer names and professional titles.
Education information, including information that is not publicly available, personally identifiable information as defined in the Family Educational Rights and Privacy Act.
Inferences drawn from other information to create a profile reflecting your preferences or characteristics.
Audio, electronic, or visual information such as call recordings and passport photos.
Geolocation data such as information about your location or the location of your device.
Correspondence and communications with you or the business you represent including records of information provided by you when you contact us with feedback, comments, questions, or for any other reason.
Please note that if you do not provide us with your personal data, we may not be able to comply with our legal obligations or manage our business.
Information Collected Automatically
When you visit our Website and interact with us through online media and advertisements, we may collect certain information, which may include personal data, about your visit or interaction that is automatically logged through the use of cookies and similar tools. Cookies are text files containing small amounts of information that are stored on your browser or your device when you visit our Website, online media, and advertisements.
We may automatically collect the following information, which may include personal data, through our Website and these tools:
Log Files
Records of a range of variables about your visit to our Website, including your browser type and language, app version, access times, pages viewed, IP address, approximate geographic location, and the webpage or online service you visited before navigating to our Website.
Website Browsing Data
Information gathered while you browse our Website, including technical, usage, and navigational data that shows what pages you have visited and how long various features are used.
Device Information
Information about the device you use to access our Website, including the hardware model, operating system and version, unique device identifiers, and mobile network information.
For additional information on the various tools we use, the purposes for which we use them, and your ability to control them, please read our Cookie Policy.
3. Why We Process Your Data
We collect, store, and process your personal data for the following business or commercial purposes:
Business Contact: To engage with you as part of professional interactions with the businesses and corporate entities you represent.
Legal Compliance: To adhere to legal obligations, safeguard our interests, conduct sanctions checks, prevent and detect fraud, money laundering, or other criminal activities, and respond to binding requests from public authorities or courts.
Job Applications: To evaluate your application and communicate with you regarding employment opportunities.
Communication and Issue Resolution: To address any inquiries you send to us and to resolve issues reported with the website.
Website Management: To maintain the relevance and accuracy of our website, facilitate business development, and shape our marketing strategies.
Advertising: To provide information, products, or services that we believe may be of interest to you.
4. How We Share Your Information
We may share your personal data and other information with entities for our business or commercial purposes, including:
Any member within our group of related companies, including subsidiaries, parent companies, and their subsidiaries such as Mecca Innovations & Technology.
Service providers, including but not limited to providers conducting sanctions checks for the Office of Foreign Control (“OFAC”), our Internet Service Provider, and website analytics companies like Google Analytics.
Third parties when required by law or legal obligations to disclose or share your personal data.
Third parties when necessary to protect the vital interests of data subjects or other natural persons.
Third parties in the legitimate interest of protecting the rights, property, or safety of Mecca, our clients, customers, or others.
Support service providers essential for Mecca's services, including external legal counsel.
Prospective sellers or buyers of any of our business or assets in the event of a business sale, transfer, reorganization, dissolution, or liquidation.
We may also share your personal data if you have explicitly authorized or consented to the disclosure.
5. International Transfers of Your Personal Data
Mecca, being a U.S.-based company, may transfer, store, or process your personal data in the United States. When you or the business you represent provide personal data to us from outside the U.S., please note that we will process it in the U.S., which may have different data protection laws than your country of residence.
We comply with legal requirements by providing adequate safeguards for the transfer of personal data to countries other than your location. This may include using contractual protections such as the European Commission’s Standard Contractual Clauses or complying with adequacy decisions issued by relevant bodies in other jurisdictions.
If you have questions about how we safeguard your personal data during international transfers, please contact us using the information provided in the Who We Are and How to Get in Touch.
6. Retention of Personal Data
We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected and used. If a longer retention period is required to meet legal obligations or defend legal claims, we will retain the data accordingly.
For correspondence related to our legitimate business interests, we will retain personal data as long as necessary for the intended purposes. Our retention periods are determined by various factors such as data type, purposes of collection, legal requirements, ongoing or potential litigation, intellectual or property rights, contractual obligations, and historical archiving.
Typically, we retain such data for up to seven years from the termination date of the relationship. For further information on our data retention policies, please contact us at the address provided in the Who We Are and How to Get in Touch.
7. Links to Other Websites
Our website may include links to third-party websites. Accessing and using these third-party websites are not governed by our Privacy Policy but are subject to the privacy policies of those specific websites. We are not responsible for the privacy practices or policies of third-party websites.
8. Automated Decision-making/Profiling
We do not make solely automated decisions that have a legal or similarly significant effect on individuals' data. However, we may share your information with third-party processors for automated sanctions checks related to OFAC. The outcomes of these automated processes are reviewed before any decisions are finalized. These checks are conducted to prevent fraud and ensure compliance with legal and regulatory obligations.
If you wish to object to such profiling, please contact us using the information provided in the Who We Are and How to Get in Touch. We note that, as set out in Types of Personal Data We Collect, if you refuse to allow certain types of data processing, we may not be able to comply with our legal obligations or manage our business, and accordingly may not be able to engage with the business you represent.
9. Your Rights
We take reasonable steps to keep your personal data accurate and complete. Under applicable law, you have certain rights relating to our collection and use of your personal data:
Access and Correct Your Information. You may contact us using the information provided in Who We Are and How to Get in Touch above with “Rights Request” n the subject line to request access to, modification, or deletion of personal data you have provided to us. Please note that we will maintain personal data in our database whenever we are required to do so by law, for necessary operational reasons, or to maintain uniform business practices.
European Privacy Rights. If you are located in the European Economic Area (“EEA”), Switzerland, or the U.K., please review Additional Information For European and UK Users below for a description of your rights.
California Privacy Rights. If you are a California resident, please review Additional Information for California Residents below for information regarding rights of California residents.
10. Additional Information for European and UK Users
The GDPR imposes certain obligations on us, as a data controller, and grants certain rights to individuals located in the EEA or U.K. “Personal data” and other terms as used in this section have the same meaning provided in the GDPR.
Legal Basis
The GDPR imposes certain obligations on us, as a data controller, and grants certain rights to individuals located in the EEA or U.K. “Personal data” and other terms as used in this section have the same meaning provided in the GDPR.
Legal Basis
If the processing of your personal data is subject to the GDPR, we ensure that we have identified a legal basis for doing so, including:
Contract. Depending on the circumstances, we may need to process your personal data for the performance of a contract to which you are a party.
Legitimate Interest. This processing of personal data is necessary for our legitimate business interest in managing and promoting our business, provided that our interest is not overridden by your interest. In identifying this basis, we have weighed our legitimate interest as a business against your rights and freedoms and have determined that it will not unfairly impact your rights. You have the right to object to our processing of your personal data where it is done on this basis. If you would like further information on how we balanced these interests, you can contact us using the details provided in Who We Are and How to Get in Touch.
Legal Requirements. We may need to process your personal data in order to comply with certain legal and regulatory requirements. In certain circumstances, we may also process some personal data for carrying out our or your obligations and exercising specific rights in the field of employment and social security and social protection law authorized by certain countries’ laws.
Consent. We may also process your personal data with your consent, as required, and, where applicable, your explicit consent. You have the right to withdraw this consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdrew your consent.
Individual Rights
If the processing of your personal data is subject to the GDPR, you have the right to request access to, rectification of, or erasure of your personal data, or restriction of processing or object to processing of your personal data, as well as the right to data portability. In each case, these rights are subject to restrictions as laid down by law. The following is a summary of your rights:
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data in certain circumstances, for example, where we no longer need it or you have withdrawn your consent. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below). Please note that, upon receiving a request from you to erase your personal data for any of the above reasons, we will endeavor to remove as much data as is legally allowable. If we are unable to comply with your request to erase personal data, we shall tell you in writing what personal data we have continued to retain, the reasons for retaining it, and how long we expect to retain it for.
Object to processing of your personal data. This enables you to object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation that makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in certain circumstances, for example, if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal data to another party. This enables you to request that we transmit your personal data to another party without hindrance, or to give you a copy of it so that you can transmit it to a third party, where technically feasible.
Withdraw consent. Where you have provided your consent to our processing, you have the right to withdraw it at any time.
Lodge a Complaint with a Data Protection Authority. You also have the right to lodge a complaint with the relevant Data Protection Authority in the country of your residence, your place of work, or place of an alleged infringement, if you believe that the processing of your personal data infringes upon the GDPR.
How to Exercise Your GDPR Rights
If you wish to exercise your rights under the GDPR, you may submit a request by emailing us at info@meccavation.com with “GDPR Request” in the subject line or using the other contact information provided in Who We Are and How to Get in Touch.
11. Additional Information for California Residents
The California Consumer Privacy Act (CCPA) imposes specific obligations on us and provides certain rights to California residents (“California Resident,” “you” or “your”) regarding their “personal information.” If you are a California Resident, please carefully review the following information concerning how we collect, use, disclose, and potentially sell your personal information, as well as your rights under the CCPA. Please note that the rights outlined herein are subject to exemptions and limitations as per applicable law.
Terms used in this section have the meaning ascribed to them in the CCPA. Mitri Innovation and Technology Consulting LLC is classified as a “business.”
Notice at Collection and Use of Personal Information
Information We Collect
Depending on how you interact with us, we may collect the categories of personal information listed above in “Types of Personal Data We Collect.”
How We Use Collected Information
We may use your personal information for the purposes listed in “Why We Process Your Data.”
Our Collection, Use, Disclosure, and Sharing of Personal Information
Information We Have Collected
In the preceding 12 months, and depending on how you interact with us, we may have collected the categories of personal information listed in “Types of Personal Data We Collect.”
Sources of Personal Information
We may gather personal information about you directly through sources such as: (i) job applications and other forms or related documentation; (ii) written, electronic, or verbal correspondence with us or our service providers; and/or (iii) from information captured on relevant websites. Additionally, we may collect personal information from various sources, including: (i) our affiliates, our service providers, or our affiliates’ service providers; (ii) public websites or other publicly accessible directories and sources, including governmental agencies and departments, and regulatory authorities; and/or (iii) from credit reporting agencies, sanctions screening databases, or sources aimed at detecting and preventing fraud.
Purposes for Collecting Personal Information
We may use your personal information for the purposes listed in “Why We Process Your Data.”
Our Disclosure, Sharing, of Personal Information
We do not sell your personal information. In the previous 12 months, we may have disclosed, for a business purpose, the following categories of personal information to the corresponding categories of third parties:
Category of Personal Information Category of Third Party Information Disclosed to for a Business Purpose Identifiers and Similar Information (such as name, email, or IP address)
Third parties necessary to complete a transaction, including financial institutions or advisors, entities assisting with fraud prevention.
Professional services organizations, like auditors.
Any relevant third-party acquirer(s) in case of selling or transferring all or any relevant portion of our business or assets.
Businesses being evaluated in connection with potential business opportunities.
Internet service providers.
Social networks, recruiting agencies, and similar third-party websites.
Affiliated entities.
Additional Information Protected by Certain Federal or State Laws (e.g., financial information)
Third parties required to complete a transaction, including financial institutions or advisors, entities assisting with fraud prevention.
Professional services organizations, such as auditors.
Any relevant third-party acquirer(s) in case of selling or transferring all or any relevant portion of our business or assets.
Businesses being evaluated in connection with potential business opportunities.
Internet service providers.
Affiliated entities.
Characteristics Information (e.g., age or gender)
Third parties necessary to complete a transaction, including financial institutions or advisors, entities assisting with fraud prevention.
Professional services organizations, like auditors.
Social networks, recruiting agencies, and similar third-party websites.
Affiliated entities.
Additionally, in the previous 12 months, we may have disclosed for a business purpose all categories of personal information identified above in the section, “Types of Personal Data That We Collect,” to the following categories of third parties: (i) judicial courts, regulators, or other government agents claiming jurisdiction over us, our subsidiaries or affiliates, or opposing counsel and parties involved in litigation; and (ii) other third parties as may be permitted by law.
We may also share your personal information with our service providers such as IT providers, email providers, or CRM providers, other entities agreeing to limitations on the use of your personal information, or entities fitting within other exemptions or exceptions as permitted by the CCPA. We may also disclose personal information about you or your accounts to a third party at your request, direction, or with your consent.
Individual Rights Under the CCPA
Request to Delete. You have the right to request the deletion of any personal information about you that we have collected or maintained, subject to certain exceptions.
Request to Know. You can request that we provide you with: (i) the categories of personal information we have collected about you; (ii) the categories of sources from which we collected the personal information; (iii) the business or commercial purpose for collecting or selling the personal information; (iv) the categories of third parties with whom we share personal information; (v) the specific pieces of personal information we have collected about you; and (vi) the categories of personal information about you we have sold or disclosed for a business purpose.
Non-Discrimination. We will not discriminate against you for exercising any of your rights under the CCPA.
Opt-Out of Sale. You can request that we do not sell your personal information.
It's important to note that the CCPA does not restrict our ability to perform certain actions, such as complying with other laws or regulatory investigations. We also reserve the right to retain, and not to delete, certain personal information after receiving a Request to Delete from you where permitted by the CCPA or another applicable law or regulation.
How to Exercise Your Rights
You can submit a Request to Know or Request to Delete through the following methods:
Website: Visit our Contact Us page on our Website
Email: Send an email to info@meccavation.com with “CCPA Request” in the subject line.
We are obligated to provide certain information or delete personal information only upon receiving verifiable requests made by you or your authorized agent. When submitting a request, we may ask for clarifying or identifying information to verify your request, which may include your name and email address. Any information collected during the verification process will be used solely for verification purposes.
If you wish to use an authorized agent to submit a request, we may request proof of their authorization to act on your behalf or a power of attorney. We may also require you to directly verify your identity and confirm that you have given permission to the authorized agent to submit the request.
12. Additional California Privacy Rights
Apart from the rights granted under the CCPA, you also have the right to inquire once a year if we have shared your personal data with third parties for their direct marketing purposes. Please note that we do not disclose your personal data to third parties for direct marketing purposes.
Furthermore, our Website supports "Do Not Track" settings in your browser, as mandated by California Business & Professions Code Section 22575(b). You can configure your internet browser to send "Do Not Track" signals to the online services you visit.
13. Security
We are dedicated to safeguarding the security of your personal data by employing reasonable security technologies and procedures to prevent unauthorized access or use. However, no security system is entirely foolproof. While we strive to protect your data, we cannot guarantee absolute security. Any transmission of personal data over the Internet is done at your own risk.
14. Changes to our Privacy Policy
We reserve the right to change this Privacy Policy from time to time at our sole discretion. If we make any changes, we will post those changes here and update the “Last Updated” date at the top of this Privacy Policy. However, if we make material changes to this Privacy Policy, we will notify you by means of a prominent notice on the Website prior to the change becoming effective. Please review this Privacy Policy periodically for updates.