EU and China Privacy Policy

Updated October 13, 2022

MacroSource EU, China, and South Africa Privacy Policy

This EU, China, and South Africa Privacy Policy (“this Policy”) applies to you if you reside in the European Economic Area or where EU data protection law, in particular the EU General Data Protection Regulation 2016/679, otherwise so provides. This Policy also applies to you if you reside in a territory of China or if your personal information is processed in South Africa.

Please note that unless you fall into the scope of this Policy and have the rights set out therein, your personal data will be processed exclusively in accordance with our International Privacy Policy, available at International Privacy Policy.

Introduction and Scope

This website is operated by MacroSource, LLC, registered at 5 Skidway Village Walk, Suite 201, Savannah, GA 31411 “Company”, “our“, “us” or “we”).

In particular circumstances indicated below, Company is not solely but jointly responsible with other Company affiliates and subsidiaries (“Company Group”), for the lawfulness of the processing of your personal data. Some of the Company Group entities also operate public websites, and in this Privacy Policy, any references to “Site” generally means the website www.MacroSource.com, and other Company Group-owned and/or operated websites, mobile sites or mobile applications and our practices for collecting, using, maintaining, protecting and disclosing that information.

Company and the Company Group companies respect your privacy and are committed to protecting it through our compliance with this Policy.

This Policy applies to information we collect:

  • On our Site.

  • In e-mail, text and other electronic messages between you and Company that are related to the services that Company is providing you.

  • Through mobile and desktop applications you download from our Site or from applications marketplaces.

Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it.

Children Under the Age of 16

Our Site is not intended for children under 16 years of age. No one under age 16 may provide any personal information to or on the Site. We do not knowingly collect personal information from children under 16. If you are under 16 do not use or provide any information on our Site or on or through any of its features or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or username you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at privacy@macrosource.com.

Personal Data We Process About You and How We Collect It

We process several categories of personal data from and about users of our Site that you provide to us, including name, postal address, e-mail address, telephone number, customer identification number or any other identifier by which you may be contacted online or offline.

If you contact us, we collect records and copies of your correspondence (including e-mail addresses).

We collect details of transactions you carry out through our Site, such as balances, contracts and tickets-related data.

We, by ourselves or through third parties such as search engine optimization services, pay-per-click services, hosting services, social media services and web mastering services, also collect your personal data automatically as you navigate through the Site, such as your location, mobile device type and version, operating system and version, sequence of pages viewed and data about your Internet connection, the equipment you use to access our Site and usage details and other usage details, Internet Protocol (“IP”) addresses and other information collected through cookies, web beacons and other tracking technologies.

We also collect personal data that you provide by filling in forms on our Site. This includes information provided at the time of registering to use our Site, subscribing to our service, posting material or requesting further services and any data provided to us when you report a problem with our Site.

Personal Data We Collect

Company collects personal data from other Company Group companies. For example, Company collects information regarding general inquiries made vis-à-vis other Company Group companies but which are appropriate to be handled by Company.  In this circumstance, the two Company Group companies involved act as joint controllers.  Additionally, as discussed below, Company and other Company Group entities share personal data among themselves, for the purposes defined in the section on Purposes and Legal Bases of Processing Your Personal Data.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Site, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns.  This information is used for analytical purposes and to help us provide more relevant services to users.  We may also use this information to administer and troubleshoot the Site.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Site.

  • Flash Cookies. Certain features of our Site may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from and on our Site. Flash cookies are not managed by the same browser settings as are used for browser cookies.

  • Web Beacons. Pages of our Site and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit Company, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

We may tie also the aforementioned information to personal data about you that we collect from other sources or you provide to us.

Purposes and Legal Bases of Processing Your Personal Data

We process personal data for the purposes set out below. For each purpose, the legal basis of the processing is specified, in accordance with Articles 6 and 9 of the General Data Protection Regulations (“GDPR”), as the case may be, Article 13 of the Personal Information Protection Law (“PIPL”), and Chapter 3 of the Protection of Personal Information Act (“POPIA”).  Where applicable, we will point out, prior to or at the time of the data collection, if the provision of the personal data is a statutory or contractual requirement and whether you are obliged to provide the personal data and the possible consequences of failure to provide such data.

We process personal data that we collect about you or that you provide to us, including any personal information for the following purposes:

  • To present our Site and its contents to you according to your selections and preferences.

  • To provide you with information, products or services we offer or provide through the Site that you request from us.

  • To carry out our obligations and enforce our rights such as for billing and collection purposes.

  • To notify you about changes to our Site.

  • To carry out processing of personal data to ensure network and information security and to provide technical support within the Company Group.

  • To track any quality and service issues and defend and protect our interests in case of a dispute or legal claim.

In the event that you refuse to provide certain categories of personal data to us, our purposes for the collection of such data may be hindered. In some cases, our capability to provide our goods and/or services to you may be hindered.

Our processing of the data we collect from you is justified on one or more of the following Legal Bases, as provided for in the applicable data law of your jurisdiction:

  • Your consent.

  • Our legitimate interests as specified below.

  • To protect your vital or legitimate interest.

  • The necessity to perform a contract to which you are a party or in order to take steps at your request prior to entering into a contract.

  • The necessity to comply with a legal obligation to which we are subject.

  • The necessity to establish, exercise or defend legal claims.

  • The necessity to process for reasons of substantial public interest, on the basis of EU, EU Member State law, Chinese law, Chinese regulation, South African law, South African regulation, or any other operative law, rule, or regulation.

Retention of your Personal Data

We keep your personal data that we obtain about you through this Site for no longer than is reasonably necessary for the purpose(s) for which they were collected.  In certain cases, personal data may be kept for an extended period of time in order to comply with legal obligations, or for the establishment, exercise or defense of a legal claim, in accordance with the applicable data protection laws.

Disclosure of Your Personal Data

We may disclose aggregated anonymized/de-identified information about our users that does not identify any individual, without restriction.

We may disclose the personal data that we collect or you provide as described in this Policy.

Intra-Group

We share your personal data with other Company Group companies and departments (including Marketing, IT, Compliance, Finance, and Legal), for all the purposes specified in the section on Purposes and Legal Bases of Processing Your Personal Data. Company Group companies that may receive your personal data are: MicroSource, LLC and Marubeni America Corporation.

Third Parties

We share your personal data with our customers as well as our service providers who perform services on our behalf for the purposes described in the section on Purposes and Legal Bases of Processing Your Personal Data. In particular, we share personal data with providers of marketing services, hosting services and IT support. The service providers are bound by law and/or contract to protect the confidentiality and security of personal data and to only use personal data to provide requested services to Company in accordance with applicable law.

We will disclose personal data to lawyers or professional advisors, courts, tribunals, opposing or other related parties to the proceedings and their professional advisors where needed to defend or enforce our rights and protect our property, assets or safety of others.

We will disclose your data to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Company’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by Company about our Site users is among the assets transferred.

We will also disclose personal data to comply with any court, tribunal or law enforcement agency order or subpoena, law or legal process, including to respond to any government or regulatory request.

International Transfer of Your Personal Data

Given that Company Group companies are located and provide services all over the world, we need to transfer your personal data internationally.  In particular, personal data collected by us may be transferred to and processed in countries outside the European Economic Area ("EEA"), Chinese territories, and South African territory. Those destination countries may not have the same level of protection for personal data as in the EEA, applicable Chinese territory, or South African territory.

Transfers of personal data outside the EEA will take place as follows:

Certain third countries have been officially recognized by the European Commission as providing an adequate level of protection (see here). Transfers to third parties located in other third countries outside the EEA take place using an acceptable data transfer mechanism, such as the EU standard contractual clauses for data transfers (see here), Binding Corporate Rules (see here), approved Codes of Conduct and certifications, or in exceptional circumstances on the basis of permissible statutory exceptions.

Please write to privacy@macrosource.com if you want to receive further information or, where available, a copy of the relevant data transfer mechanism(s).

Transfers of personal data outside Chinese jurisdiction will take place as follows:

Transfers of personal data to foreign receiving entities will be conducted with necessary measures to reach the standard of personal information protection provided in the PIPL, using an acceptable data transfer mechanism, such as the standard contracts published by the Cyberspace Administration of China, acquiring Cyberspace Administration certification, approved statutory or regulatory mechanisms, or in exceptional circumstances on the basis of permissible statutory and regulatory exceptions.

Please write to privacy@macrosource.com , if you want to receive further information or, where available, a copy of the relevant data transfer mechanism(s).

Transfers of personal information outside of South African territory will take place as follows:

Transfers of personal information to foreign receiving entities will be conducted with measures to provide an adequate level of protection, either through law, binding corporate rules, or a binding agreement. Additionally, international transfers may be conducted where you provide consent, the transfer is necessary for the performance of a contract between you and us, the transfer is necessary for the conclusion or performance of a contract in your interest, or, in certain situations, where the transfer is for your benefit. Please write to privacy@macrosource.com , if you want to receive further information or, where available, a copy of the relevant data transfer mechanism(s).

Intra-Group

International transfers outside the EU, Chinese territories, and South African territory are primarily to Company Group companies in the United States.

Third Parties

Some of the third parties with whom we share personal data are also located outside the EEA, Chinese territories, and South African territory. 

Changes to This Policy

This Policy may change from time to time, but we will not reduce your rights as provided under applicable law.  It is our policy to post any changes we make to this Policy on this page. The date this Policy was last revised is identified at the top of the page.

Your Rights With Respect to your Personal Data

The following rights apply to you only if you are visiting our website from the EU, if you are visiting our website from where applicable EU data protection laws so provide, if you are visiting our website from a Chinese territory, or if your personal information is being processed in South African territory.

In instances where Company Group entities act as joint controllers, you can exercise these rights in respect of and against each of them (for a list of Company Group companies, see the section on Disclosure of Your Personal Data above). Company Group entities that act as joint controllers have entered into an arrangement, reflecting their respective roles and relationships. Please see the section on Contact Information on how to exercise the below rights or if you want to know more about this contractual arrangement. 

Access

You have the right to obtain from us confirmation if your personal data are being processed, relevant information about such processing as provided by applicable data protection laws, and a copy of the personal data undergoing processing.

Rectification

You have the right to obtain from us the rectification of inaccurate personal data concerning you and to have incomplete personal data completed.

Objection

You have the right to object to the processing of your personal data on grounds relating to your particular situation.

You can also object at any time to the processing of your personal data for marketing purposes. (Please note that even if you object to your use of personal data for direct marketing purposes, we will still send you transactional messages in relation to services that you have purchased from us. These include responses to your questions and information about a service you have purchased from us.)  

Portability

You have the right to receive the personal data concerning you which you have provided to the controller in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller.

Restriction

You may request to restrict the processing of your personal data.

Erasure

You may request to erase (delete) your personal data.

Right to lodge a complaint

You also have the right to lodge a complaint with the relevant supervisory authority of your jurisdiction, place of employment, or the location where the issue that is the subject of the complaint occurred.    

If you are a Chinese resident, you also have the right to bring suit against any processing entities that refuse to recognize your other rights provided under PIPL.

Right to not be subject to automated decision making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.

Right to refuse or withdraw consent

You are free to refuse to give consent and you can withdraw (with effect for the future) your previously provided consent to the processing at any time without any adverse negative consequences. The lawfulness of any processing of your personal data that occurred prior to the withdrawal of your consent will not be affected.

Customer Preferences and Opt-Out Choices

We may also use your information to contact you about our services that may be of interest to you. If you do not want us to use your information in this way, you can provide notice to Company as follows:

  • To opt-out of receiving promotional or marketing emails from Company at a specific email address, use the unsubscribe link in the footer of any email sent by Company or contact us by email at privacy@macrosource.com or by mail at the address listed in the Contact Information section below.

Note: It may take up to 10 business days to process your request.

To opt-out of mobile marketing for a specific mobile number, you may:

  • Reply STOP on your mobile phone/wireless device. You will receive a confirmation text that you have been opted out.

  • Note: Please allow 10 business days after contacting us to process your request.

Contact Information

To ask questions or comment about this Policy, our privacy practices, Your Rights With Respect to your Personal Data, the roles and responsibility of any of the Company Group companies where they act as joint controllers, or to submit a complaint, please contact us at the following address or by e-mail at privacy@macrosource.com.