MOJO Creative Digital Privacy Policy
Last Updated: 01/12/2023MOJO Web Solutions, LLC (“MOJO”) is committed to respecting your privacy. Please read the following policy to understand how your personal information will be treated. This policy may change from time to time so please check back periodically. This policy will let you know the following:
-
What personally identifiable information is collected from me?
-
What are cookies and how they are used by MOJO?
-
How is my information used?
-
Who is collecting my information?
-
With Whom Does MOJO Share My Information?
-
How can I access, update or delete my information?
-
What does “opt-in” mean?
-
What else should I know about my privacy?
-
Other legal notices.
1. What Personally Identifiable Information Is Collected From Me?
On some of MOJO web pages you can make requests and/or receive materials. The types of personal information collected at these pages are your name, e-mail address, and standard contact information, including addresses and phone numbers.
We may also ask you to voluntarily provide us with information regarding your personal or professional interests, demographics, experience with the services we provide and contact preferences. Wherever MOJO collects personal information, we make an effort to include a link to this Privacy Policy on that page.
2. What Are Cookies And How Are They Used By MOJO?
MOJO may place Internet cookies on your hard drive. Internet cookies are small files that may be placed on your hard disk for record-keeping purposes. Cookies are used to (a) remind us of who you are in order to deliver you better service; (b) estimate our audience size by determining repeat usage of the web site to help target advertisements based on user interests and behavior; (c) track your progress and entries in promotions, sweepstakes, and contests, if any; and (d) measure certain traffic patterns for use as a research tool to understand how our users’ habits are similar or different from one another. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether or not to accept it. If you do not accept cookies, some web pages may not display properly or you may not be permitted to access certain information.
MOJO may also collect IP addresses (the Internet address of a computer) to track a user’s session while the user remains anonymous. We analyze this data for certain trends in statistics, such as which parts of our site users are visiting, and how long they spend there. In general, we do not link your IP addresses to anything personally identifiable to you.
3. How Is My Information Used?
MOJO will not sell, rent, or lease your personally identifiable information to others without your consent. The information you provide will be used to support your customer relationship with MOJO. Your information may be shared with agents, contractors, or business partners for the purpose of performing services for MOJO.
We want to help you quickly find information on MOJO and alert you to specific offers, updated information, and other new products and services from MOJO. Accordingly, we, if you agree, may send you direct mailings or contact you by telephone about our various products and services or other products and services we feel may be of interest to you. If you want to receive such mailings, simply “opt-in” by contacting [email protected].
Notwithstanding, MOJO does research on our users’ demographics, interests, and behavior based on the information provided to us during your use of the MOJO web site. This research is compiled and analyzed on an aggregated basis. Aggregated data does not include personally identifiable information. MOJO may share this aggregated data with others.
4. Who Is Collecting My Information?
When you are on an MOJO site and are asked for personal information, you are sharing that information with MOJO alone, unless specifically stated otherwise. If data is being collected and/or maintained by any company other than MOJO or an agent for MOJO, you will be notified prior to the time of the data collection or transfer. If you want your data to be shared, you can choose to allow the transfer by “opting-in” to use that particular service or purchase those particular goods.
Please be aware that MOJO advertisers or web sites that have links on our site may collect personally identifiable information about you. The information practices of those web sites linked to MOJO either through advertisements or other hyperlinks are not covered by this privacy statement.
5. With Whom Does MOJO Share My Information?
We may share the personal data you provide with other MOJO agents, contractors, or our business partners for the purposes of performing services for MOJO. MOJO also may share aggregated data with others. Aggregated data does not include personally identifiable information. We also believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of the Terms of Access, or as otherwise required by mojo. Except as provided above or in the event of a merger, consolidation, or sale of all or substantially all of MOJO’s assets, we will not share any of your information with any third party without your permission.
6. How Do I Access, Update, Or Delete My Information?
You can request the individual information that MOJO has collected about you, correct factual inaccuracies in your information, remove personal information from MOJO’s data bases and/or update your personal information at by contacting [email protected].
7. What Does “Opt-In” Mean?
To “opt-in” means that you have notified MOJO that we have permission to use your information for sharing company updates, industry updates, new services, existing/new/future customer service related updates or outages, and general messages MOJO elects to share. Of course, when we send you information on a new product for which you have “opted-in,” you will be given the opportunity to “opt-out” of receiving such information in the future.
8. What Else Should I Know About My Privacy?
Third-party Internet sites and services accessible through MOJO have separate privacy and data-collection practices, independent of us. MOJO has no responsibility or liability for these independent policies or actions. Please be careful and responsible online. If you post personal information online that is accessible to the public, you may receive unsolicited messages from other parties in return. While we strive to protect your information, MOJO cannot ensure or warrant the security of any information through the transmission process and you do so at your own risk.
9. Other Legal Notices.
Any dispute over privacy is subject to this privacy policy, including limitations on damages and application of the mojo of the State of Maryland. If you have any concern about your privacy in connection with this policy, please send us a thorough description to [email protected], and we will try to resolve it. We may post a revised privacy policy on our site. Please note that the use of information that we gather is subject to the privacy notice in effect at the time of use. You should check our web site frequently to see recent changes.
10. Organizational Security
We have an Information Security Program in place that is communicated throughout the organization. Our Information Security Program follows the criteria set forth by the SOC 2 Framework. SOC 2 is a widely known information security auditing procedure created by the American Institute of Certified Public Accountants.
Third-Party Audits
Our organization undergoes independent third-party assessments to test our security and compliance controls.
Roles and Responsibilities
Roles and responsibilities related to our Information Security Program and the protection of our customer’s data are well defined and documented. Our team members are required to review and accept all of the security policies.
Security Awareness Training
Our team members are required to go through employee security awareness training covering industry standard practices and information security topics such as phishing and password management.
Confidentiality
All team members are required to sign and adhere to an industry standard confidentiality agreement prior to their first day of work.
Background Checks
We perform background checks on all new team members in accordance with local laws.
11. Cloud Security
All of our services are hosted with Amazon Web Services (AWS). They employ a robust security program with multiple certifications. For more information on our provider’s security processes, please visit [AWS Security | GCP Security | Heroku Security | Azure Security].
Data Hosting Security
All of our data is hosted on Amazon Web Services (AWS). These databases are all located in the [United States]. Please reference the above vendor specific documentation linked above for more information.
Encryption at Rest
All databases are encrypted at rest.
Encryption in Transit
Our applications encrypt in transit with TLS/SSL only.
Vulnerability Scanning
We perform vulnerability scanning and actively monitor for threats.
Logging and Monitoring
We actively monitor and log various cloud services.
Business Continuity and Disaster Recovery
We use our data hosting provider’s backup services to reduce any risk of data loss in the event of a hardware failure. We utilize monitoring services to alert the team in the event of any failures affecting users.
Incident Response
We have a process for handling information security events which includes escalation procedures, rapid mitigation and communication.
12. Access Security and Vendor Risk Management
Access to cloud infrastructure and other sensitive tools are limited to authorized employees who require it for their role. Where available we have Single Sign-on (SSO), 2-factor authentication (2FA) and strong password policies to ensure access to cloud services are protected.
Least Privilege Access Control
We follow the principle of least privilege with respect to identity and access management.
Quarterly Access Reviews
We perform quarterly access reviews of all team members with access to sensitive systems.
Password Requirements
All team members are required to adhere to a minimum set of password requirements and complexity for access.
Password Managers
All company issued laptops utilize a password manager for team members to manage passwords and maintain password complexity.
Annual Risk Assessments
We undergo at least annual risk assessments to identify any potential threats, including considerations for fraud.
Vendor Risk Management
Vendor risk is determined and the appropriate vendor reviews are performed prior to authorizing a new vendor.
