LEGAL & COMPLIANCE

Enterprise Privacy Policy

Macojal operates under a principle of robust data protection, strict Zero-Trust compliance, and absolute transparency. This document details how we collect, process, and secure your enterprise data according to strict global frameworks including GDPR and CCPA.

Last Updated: March 15, 2024

1. Introduction and Scope

This Privacy Policy ("Policy") explains how MACOJAL ("Company," "we," "us," or "our") collects, uses, discloses, and protects the personal and enterprise data of our customers, partners, and website visitors (collectively, "you" or "users").

This Policy applies to our website (macojal.com), the Macojal Enterprise FUSE Framework, the Coco Farm AI platform, and any related applications, services, or APIs (collectively, the "Services"). By accessing or using our Services, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Policy and our Master Service Agreement (MSA).

2. Data We Collect

Due to the nature of our Zero-Trust infrastructure services, we gather data to fundamentally operate, secure, and improve our ecosystem. We collect the following categories of data:

A. Information You Provide Directly

  • Account Data: Names, enterprise email addresses, phone numbers, job titles, and organizational affiliations.
  • Commercial Data: Billing details, payment processing information, and transaction histories (processed securely via PCI-DSS compliant third parties).
  • Support Data: Information provided through contact forms, technical support tickets, or architectural consultations.

B. Information Collected Automatically

  • Telemetry & Usage Data: API call volumes, inference metrics, latency logs, and interaction tracking within the Macojal dashboard to optimize load balancing.
  • Device & Network Data: IP addresses, browser types, operating systems, and network routing metadata utilized specifically for threat detection and DDoS mitigation.
  • Cookies & Tracking: Please refer to our detailed Cookie Policy for extensive information on our use of local storage and tracking mechanisms.

3. Legal Bases and Purposes for Processing

In compliance with the General Data Protection Regulation (GDPR), we process your data strictly under the following legal bases:

  • Contractual Necessity: To fulfill our Master Service Agreement, provision infrastructure, and provide technical support.
  • Legitimate Interests: To secure our network, detect fraud, analyze system telemetry for performance enhancements, and develop subsequent versions of the FUSE framework.
  • Consent: Where required by law, we rely on your explicit consent to send marketing communications or utilize non-essential tracking technologies.
  • Legal Obligations: To comply with applicable laws, court orders, or requests from regulatory authorities.

4. Sub-Processors and Data Sharing

Macojal operates as a B2B SaaS platform. We do not sell your personal data. We may share your data strictly with vetted third-party service providers ("Sub-Processors") necessary for the operation of our infrastructure.

All Sub-Processors are bound by strict Data Processing Agreements (DPAs) that guarantee they adhere to security standards equivalent to or exceeding ours. Categories of Sub-Processors include:

  • Cloud Infrastructure Providers (e.g., AWS, GCP)
  • Payment Gateway Providers
  • Telemetry and Application Performance Monitoring (APM) services
  • Customer Relationship Management (CRM) and support ticket software

5. Data Security & Retention

We implement enterprise-grade security methodologies designed to thwart unauthorized access, alteration, disclosure, or destruction of data. These measures include AES-256 encryption at rest, TLS 1.3 encryption in transit, strict RBAC (Role-Based Access Control), and continuous automated vulnerability scanning.

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, to provide our Services, resolve disputes, establish legal defenses, conduct necessary audits, and enforce our agreements.

6. Global Privacy Rights (GDPR & CCPA)

Depending on your jurisdiction, you possess specific rights regarding your personal data:

  • Right to Knowledge & Access: You may request a verified copy of the specific pieces of personal data we have collected about you.
  • Right to Rectification: You may request corrections to inaccurate or incomplete data stored in our systems.
  • Right to Erasure ("Right to be Forgotten"): You may request the deletion of your personal data, subject to certain exceptions prescribed by law.
  • Right to Restrict or Object: You may object to our processing of your data, particularly for direct marketing purposes.
  • Right to Data Portability: You may request to receive your data in a structured, commonly used, machine-readable format.

Exercising Your Rights:

To exercise any of these rights, please contact our Data Protection Officer (DPO) at Macojal.ai.2025@gmail.com. We will respond to verified requests within 30 days.

7. Contact Information

If you have any questions, concerns, or technical inquiries regarding this Privacy Policy or our data processing architecture, please contact our compliance team: