Privacy & Security Policy
MAPA Translations, Inc. (“MAPA Translations”, “MAPA”, “Company,” “We,” or “Us”) respects your privacy and is committed to protecting it. This Privacy and Security Policy (“Privacy Policy”) explains what information we collect through our website mapatranslation.com (the “Website”), how we use and share that information, and the rights and choices you have. It also describes our security practices to safeguard your data. By using the Website (including any content, functionality, or services offered on or through it), or by clicking to accept or agree to our terms when prompted, you acknowledge that you have read and agree to this Privacy Policy. If you do not agree, please discontinue use of the Website. This Policy applies to information collected through the Website and through electronic communications between you and the Company (e.g. email, text, and other online messages).
Children’s Privacy
MAPA Translations, Inc. is committed to protecting the privacy of children and ensuring compliance with applicable privacy laws. Our website and services are not intended for children under the age of 13, and we do not knowingly collect, use, or disclose any personal information from individuals in this age group. If you are under 13 years old, you should not use this website, submit any personal information, or attempt to register for our services. This includes providing your name, address, phone number, or email address, submitting forms or inquiries, registering for an account, or engaging with any of our interactive features.
If we become aware that we have collected personal information from a child under the age of 13 without verified parental consent, we will take immediate steps to delete such information from our records. If you believe that we may have inadvertently collected personal information from a child under 13, please contact us at [email protected] so we can promptly address the matter.
For minors aged 13 to 16, certain U.S. state privacy laws, including the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provide additional protections and rights regarding their personal information. These rights may include the ability to request the deletion of personal information they have provided or the removal of any content they have shared on our website. If you are between 13 and 16 years old and wish to request the removal of personal information or content, please contact us at [email protected] with details of your request. We will make reasonable efforts to comply with such requests in accordance with applicable legal requirements. However, in some cases, deletion may not be possible due to legal retention obligations or technical limitations.
Parents and legal guardians have the right to review, request access to, or delete personal information collected from their children. If you are a parent or guardian and believe that your child under the age of 13 has provided personal information to us without your consent, you may contact us to request access to this information, ask for its deletion, or withdraw any inadvertent consent. To exercise these rights, please email us at [email protected] with the subject line “Children’s Privacy Request” and provide sufficient details to verify your identity and your relationship to the child.
Information We Collect About You
We collect information from and about users of our Website in a few different ways: (1) information you provide to us directly, and (2) information collected automatically as you interact with our Website (including through cookies and other tracking technologies). We may combine information collected through these methods.
Information You Provide to Us: You may voluntarily provide certain personal information to us when using our Website. This can include:
Contact and Identity Data: such as your name, email address, phone number, mailing address, and other identifiers you provide by filling out forms on our site or contacting us. For example, you provide this information when you submit inquiries, register an account, comment on posts, or request services.
Account Credentials: if account registration is offered, we collect usernames, passwords, and other security information for authentication.
Order and Payment Information: if you purchase services or products, we (or our payment processor) collect details necessary to process the transaction, such as billing address and payment card information. (Note: We do not store full credit card numbers ourselves; payments may be handled by third-party payment processors compliant with relevant security standards.)
Content You Submit: any content you choose to upload or transmit through the Website, such as text, images, documents, or other materials. For example, if you submit documents via a service request form for translation, those documents may contain personal data. We will handle such content in line with this Policy and the purpose for which you provided it.
Communications: records and copies of your correspondence with us. If you contact us by email or via a contact form, we may keep your message, contact information, and our response. This includes any feedback, inquiries, or other information you send to us.
We will not ask you to provide any personal information that is not reasonably necessary for your use of the Website or our services. Providing personal information is always your choice, but certain features (e.g. making a purchase or requesting a service) may require it. If you refuse to provide required information, you may not be able to utilize those features.
Information Collected Automatically: When you visit or interact with our Website, we (and authorized third parties) use automatic data collection technologies to gather certain information about your device, browsing actions, and usage patterns. This may include:
Usage Details: details of your visits to our Website, such as pages or content viewed, links clicked, the date and time of access, time spent on pages, referring and exit pages, and navigation paths.
Device and Network Information: information about your computer or mobile device and internet connection, including your IP address, browser type, device type/model, operating system, network identifiers, and Internet service provider. We may also estimate your geolocation (e.g. city or region) from your IP address or device settings.
Cookies and Similar Technologies: As is common on websites, we use cookies, web beacons, pixels, and other tracking technologies to collect data automatically. These technologies are described in more detail in the Cookies and Tracking Technologies section below.
This automatically collected data may be statistical data that does not directly identify you, but if we associate it with your personal information, we treat it as personal information as well. For example, we may tie your IP address or Website usage to the account information you provided, in order to remember your preferences or personalize your experience.
Cookies and Tracking Technologies
Cookies are small text files placed on your browser or device when you visit a website. We and our third-party partners use cookies to make our Website function properly, to improve your experience, and to collect information about how you use our site. For instance, cookies help us to:
Essential Functions: Enable core site functionality such as user authentication, security, and network management. These cookies are necessary for the Website to operate and cannot be switched off in our systems.
Preferences: Remember choices you make (e.g. language or region, login state) to provide a more personalized experience.
Analytics: Collect information about site traffic and interactions (pages viewed, time spent, referring URLs) so we can measure and improve the Website. For example, we use cookies to recognize repeat visitors and see which pages are popular.
Advertising & Marketing: Deliver relevant content and advertisements by tracking browsing habits and showing you targeted content based on your interests. Advertising or targeting cookies record your online activities to help us tailor ads that you see, both on our Website and elsewhere.
Some cookies are session cookies that disappear when you close your browser, while others are persistent cookies that remain on your device for a set period or until deleted. We may also use pixel tags/web beacons, which are tiny invisible images or code snippets, in emails or on our site. These pixels allow us to track actions like whether an email was opened or whether a user clicked a particular link on our Website. This information helps us measure the effectiveness of our communications and marketing campaigns. You have the ability to control or disable cookies by adjusting your browser settings. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline some or all cookies or to alert you when cookies are being sent. Note: If you disable or refuse cookies, some parts of our Website may become inaccessible or not function properly. For instance, you might not be able to use certain features that rely on cookies. For more information about managing cookies, consult your browser’s help documentation.
Third-Party Use of Cookies
We use third-party services to better understand our Website’s traffic and to support our advertising efforts. These third parties may use their own cookies or similar tracking technologies on our site. Below are the primary types of third-party services we use and how your information may be collected and used by them:
Analytics Services: We use analytics tools such as Google Analytics to collect information about the use of our Website. Google Analytics uses cookies and similar technologies to gather data about our site visitors (e.g. pages visited, time spent, browser, referring site, and other usage data). This information helps us analyze how users use the site, compile reports on Website activity, and improve our Website. Google may also use the data collected from our site for its own purposes, such as improving its analytics products and benchmarking. Google Analytics’ cookies may track you over time and across third-party websites. For more details on how Google collects and processes data, we encourage you to review Google’s policies on “How Google uses data when you use our partners’ sites or apps.” If you wish to opt-out of Google Analytics, Google provides an opt-out browser add-on you can install (see the Google Analytics Opt-out page) or you can adjust your browser settings to block cookies. Please note that disabling analytics cookies may reduce our ability to understand how our site is being used, but you will still be able to use the Website normally.
Advertising Partners: We may partner with third-party advertising networks (such as Google AdSense or similar ad networks) to display ads on our Website or to manage our advertising on other sites. Third-party vendors, including Google, use cookies to serve ads based on your past visits to our Website and other websites. These cookies allow ad networks to recognize your device and compile information about your interactions across multiple sites, so that they can display ads that are more relevant to you (interest-based advertising or behavioral advertising). For example, if we use Google AdSense on our site, Google may use a cookie (such as the DoubleClick cookie) to enable it and its partners to serve ads to you based on your visit to our site and other sites on the Internet. We also may utilize Google Ads (AdWords) Remarketing to advertise our services on third-party websites. Google (and other third-party vendors we may use) can show our ads on sites across the Internet based on cookies that indicate you previously visited our site. These cookies do not identify you personally but rely on device identifiers. They allow us to reach people who have shown interest in our Website.
Opting Out of Personalized Ads: You have choices to control personalized advertising. You can opt out of Google’s use of advertising cookies by visiting the Google Ads Settings page to adjust your ad preferences. In addition, you can opt out of many third-party vendors’ use of cookies for personalized ads by visiting the Network Advertising Initiative’s opt-out page or the Digital Advertising Alliance’s Consumer Choice page. Please note that even if you opt out of personalized ads, you may still see advertisements – they just will not be tailored to your interests.
We do not control third-party cookies or tracking technologies. Their use is governed by the privacy policies of the third parties who deploy them. If you have any questions about an advertisement or tracking activity on our site, you should refer to the privacy policy of the relevant third party (such as Google) for more information.
Some web browsers offer a “Do Not Track” (DNT) setting that signals to websites that you do not want to be tracked across different sites. Currently, we do not respond to Do Not Track signals sent by browsers. This is because there is not yet an industry-wide uniform standard for recognizing or honoring DNT signals, and our Website’s third-party service providers (like analytics and ad partners) may not respond to those signals. We continue to monitor developments around DNT browser technology and, if a uniform standard is adopted in the future, we will update our practices and this Policy accordingly. Regardless, we only collect and use your information as described in this Privacy Policy.
How We Use Your Information
We use the personal information we collect for a variety of business and commercial purposes (in accordance with the allowed legal bases under applicable law). The purposes for which we process your information include:
Providing and Improving Services: To present our Website and its contents to you, to provide you with information, products, or services that you request from us, and to process transactions. For example, we use your information to fulfill orders, deliver translation services, respond to service requests, and carry out any other obligations arising from any contracts entered into between you and us. We also use data to understand how our customers use our services so we can improve the user experience and develop new features.
Communications: To communicate with you about your account or transactions, respond to your inquiries, and provide customer support. This includes sending service-related emails (e.g. confirmations, invoices, technical notices, updates, security alerts) and responding to communications you send us. If you contact us for support or with a question, we will use your contact information to respond.
Marketing and Promotional Offers: To send you newsletters, marketing emails, or other content about our services, new products, or special offers, in accordance with your communication preferences. For example, we might inform you about new language services or promotions that may interest you. If you sign up for a webinar, download free resources, or purchase a product, we may add you to our email list to receive educational content or offers, but you can opt-out at any time (see Email Communications below). We do not sell or rent our email subscriber list to unaffiliated third parties.
Personalization: To personalize your experience on our Website. We may use information about your interactions and preferences to tailor the content and resources that we present to you. This can include customizing web pages, remembering your preferences, and showing you content (including ads) that is more relevant to your interests.
Advertising: To serve and measure targeted advertisements on our Website or third-party sites (via ad networks and social media platforms). We may use information about you to display ads that align with your professional or personal interests and to track the effectiveness of our ad campaigns. For instance, data about your visits can help us curate ads or sponsored content that is more likely to be useful to you. (See Third-Party Analytics and Advertising above for more on our advertising uses.)
Security and Fraud Prevention: To protect our business, Website, customers, and others. For example, we may use information to detect, investigate, and prevent fraudulent transactions, spam, abuse, security incidents, and other harmful or unauthorized activities. We use various technological and administrative measures to secure our systems and your data (see Data Security below). We also may use certain data to verify your identity when you exercise your privacy rights or to authenticate users during login.
Legal Compliance and Enforcement: To comply with applicable legal obligations, industry standards, and our own policies. This includes using personal information as required to cooperate with law enforcement, regulators, or court orders (for example, responding to a subpoena). We may use and disclose information to enforce our Terms of Service or other agreements, to detect or investigate illegal activities or violations of our agreements, and to protect our rights and the rights of our users or others.
Contractual and Business Operations: To manage our business operations and perform our obligations. This includes using data to carry out administrative tasks, maintain records, pay vendors, and for other day-to-day business needs. If you are a business client or vendor, we may use your information for contract management, invoicing, or other professional communications.
Other Purposes: We may use your information for any other purpose that we describe when you provide the information, or otherwise with your consent. If we intend to use your personal information for a purpose materially different from the purposes listed in this Policy, we will notify you and, if required by law, obtain your consent.
We will not collect additional categories of personal information or use the information we collected for materially different, unrelated, or incompatible purposes without updating this Privacy Policy and, if required, providing you notice.
Disclosure of Your Information
We do not sell your personal information to third parties for their independent use, and we do not share your personal information with third parties for cross-context behavioral advertising without your consent. However, we may disclose (share) personal information that we collect or you provide as described in this Policy in the following circumstances and to the following categories of parties:
Service Providers and Business Partners: We may share personal information with trusted third parties who perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, customer service, or marketing assistance. These service providers are contractually obligated to keep personal information confidential and to use it only for the purposes of providing the specified services to us. For example, we use third-party platforms to manage project workflows and file storage (like ClickUp or Microsoft SharePoint for handling service request form submissions). These providers store data on our behalf and are bound by security and privacy obligations. We also may share minimal information with third-party partners as needed to offer certain features (for instance, if you register for a webinar co-hosted with a partner, we might share your registration details with that partner with your consent).
Affiliates: We may share information with our subsidiary, parent, or affiliate companies, in which case we will require those entities to honor this Privacy Policy. If MAPA Translations, Inc. ever expands or has related entities, your information may be shared within that corporate family.
Third-Party Promotional Partners (With Your Direction): From time to time, we may run joint promotions or offer products/services in collaboration with carefully selected third-party vendors. If you choose to participate in a promotion or request services that involve a third-party (for example, if we refer you to a partner or you sign up for an offer that we present on behalf of a partner), we may share your personal information with that third party with your knowledge. This could include sharing your name and contact details so that the third party can fulfill the offer or provide the product/service you requested. In such cases, the third party will be contractually required to use your information only for the purposes of the promotion or service and not for other purposes without your consent. (If such sharing of information for a promotional offer is deemed a “sale” under California law, you will have the right to opt out — see Your California Privacy Rights below.)
Business Transfers: If we engage in or contemplate a merger, acquisition, reorganization, asset sale, bankruptcy, or other transaction in which ownership of the Company or the Website may change, your personal information may be disclosed to the successor entity as part of the transaction. We would only transfer your information if the recipients agree to respect your personal information in a manner consistent with our Privacy Policy. You will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
Legal Compliance and Protection: We may disclose personal information to law enforcement, government agencies, courts, or others when we have a good-faith belief that such disclosure is necessary to: comply with a legal obligation or respond to lawful requests or legal process (e.g., a subpoena, court order, or government demand); enforce our terms, agreements or policies; investigate and defend ourselves against any third-party claims or allegations; protect the rights, property, or safety of the Company, our users, or others; or prevent or stop activity we consider to be illegal or unethical. If legally permissible and practicable, we will attempt to notify you of any required disclosure of your information to third parties by legal process.
Other Disclosures with Your Consent: We may share your personal information for other purposes with your explicit consent. In such cases, we will make clear why we want to share the information and with whom, so you can make an informed decision.
Aside from the purposes above, as a general rule, we do not sell, rent, or trade your personal information to third parties for their promotional use. We may share aggregated information that does not identify any individual (such as general user statistics) without restriction. Any third parties with whom we share personal data are limited in their ability to use that information only for the intended purpose and are required to protect it in accordance with this Policy and applicable law.
Email Communication
Marketing & Newsletters
When you provide us with your email address (for example, by signing up on our Website, requesting a download, or making a purchase), you consent to receive marketing emails from us. We may send you newsletters, informative content, or promotional offers about our services. If you are outside the European Union and you request a free resource, register for an event, or purchase a product on our Website, we will automatically subscribe you to our email newsletter (as long as you haven’t opted out). If you are in the European Union, we will only subscribe you to our newsletter if you affirmatively consent to it at the time you provide your email. Each marketing email will contain an unsubscribe link allowing you to opt out at any time. You can also unsubscribe by contacting us at [email protected] with your request. We will promptly remove you from non-transactional communications upon request. We do not sell or share your email address with unaffiliated third parties for their own marketing uses, and we will honor all opt-out requests.
Transactional & Service Emails
We also may send emails that are transactional or service-oriented in nature. These include messages to confirm your transactions (such as purchase receipts), respond to customer service inquiries, notify you of important updates to services you’ve requested, alert you about security or technical issues, or facilitate password resets. Such emails are necessary for us to fulfill our services and for you to effectively use the Website. Because of their nature, these emails generally do not offer an unsubscribe option. If you have an account with us, certain notifications (like account or security alerts) may be managed within your account settings, but essential communications for active customers will still be sent as needed.
Our Email Practices
We are committed to keeping your email address confidential. We maintain the information you send via email in accordance with applicable federal law. In compliance with the U.S. CAN-SPAM Act, all marketing emails from us clearly state the sender’s identity and provide valid contact information. They also include a clear and conspicuous notice of how to opt out of receiving future emails. We take steps to ensure we do not send excessive or unsolicited emails. If you ever receive an email from us that you believe you should not have, please notify us so we can investigate and correct the situation. Please Note: Email is not recognized as a secure medium of communication. We ask that you do not send sensitive personal information to us via email. If you do so, it is at your own risk. For particularly sensitive inquiries, consider contacting us through a secure web form or via phone instead.
Data Security & Data Breach Response
We take reasonable and appropriate measures to protect the security, confidentiality, and integrity of your personal information. We employ a combination of administrative, technical, and physical safeguards designed to guard against unauthorized access, disclosure, or alteration of your data. These measures include:
Encryption: Data you submit through our Website (for example, via contact forms or service request forms) is encrypted in transit using Secure Sockets Layer (SSL/TLS) technology. This means information passed between your browser and our servers is protected from eavesdropping. For sensitive data stored in our systems or in cloud services, we use encryption at rest (e.g., AES-256 encryption) to add an extra layer of protection.
Access Controls: We limit access to personal information to those employees, contractors, and service providers who need to know that information for a legitimate purpose (such as to provide our services or operate the Website). All personnel with such access are subject to confidentiality obligations and background checks as appropriate. We implement account security features like unique user IDs and, where possible, multi-factor authentication (e.g., using authenticator apps) to prevent unauthorized access.
Internal Policies & Training: We maintain rigorous internal policies and procedures for data handling. Staff are trained on data privacy and security best practices during onboarding and through periodic updates. Employees or contractors who fail to adhere to our data protection standards may face disciplinary action or termination. Protecting user privacy is a core company value and a shared responsibility across our team.
Network and System Security: Our website hosting environment and related systems are monitored for vulnerabilities and protected by industry-standard security tools. We use firewall protection, anti-malware software, and intrusion detection systems to guard against external threats. The Company may use software programs to monitor network traffic and identify unauthorized attempts to upload or change information or otherwise cause harm. Regular security assessments, updates, and patches are applied to our software and infrastructure to address potential weaknesses. We also follow best practices such as Service Organization Control (SOC 2) standards to ensure security, availability, and confidentiality of customer data.
Vendor Oversight: When we engage third-party service providers to store or process personal data on our behalf, we conduct due diligence on their security measures. We enter into agreements requiring them to implement appropriate safeguards and to notify us promptly in the event of any data breach or security incident. For example, we ensure critical vendors maintain certifications like SOC 2 or ISO 27001, and we review their audit reports and compliance status regularly.
Despite our efforts, no security measure is 100% perfect. We cannot guarantee that your information will be absolutely secure, as cyber threats and vulnerabilities can evolve. You should also take care with how you handle and disclose your personal information. For instance, avoid sending sensitive information via email (as noted above), and make sure to use strong, unique passwords and secure your own devices. If you have reason to believe that your interaction with us or the Website is no longer secure (for example, if you feel your account has been compromised), please contact us immediately.
In the event of a data breach involving personal information, we have a detailed response plan to address and mitigate the incident. Our steps include:
Investigation and Containment: We will immediately investigate to determine the nature and scope of the breach, including the types of data and individuals affected. We work quickly to contain the breach — for example, by isolating affected systems, shutting down unauthorized access, and patching vulnerabilities — to prevent further unauthorized access. We may engage cybersecurity experts to assist in the forensic investigation and to help remediate the issue.
Notification: If our investigation confirms that personal information was compromised, we will assess our legal notification obligations. We comply with all applicable data breach notification laws, which may include laws of U.S. states (for example, California data breach notification statutes) or other jurisdictions, as well as any industry-specific regulations (such as HIPAA for healthcare data). Where required, we will notify affected individuals and appropriate regulatory authorities (such as state Attorneys General or supervisory agencies) within the timeframes mandated by law. Notifications will outline key information about the breach, including the types of data involved, what we have done to contain the incident, and steps individuals can take to protect themselves from potential harm. We will also provide contact information for further assistance.
Remediation and Prevention: After addressing the immediate incident, we will take steps to prevent a similar event in the future. This may involve enhancing our security protocols, providing additional training to personnel, or upgrading systems. We continually update our incident response procedures based on lessons learned from any security events.
We maintain transparency about security incidents and will endeavor to keep affected users informed throughout the process of handling a breach.
Data Retention
We will retain your personal information only for as long as necessary to fulfill the purposes for which we collected it, including for any legal, accounting, or reporting requirements. In general, this means we keep your information for as long as you have an account with us or as long as needed to provide you with services. Thereafter, we may retain data for a limited period of time if needed for legitimate business interests (for example, maintaining records of a transaction) or to comply with legal obligations (for example, some laws require us to retain transaction records for a certain period). When we no longer have a need to use your personal information, we will either delete it or anonymize it so that it can no longer be associated with you. For example, we may delete unused account information after a defined period, or we may aggregate data in a way that no longer personally identifies users. In some circumstances, if deletion is not feasible (for instance, because the data is stored in backup archives), we will securely store the data and isolate it from further use until deletion is possible. If you request that we delete your personal information (see Your Privacy Rights below), we will do so in accordance with applicable law, keeping only the data we are permitted or required to retain. We periodically review the data we hold and erase or anonymize information that is beyond the retention period we’ve set or that is no longer required.
International Data Transfers
The Company is headquartered in the United States, but we may process or store personal information on servers located in other countries. For example, if you are accessing our Website from outside the U.S., information you provide will be transmitted to and stored on our servers (or those of our service providers) in the United States. Additionally, we sometimes need to share data with trusted contractors or partners in other countries (for instance, a translation contractor located in Europe or Asia) in order to provide our services. Whenever we transfer personal information across national borders, we take steps to ensure appropriate safeguards are in place to protect your privacy. These measures include:
Adequacy and Safeguards: If you are located in the European Economic Area (EEA) or another region with data transfer restrictions, we will rely on approved legal mechanisms to transfer your data. This may involve using European Commission Standard Contractual Clauses (SCCs) in contracts with our service providers and partners. SCCs obligate recipients of the data to protect it according to EU standards. We may also rely on the EU-U.S. Data Privacy Framework (DPF) or similar frameworks, if applicable, which establish that certified U.S. organizations provide adequate protection for personal data transferred from the EU.
Contractual Obligations: We ensure that any international data processors we use are contractually bound to protect your information. Our contracts with such parties include commitments to confidentiality, data security measures, and the requirement to notify us of any data incidents (as mentioned in Vendor Oversight above).
Technical Protections: We use encryption and secure protocols to transfer data internationally, aiming to minimize the risk of unauthorized access during transit. Data stored abroad is subject to the same security measures described in Data Security regardless of location.
Ongoing Compliance: We monitor changes in international data protection laws and will update our practices as needed to remain compliant. If a legal basis for transfer (like the SCCs or DPF) is invalidated or updated, we will promptly assess and implement any required supplementary measures or alternative mechanisms.
By using our Website or providing us with information, you understand that your personal information may be transferred to and processed in countries outside of your own. Those countries may have data protection laws that differ from those of your jurisdiction. However, we will always protect your information as described in this Privacy Policy. If you have questions about our international data transfer practices, please contact us.
Your Privacy Rights and Choices
Depending on your jurisdiction or where you reside, you may have certain rights regarding your personal information. We are committed to honoring applicable data rights and have established processes to enable you to exercise them. The rights available to you may include:
Access and Portability: The right to request access to the personal information we have collected about you and to obtain a copy of this information in a portable format. This allows you to verify the information we have on file and to potentially reuse your data for your own purposes across different services.
Correction (Rectification): The right to request that we correct or update any inaccurate or incomplete personal information we hold about you. We want to ensure we have correct details (such as your contact information), and will rectify mistakes upon verification of the new information.
Deletion (Erasure): The right to request deletion of your personal information, subject to certain exceptions. Upon your verified request, we will delete your personal data from our records, unless retaining it is necessary for us or our service providers to complete a transaction you requested, exercise legal rights, comply with a legal obligation, or other exceptions permitted by law.
Restriction of Processing: The right to request that we limit the processing of your personal information under certain circumstances – for example, if you contest the accuracy of the data or if the processing is unlawful but you oppose erasing it. When processing is restricted, we will still store your information but not use it further until the restriction is lifted (unless for legal claims or other exempt purposes).
Objection to Processing: The right to object to certain processing of your personal information. You have the right to opt out of targeted advertising, “sales” of personal data, or profiling for commercial purposes based on your information, where those activities occur. You also may object to processing that is based on our legitimate interests or for direct marketing. If you make such an objection, we will stop processing the information in question unless we have compelling legitimate grounds or another exemption applies.
Opt-Out of Sale or Sharing of Personal Information: If you are a resident of certain U.S. states (such as California) that give you the right to opt out of the sale of your personal information or the sharing of your personal information for targeted advertising, you may exercise that right at any time. We do not sell personal information for money; however, we may share some data with third parties for advertising or analytics which could be considered a “sale” or “sharing” under some laws. You can request to opt out of such data sharing by contacting us (see Contact Us below) or using the opt-out tools provided (like cookie preferences or the “Do Not Sell or Share My Personal Information” link on our site, if available). Once we process your opt-out request, we will not sell or share your personal information unless you later provide consent allowing us to do so.
Withdraw Consent: If we are processing your personal information based on your consent, you have the right to withdraw your consent at any time. For example, if you consented to receive marketing emails, you can unsubscribe; if you consented to cookies, you can change your cookie settings to revoke that consent. Note that withdrawing consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, and it may not affect processing that is not based on consent (for instance, processing under another lawful basis).
Non-Discrimination: We will not discriminate against you for exercising any of these privacy rights. That means we will not deny you services, charge you a different price, or provide a different quality of service just because you exercised your rights under applicable law. If you have any concerns about potential discrimination or retaliation for exercising privacy rights, please let us know (and also see the Accessibility and Non-Discrimination section below).
Right to Lodge a Complaint: If you believe we have infringed your privacy rights or violated data protection laws, you have the right to lodge a complaint with a supervisory authority or regulatory agency. For example, if you are in the European Union, you can file a complaint with the data protection authority in your country. We would, however, appreciate the chance to address your concerns directly before you do so, and welcome you to contact us with any issues.
These rights are not absolute and may be subject to conditions or limitations under the law. For instance, we may not delete data that we are required to keep for legal reasons, and we may not provide certain information if doing so would infringe on another’s privacy rights or intellectual property, or if your request is manifestly unfounded or excessive. We will inform you if any such limitations apply when responding to your request. Additionally, some of the above rights apply only in certain jurisdictions (for example, the California Consumer Privacy Act (CCPA) grants specific rights to California residents, and the GDPR grants specific rights to individuals in the European Economic Area). We will always ensure you receive the rights applicable under your local law. Below, we outline additional information for California residents and EU residents, which include some of the rights listed above in more detail.
User Rights and Choices
Depending on where you live, particularly if you’re in certain U.S. states or within the European Union, you may possess specific rights related to your personal data. One of these essential rights is the ability to access and correct your personal information. This means you can request to see the data we hold about you and make corrections if you notice any inaccuracies or outdated details. Moreover, you have the right to request the deletion of your personal information. While this right is powerful, it’s important to note that it may be subject to various legal or contractual obligations that we need to comply with before we can proceed with erasure. Additionally, if you find targeted advertisements intrusive, you have the option to opt out. You can easily adjust your preferences in your account settings or reach out to us directly to request that we limit or cease targeted advertising, data sales, or profiling based on your information. We take data retention seriously and ensure that we only keep your personal data for as long as it is necessary to fulfill legal or business requirements. When the time comes for us to dispose of your data, we follow strict measures to protect your privacy. Electronic data is securely deleted using advanced cryptographic methods, while any physical documents are shredded to prevent unauthorized access. Should you wish to exercise any of these rights or have any inquiries regarding your data, please don’t hesitate to contact us via email at [email protected]. We are committed to responding to your requests promptly, typically within 30 days. However, please keep in mind that certain regulations may allow for an extension of up to 45 days in some circumstances.
Privacy Rights for California Residents (CCPA/CPRA)
If you are a California resident, you have specific privacy rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). These rights apply to personal information that identifies, relates to, describes, or could reasonably be linked with you or your household. In accordance with California law, we make the following disclosures and commitments: Categories of Personal Information Collected: In the preceding 12 months, we have collected (from California consumers) the following categories of personal information, as defined by the CCPA:
Identifiers – e.g., name, email address, telephone number, IP address, and other similar identifiers.
Customer Records Information (Cal. Civ. Code §1798.80(e)) – e.g., contact and payment information that you provide to us (some of which may overlap with Identifiers).
Commercial Information – e.g., records of products or services purchased, obtained, or considered, or other purchasing or consuming histories (for instance, if you requested service quotes or purchased translation services).
Internet or Other Electronic Network Activity – e.g., browsing history, search history, information on your interaction with our Website, application, or advertisement (this includes analytics and cookie data as described above).
Geolocation Data – e.g., general location derived from IP address (which gives approximate geographic area).
Professional or Employment-Related Information – e.g., if you are a business client, we might collect your job title, company name, or other business contact information. (We do not collect sensitive employment info like evaluations or HR data — only basic business contact data as needed for services.)
Inferences – e.g., profiles or preferences inferred from your usage of our Website (such as interests or characteristics for marketing).
We do not intentionally collect categories of sensitive personal information such as government-issued identifiers (Social Security numbers, driver’s license numbers), precise geolocation, biometric data, or information about health or sexual orientation through our Website. Any sensitive personal data that might be contained incidentally in documents you submit for translation or in free-text fields is not used by us for profiling or targeted marketing. We use sensitive data only to provide the requested service and to comply with law, and we do not use or disclose sensitive personal information beyond what is necessary to perform the services or as otherwise permitted by California law.
Categories of Sources: We collect the above personal information from the following sources: (a) Directly from you, the user (e.g., information you enter on our Website forms, or provide by email, phone, or other direct communication); (b) Automatically from your devices (through cookies, server logs, and similar technologies when you interact with our Website); and (c) From service providers or partners that facilitate our services (for example, if you make a payment, we might receive confirmation information from our payment processor). We do not buy consumer data from data brokers or third parties for our own marketing. All information is either directly provided by you or collected through your interaction with our site and services.
Business or Commercial Purposes for Collection: We collect and use personal information for the business and commercial purposes described in the How We Use Your Information section of this Policy. Generally, these purposes include providing and improving our services, communicating with you, marketing, personalization, security, and legal compliance. More specifically, within the context of the CCPA we collect and use personal information for the following purposes (which align with the examples in the CCPA’s definition of business purposes):
Performing services on behalf of the business, such as customer service, processing orders and payments, and analytics.
Auditing related to a current interaction (e.g., counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, etc.).
Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible.
Debugging to identify and repair errors that impair existing intended functionality.
Short-term, transient use, including contextual advertisement customization (no profile is built that persists).
Providing advertising and marketing services, aside from any activities that would be deemed a “sale” or “sharing” without appropriate consent.
Internal research for technological development and demonstration.
Activities to verify or maintain the quality or safety of a service or device that is owned or controlled by us and to improve, upgrade, or enhance the service or device.
Where we collect sensitive personal information (as noted, we generally do so only if you provide it directly), we use or disclose sensitive personal information only for the limited purposes permitted under CCPA/CPRA (such as providing the requested services, detecting security incidents/fraud, or other exempt purposes). We do not use sensitive personal information to infer characteristics about consumers.
Disclosure of Personal Information: In the past 12 months, we have disclosed the following categories of personal information for our business or commercial purposes to the following categories of third parties:
Identifiers, Customer Records, Commercial Info – disclosed to our service providers and contractors (e.g., payment processors, IT hosting providers, email service providers, business partners involved in fulfilling services) in order to carry out our services to you. Also, if you engaged in a joint promotion or referral involving a partner (as described earlier), identifiers (like your name and contact info) may be disclosed to that specific third-party partner with your consent.
Internet/Electronic Activity & Geolocation – disclosed to analytics providers (like Google Analytics) and advertising partners to enable the functions of those services on our Website. This helps us understand site usage and deliver relevant ads. We also may disclose such data to IT service providers who operate our Website.
Professional Information – if you are representing a company or organization and engage our services, we might disclose your contact information to our affiliates or subcontractors involved in the service delivery (for example, assigning a project to a contract translator might involve sharing the business client’s contact info for clarification or communications).
Inferences – we may use in-house analysis to derive preferences (not really disclosing to external parties except as part of aggregated insights to our marketing service providers).
We do not disclose personal information to unrelated third parties for their own direct marketing purposes without your consent. We also do not knowingly disclose personal information of individuals under 16 years of age for any commercial purposes.Sale of Personal Information / Sharing for Behavioral Advertising: Under CCPA/CPRA, a “sale” includes disclosing or making available personal information to a third party for monetary or other valuable consideration, and “sharing” includes disclosing personal information to a third party for cross-context behavioral advertising (targeted advertising) regardless of money changing hands. We want to be transparent about these activities:
Sales: We do not sell personal information for money. We have not sold consumers’ personal information in the 12 months preceding the effective date of this Policy.
Sharing: We do engage in online advertising practices that may be considered “sharing” under California law. Specifically, we allow third-party advertising networks (like Google and others) to collect identifiers (like cookies and device IDs) and internet activity information from our site users to show ads that are targeted to your interests. This is a common practice on the internet, but California law gives you the right to opt out of it. Other than such cookie-based data sharing for advertising, we do not share your personal information with unrelated third parties for their own use.
Your California Privacy Rights: If you are a California resident, you have the following rights under CCPA/CPRA:
Right to Know: You have the right to request that we disclose to you (up to twice per 12-month period) the personal information we have collected about you and how we have handled that information. This includes the specific pieces of personal information we have about you, as well as additional details like the categories of personal information collected, categories of sources, purposes for collecting, categories of third parties we disclose it to, and if we sold or shared personal information, the categories of information and third parties involved. (Much of this information is provided in this Policy, but we will provide individualized info upon request.)
Right to Delete: You have the right to request that we delete personal information we have collected from you, subject to certain exceptions. Upon a verified request, we will delete (and instruct our service providers/contractors to delete) your personal information from our records, unless an exception applies (for example, if the information is needed to complete a transaction you requested, to detect security issues, to exercise free speech or legal rights, to comply with a legal obligation, etc.).
Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you. We will take into account the nature of the information and the purposes of processing when addressing your request, and may require documentation if needed to verify the correct information.
Right to Opt Out of Sale/Sharing: You have the right to opt out of the sale of your personal information or the sharing of your personal information for cross-context behavioral advertising. As noted, while we do not sell data for money, we do use third-party advertising cookies that could be considered a “sharing.” You can opt out of this by using the “Do Not Sell or Share My Personal Information” link on our website (if available) or by contacting us with your opt-out request. We will honor opt-out signals as required (including any Global Privacy Control (GPC) signals from your browser if detectable). Once processed, we will not sell or share your data unless you later opt in.
Right to Limit Use of Sensitive Personal Information: This is a new right under CPRA for certain sensitive data. However, we do not use or disclose sensitive personal information for purposes that would trigger this right (we only use sensitive info for necessary services or as permitted by law). Therefore, this right is not applicable to our practices at this time. If that changes, we will update our Policy and provide a mechanism for you to limit such use.
Right of Non-Discrimination: You have the right not to receive discriminatory treatment by us for the exercise of your CCPA rights. We will not deny goods or services, charge different prices, or provide a different level of quality because you exercised any rights. If we offer a financial incentive that requires sharing personal info (for example, a discount program in exchange for certain data), we will present terms and obtain opt-in consent, but you can revoke that consent at any time without penalty. We are committed to fairness and inclusion in compliance with California law.
Exercising Your California Rights: To submit a request to exercise your Access, Deletion, or Correction rights described above, please reach out to us through one of the methods listed in Contact Us below – the most direct way is to email us at [email protected] with the subject line “CCPA Request” or “California Privacy Request.” In your request, please clearly state which right you seek to exercise and provide us with sufficient information to verify your identity. For example, we may ask you to provide identifying details (like the email address associated with your account or recent transaction info) to ensure that we are responding to the correct person. We will only use the information you provide in a request to verify your identity or authority to make the request and to log/track compliance with your request.
Once we receive your request, we will confirm receipt within 10 business days and provide information on how we will process it. We aim to respond to verifiable consumer requests within 30 days. If we need more time (up to a total of 45 days), we will inform you of the reason and extension in writing. If we decline any part of your request due to an exemption, we will explain our reasoning. For deletion requests, we may present you with the choice to delete certain portions of data (if the law allows us to keep some). For correction requests, we will either comply or let you know if we cannot (and why).
You may designate an authorized agent to make a request on your behalf. If you do so, we will need proof that the agent is authorized (such as a written permission from you or a power of attorney) and we will still take steps to verify your identity directly (unless the agent has a power of attorney per California Probate Code).
For opt-out of sale/sharing requests, you (or your agent) may also use the automated mechanisms on our site if available (like a “Do Not Sell or Share” link or GPC signal). We treat user-enabled privacy controls, such as a GPC browser signal, as a valid opt-out request for that browser/device, to the extent required by law.
If you have any questions about your California privacy rights or how to exercise them, you can contact us as provided below. We are committed to honoring your rights and providing you with control over your personal information.
Privacy Rights for European Union/EEA Residents (GDPR)
If you are located in the European Union, European Economic Area, or a jurisdiction with similar laws, you are entitled to certain rights under the EU General Data Protection Regulation (GDPR) or applicable data protection law. We have outlined many of these rights in the Your Privacy Rights and Choices section above. In summary, under the GDPR you have the:
Right of Access: You can request confirmation of whether we are processing your personal data, and if so, request access to that data (including getting a copy). This allows you to know what data we have about you.
Right to Rectification: You can request that we correct any inaccurate personal data about you and complete any incomplete data.
Right to Erasure: You can request that we delete your personal data, and we will do so unless an exemption applies (for example, we may retain data if needed for legal compliance or legitimate interests overriding your rights).
Right to Restrict Processing: You can ask us to limit processing of your personal data under certain conditions (for instance, while a complaint about accuracy or legality of processing is being resolved).
Right to Data Portability: You can request to receive your personal data that you provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit that data to another controller where the processing is based on consent or contract and done by automated means.
Right to Object: You can object to our processing of your personal data when such processing is based on legitimate interests or for direct marketing purposes. If you object to direct marketing, we will cease processing your data for that purpose. If you object on other grounds, we will evaluate whether our legitimate interests in processing override your rights or if we need to retain the data for legal claims. You also have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects on you – unless it is necessary for a contract, authorized by law, or based on your explicit consent (and in any case, with an opportunity for human review). (Note: We generally do not make solely automated decisions with such effects without human involvement – see AI and Automated Decision-Making below.)
Right to Withdraw Consent: If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect processing already carried out but will stop future processing of the data for which consent was used.
Right to Complaint: If you believe we have violated the GDPR or your data protection rights, you have the right to lodge a complaint with your country’s supervisory authority (data protection regulator). For example, if you are in the UK, this would be the Information Commissioner’s Office (ICO); if in France, the CNIL; and so on. We ask that you kindly attempt to resolve any issues with us first by contacting us, but you are free to contact the regulator at any time.
Our legal basis for processing your personal data (under GDPR) typically falls into one or more of the following: consent (e.g., for marketing emails or certain cookie use), performance of a contract (e.g., to provide a requested service), legitimate interests (e.g., improving our services, fraud prevention, direct marketing to existing customers, etc., balanced against your rights), or compliance with a legal obligation. If we ever process special categories of data (sensitive data) about you, it would be with your explicit consent or as otherwise allowed by law. We will be happy to explain the specific legal basis applicable to any particular processing of your data upon request.
To exercise your GDPR rights, please contact us (see Contact Us below) with your request. We may need to verify your identity and the residency tied to your request. We will respond within one month of receiving a valid request, or inform you if we need additional time (an extension of two further months is allowable in certain circumstances). If we cannot fulfill your request in whole or in part, we will explain our reasoning (for example, if it would adversely affect others’ rights or if we need to retain certain data).
We acknowledge that we require only the personal data that is necessary for the purposes outlined in this Policy, and we will not require you to provide consent for any unnecessary processing as a condition of doing business with us. Your trust is important to us, and we are committed to complying with the GDPR and protecting your data rights.
Accessibility and Non-Discrimination
We are committed to making our Website and this Privacy Policy accessible to everyone, including individuals with disabilities. We strive to comply with relevant accessibility standards, such as the Web Content Accessibility Guidelines (WCAG) as well as applicable laws like the U.S. Americans with Disabilities Act (ADA) and Section 508 of the Rehabilitation Act. This means we aim to design our web content so that it is perceivable, operable, understandable, and robust for users with various assistive technologies. If you use a screen reader or other assistive device and find any part of our Website or this Policy difficult to use, please let us know.
Alternative Formats: If you need to access this Privacy Policy in an alternative format (such as large print, audio, or Braille), or if you have any trouble understanding any aspect of it due to a disability, we will do our best to accommodate you. You can contact us at [email protected] or via the phone number in Contact Us below to request assistance or an alternate version. We will respond and provide help as soon as possible.
Non-Discrimination: We will not discriminate against any individual for exercising their rights under privacy laws or for needing accommodations under disability laws. As noted in the California rights section, exercising your privacy choices (such as opting out of data sales or requesting deletion) will not result in any denial of service or adverse effect on the price/quality of our services, except if the difference is reasonably related to the value of the data (in the case of a permitted financial incentive program, which we would describe separately if we offered one). Similarly, if you require an accommodation to access our services or information, we will not treat you less favorably because of that need. If you believe you have been subjected to any form of discrimination or unfair treatment in connection with your privacy rights or accessibility needs, please contact us so we can investigate and address the issue immediately.
Our goal is to ensure everyone can use our services and exercise their rights freely and comfortably. We continuously seek to improve the accessibility and inclusivity of our digital content and appreciate feedback on how we can do better in this regard.
Compliance with Regulations and Industry Standards
We operate in the United States and comply with applicable federal and state data protection laws, as well as industry standards for security and privacy. Some of the frameworks and regulations we adhere to include:
California Privacy Laws: We rigorously follow the California Consumer Privacy Act (CCPA) and its amendments for California residents, as detailed in this Policy. We also meet the requirements of the California Online Privacy Protection Act (CalOPPA) by providing required disclosures (such as our Do Not Track policy and a conspicuously posted privacy policy).
General Data Protection Regulation (GDPR): For users in the European Union, we comply with the GDPR’s strict standards for data protection and transparency. This includes honoring the rights of EU data subjects and implementing appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
Health Insurance Portability and Accountability Act (HIPAA): If our work involves Protected Health Information (PHI) (for example, translating medical documents that include health information), we handle that data in accordance with HIPAA requirements. We implement administrative, physical, and technical safeguards as required by HIPAA to protect PHI, and we enter into Business Associate Agreements when necessary before handling PHI from healthcare clients. Health data privacy is taken with utmost seriousness.
Federal Information Security Management Act (FISMA): For projects or contracts with U.S. federal agencies or related to government data, we comply with FISMA and related standards. We follow the National Institute of Standards and Technology (NIST) cybersecurity framework and guidelines to manage and mitigate information security risk. This ensures we meet high security benchmarks when working on government-related engagements.
Service Organization Control 2 (SOC 2): We align our security controls with SOC 2 Trust Services Criteria (security, availability, confidentiality, processing integrity, and privacy). We undergo regular reviews of our practices (through internal audits or assessments) to ensure that we would meet the standards expected in a SOC 2 audit, even if we are not required to formally obtain SOC 2 attestation.
Federal Trade Commission (FTC) Guidelines: We abide by FTC regulations and guidance regarding fair information practices and protection of consumer data. This means we strive to follow principles such as notice, choice, access, security, and accountability in our privacy practices.
Other State Laws: In addition to California, we also monitor and comply with other U.S. state privacy laws that may apply to us, such as those in Colorado, Virginia, Connecticut, and Utah (effective in 2023) that provide similar rights to consumers. We apply consistent privacy and security standards across our user base, meaning even if you are not in California or the EU, we aim to treat your data with the same care and provide you with similar control over your information.
When required by law, we cooperate with lawful requests from public authorities for access to personal data, such as complying with a court order or subpoena, or responding to a lawful request by law enforcement or national security agencies. In doing so, we carefully review the request to ensure it has a proper legal basis, and we only disclose the minimum data necessary. Whenever possible, we will notify the affected user of such disclosures, unless we are legally prohibited from doing so. We do not participate in any voluntary surveillance programs and do not provide user data to the government without proper due process.
Policy Updates and Notifications
We may update this Privacy and Security Policy from time to time as needed to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will post the updated Policy on this page with a new “Last Updated” date. If we make material changes to how we collect or use personal information, we will take additional steps to notify you. This may include putting a prominent notice on our Website (for example, a banner or pop-up notice of the changes) or directly notifying you via email or other contact information you have provided. The form of notification may depend on the significance of the changes and any legal requirements.
We encourage you to review this Policy periodically to stay informed about our data practices and any updates. Your continued use of the Website after any changes to this Policy will be deemed acceptance of those changes, provided that we have posted the updated Policy and, if required, obtained any necessary consent. If you do not agree with any updates or changes, you should stop using the Website and can request us to delete your personal information if applicable.
If we update this Policy, we will note at the top the date of the latest revision. For significant changes, if we have your email on file, we may send out an email notice. For minor or clarifying updates that do not materially affect privacy rights, posting the revised Policy with a new effective date may serve as notice. In all cases, we will not materially reduce your rights under this Policy without your consent.
Contact Us
If you have any questions or concerns regarding this Privacy Policy, please contact us at:
Email: [email protected]
Phone: +1 774-999-9603
Location: 216 Concord Rd, Wayland, MA, 01778, USA
Last Updated: February 2025
