1. Introduction
This Privacy Policy explains how MUNDEK GLOBAL LIMITED (“Company”, “we”, “us”, “our”) collects, uses, and protects personal data of users accessing our website mundek.org and related services.
We are committed to processing personal data in compliance with applicable laws, including the General Data Protection Regulation (EU) 2016/679 (GDPR).
2. Data Controller
The data controller responsible for your personal data is:
Hillier Commercial Building, Room A, 15/F
65–67 Bonham Strand East, Sheung Wan
999077 Hong Kong
Email: info@mundek.org
Website: mundek.org
3. Data We Collect
We may collect the following categories of personal data:
a) Information you provide directly:
- Full name
- Email address
- Contact details
- Account or login data (if applicable)
b) Transaction-related data:
- Payment confirmations
- Billing-related information
c) Technical and usage data:
- IP address
- Browser type
- Device information
- Website interactions
4. Purposes of Processing
We process your data for the following purposes:
- Providing access to services and content
- Managing accounts and communication
- Processing transactions
- Customer support
- Improving platform performance
- Ensuring security and fraud prevention
5. Legal Basis (GDPR – Article 6)
We process personal data based on:
- Contract performance — to deliver services
- Legitimate interest — platform security, improvement, communication
- Consent — where required (e.g. cookies, marketing)
- Legal obligation — compliance with regulations
6. Data Sharing
We do not sell personal data. We may share data with:
- Payment processors (e.g. Stripe or equivalent)
- Hosting and IT providers
- Analytics providers
- Legal authorities (if required by law)
All partners are required to process data securely.
7. International Data Transfers
As a global service provider, your data may be transferred outside the European Economic Area (EEA). We ensure appropriate safeguards, including:
- Standard Contractual Clauses (SCCs)
- Secure infrastructure and access controls
8. Data Retention
We retain personal data only as long as necessary:
- Account data → duration of service + up to 6 years (legal compliance)
- Communication data → up to 3 years
- Technical data → up to 24 months
9. Data Security
We implement appropriate technical and organisational measures, including:
- Encryption
- Access control
- Monitoring and protection systems
10. User Rights (GDPR)
You have the right to:
- Access your data
- Correct inaccurate data
- Request deletion (“right to be forgotten”)
- Restrict processing
- Object to processing
- Data portability
- Withdraw consent
You also have the right to lodge a complaint with your local data protection authority (e.g. in Poland: UODO).
11. Cookies
We use cookies to ensure proper website functionality, analyse usage, and improve performance. Users can manage cookies via browser settings.
12. Third-Party Services
Our platform may include integrations with third-party providers. These providers operate under their own privacy policies.
13. Automated Decision-Making
We do not use automated decision-making or profiling that produces legal or significant effects.
14. Children’s Data
Our services are not intended for individuals under 18. We do not knowingly collect data from minors.
15. Changes to This Policy
We may update this Privacy Policy periodically. Updates will be published on our website.