Privacy policy

Last updated: 10 September 2021

1. Maze approach to privacy

1.1 We operate a service which allows you to import, and validate your design using our website located at https://maze.co (the “Service”).

1.2 We appreciate your interest in our Service. Privacy protection is very important to us and we are committed to protecting you and respecting your privacy. This privacy policy sets out information about how we collect, store, process, transfer, share and use data that identifies or is associated with you when providing our Service (hereinafter “personal information”).

1.3 The Service is operated by MAZE.DESIGN LIMITED (“Maze”, “we”, “our” or “us”) and we act as a data controller in relation to the personal information we hold about you.

2. Personal information we collect about you and how we use it

2.1 We collect personal information about you when you voluntarily submit information directly to us through our Service. This can include information you provide to us when you register with us, edit your profile, uploaded content, purchase services, correspond with us, respond to a survey, enter a promotion or use some other feature of our Service.

2.2 At various places on our site you may be requested to enter certain personal information. Personal information that must be provided in order to use the requested services will be indicated at the time of collection. If you choose not to provide this personal information, we may not be able to provide some or all of the features and functionalities of the Service to you or respond to your other requests. Other personal information that you are not required to provide in order to receive our services may be voluntarily given and you are free to decide not to give such personal information.

2.3 The table sets out the categories of personal information we collect about you and how we use that information. The table also lists the legal basis which we rely on to process the personal information and the recipients of the personal information.

2.4 We also automatically collect personal information indirectly about how you access and use the Service and information about the device you use to access the Service.

2.5 The annexes sets the categories of personal information we collect about you automatically and how we use that information. It also lists the legal basis which we rely on to process the personal information and the recipients of the personal information. Please also refer to the section titled ‘Cookies and similar technologies’ below.

2.6 We may link or combine the personal information we collect about you and the information we collect automatically. This allows us to provide you with a personalised experience regardless of how you interact with us.

2.7 We may anonymise and aggregate any of the information we collect (so that it does not directly identify you). We may use anonymised information for purposes that include testing our IT systems, research, data analysis, improving our site and developing new products and features.

3. Cookies and similar technologies

What are cookies?

We may collect information using ‘cookies’. Cookies are small data files stored on the hard drive of your computer or mobile device by a website or web application. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them) to provide you with a more personal and interactive experience on our Service.

Cookies we use

Our Service uses the following types of cookies for the purposes set out below:

Essential cookies
Purpose: These cookies are deemed as essential to provide you with the required services. Without these cookies, we are unable to provide operational services to you. We only use these cookies to provide you with those services.
Third-parties: Stripe

Functional cookies
Purpose: These cookies enable us to provide additional features of the service. The purpose of these cookies is to provide you with a more personal experience, and enhance your user experience while interacting with our services.
Third-parties: Zendesk

Marketing cookies
Purpose: These cookies enable us to provide a personalised experience and promote content that may likely be of interest to you. These cookies use information about your browsing history to group you with other users who have similar interests. Based on that information, and with our permission, third party advertisers may place cookies to enable them to show adverts which we think will be relevant to your interests while you are on third party websites.
Third-parties: Google Tag Manager, Turbolion

Statistics cookies
Purpose: These cookies are used to collect information about traffic to our Service and how users use our Service. The information gathered via these cookies does not ‘directly’ identify any individual visitor. However, it may render such visitors ‘indirectly identifiable’. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access our Service. The information collected is aggregated and anonymous. We use this information to help operate our Service more efficiently, to gather broad demographic information and to monitor the level of activity on our Service.
Third-parties: Segment, Amplitude, Google Analytics, Hotjar

Disabling cookies

You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the ‘settings’, ‘help’ or ‘tools’ menu). Many browsers are set to accept cookies until you change your settings.

If you do not accept our cookies, you may experience some inconvenience in your use of our Service. For example, we may not be able to recognise your computer or mobile device and you may need to log in every time you visit our Service.

Further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.com.uk.

4. Information we share with third parties

4.1 We may share your personal information with the following parties (as required in accordance with the uses set out in Annexes 1 and 2):

  • (a) Companies in the same group of companies as us: our subsidiaries (i.e. any organisation we own or control) or our holding company or ultimate holding company (i.e. any organisation that owns or controls us) and any subsidiaries they own. These companies will only use your personal information in the same way as we can under this privacy policy.

  • (b) Service providers and advisors: third parties who provide a service to us. For example, third party service providers either provide IT infrastructure or help support it, help us to provide you with support in relation to the Service, process payments from you on our behalf, develop analytical information for us about our products and services and provide professional services such as legal and accountancy services. These third parties will only be allowed to use your personal information in accordance with our instructions and will be required to keep your information secure.

  • (c) Purchasers of our business: personal information may be disclosed or transferred to buyers or perspective buyers of our business or any of our assets as part of any such sale. We will take all reasonable steps to ensure that such recipients will use your personal information in a way that is consistent with this privacy policy.

  • (d) Law enforcement, regulators and other parties for legal reasons: third parties who we are under a legal obligation to disclose your personal information to or to whom we need to disclose your personal information to protect our rights, property or safety or to protect the rights, property or safety of others. We may also disclose personal information to third parties to help detect and investigate illegal activities and breaches of any agreement we have with you.

4.2 We do not disclose information about identifiable individuals to anyone else except as set out above. We may provide third parties with aggregate statistical information and analytics about users of our Service but we will make sure no one can be identified from this information before we disclose it.

5. Marketing and advertising

5.1 From time to time we may contact you with information about our products and services. Most marketing messages we send will be by email. For some marketing messages we may use personal information we collect about you to help us determine the most relevant marketing information to share with you.

5.2 We will only send marketing messages to users who have chosen to receive them. We will ask you if you would like to receive these messages when we first collect your contact details. You can also change your marketing preference at a later date by following the instructions outlined below:

Click on the unsubscribe link at the bottom of our marketing emails.

If you have an online account with us you might be able to opt-out of marketing emails, features updates through your account settings.

5.4 Please note that if you do opt-out of or do not grant consent to receiving marketing related messages from us, we may still send you non-marketing messages, such as communications relating to the provision of our Service.

5.5 You can also let us know at any time that you do not wish to receive marketing anymore by sending an email to us at support@maze.design. You may also be able to unsubscribe from our marketing emails by clicking on the unsubscribe link in the emails we send to you.

6. Storing and transferring your personal information

6.1 Retention period: We will store the personal information we collect about you for no longer than necessary for the purposes set out in Annex 1 and Annex 2 and in accordance with our legal obligations and legitimate business interests.

6.2 Security: We implement appropriate and reasonable technical and organisational measures to protect your personal information against accidental or unlawful destruction, loss, change, or damage. All personal information we collect will be stored on our secure servers. We also limit access to your personal information to those employees and other staff who have a business need to have such access. We have put in place procedures to deal with any actual or suspected personal data breach. In the event of any such breach, we have systems in place to work with applicable regulators. In addition, in certain circumstances, we may notify you of breaches affecting your personal information where we are legally required to do so.

6.3 Phishing: We will never send you unsolicited emails or contact you by phone requesting your account ID, password, credit or debit card information or national identification numbers.

7. Your rights in respect of your personal information

7.1 If you are resident in the European Economic Area, in accordance with applicable privacy law, you have the following rights in respect of your personal information that we hold:

  • (a) Right of access. You have the right to obtain:
    • (i) confirmation of whether, and where, we are processing your personal information;
    • (ii) information about the categories of personal information we are processing, the purposes for which we process your personal information and information as to how we determine applicable retention periods;
    • (iii) information about the categories of recipients with whom we may share your personal information; and
    • (iv) a copy of the personal information we hold about you.
  • (b) Right of portability. You have the right, in certain circumstances, to receive a copy of the personal information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.
  • (c) Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal information we hold about you without undue delay.
  • (d) Right to erasure. You have the right, in some circumstances, to require us to erase your personal information without undue delay if the continued processing of that personal information is not justified.
  • (e) Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal information if the continued processing of the personal information in this way is not justified, such as where the accuracy of the personal information is contested by you.
  • (f) Right to object. You have a right, in some circumstances, to object to any processing based on our legitimate interests. There may, however, be compelling reasons for continuing to process your personal information, and we will assess and inform you if that is the case.

7.2 If you wish to exercise one of these rights, please contact us using the contact details at the end of this privacy policy. You may also review and edit the personal information you have submitted to us by logging into your account on our website.

7.3 You also have the right to lodge a complaint to your national data protection authority. Further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

7.4 Residents in other jurisdictions may have similar rights to the above. If you would like to exercise one of these rights, please contact us using the contact details at the end of this privacy policy. We will comply with any request to the extent required under applicable law.

8. Location of your personal information

Many of our service providers are based outside the United Kingdom or the European Economic Area, so their processing of your personal information will involve a transfer of data to countries based outside of that territory.

We endeavour to ensure that people to whom we provide your personal information hold it subject to appropriate safeguards and controls. Whenever we transfer your personal information out of the United Kingdom or the European Economic Area, we ensure a similar degree of protection is afforded to it by implementing measures which comply with applicable privacy law. To receive details of those measures, please contact us using the contact details at the end of this privacy policy.

9. Links to third party sites

Our Service may, from time to time, contain links to and from third party websites of our partner networks, advertisers, partner merchants, news publications, retailers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those websites.

10. Changes to this policy

We may update this privacy policy from time to time and so you should review this policy periodically. When we change this privacy policy in a material way, we will update the “last modified” date at the top of this privacy policy. Changes to this privacy policy are effective when they are posted on this page.

11. Notice to you

If we need to provide you with information about something, whether for legal, marketing or other business related purposes, we will select what we believe is the best way to get in contact with you. We will usually do this through email or by placing a notice on our site. The fact that we may send notices to you will not stop you from being able to opt out of certain types of contact as described in this privacy policy.

12. Children

The Service is not intended for children below the age of 16, and we do not knowingly collect data relating to such children.

13. Complaints

If you would like to make a complaint regarding this privacy policy or our practices in relation to your personal data, please contact us using the contact details at the end of this privacy policy.

We will reply to your complaint as soon as we can.

If you feel that your complaint has not been adequately resolved, please note that applicable privacy law may give you the right to contact your local data protection supervisory authority. Further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

14. Contacting us

Questions, comments and requests regarding this privacy policy are welcome and should be addressed to: privacy@maze.design.

Annexes