Last update: 26.07.2023

This notice explains how we collect and handle user data on the mahay.co website and platform (« Platform »). « We, » « us, » and « our » refer to LEY-VALY, a legal entity registered in the Netherlands.

Our priority is to protect our users’ privacy, and we assure you that we will not misuse your data.

Controller details:

Name: LEY-VALY
Address: 10 Rue de Penthièvre, 75008 PARIS, France
Contact email: support@mahay.co
This privacy notice specifically covers our role as a data controller, which includes handling your account information, data collected through the website, and our marketing activities.

When you collect and process information from LinkedIn profiles and messages through our platform, we act as a data processor on your behalf. As the data controller, you are responsible for processing LinkedIn data according to relevant data protection regulations. You can find our obligations as a data processor in the data processing agreement, which is an integral part of Mahay’s Terms and Conditions.

Table of contents

  • Our Data Collection;
  • Sharing with Third Parties;
  • Your Rights; Data Security;
  • Changes to This Notice.

Our Data Collection

Registering for a demo

Before creating an account, you can request a free demonstration of the platform. To register, we’ll need the following information: your first name, last name, company name, email address, phone number, and the type of account you want (single, group, or agency).

You can also access previously recorded demos by providing your first name, last name, email address, and LinkedIn Profile URL.

The information you provide will help us tailor the demonstration to your needs and offer you suitable subscription plans on the platform. The legal basis for these activities is our legitimate interest (GDPR Art. 6.1.f). Additionally, during the demo registration, you may choose to receive our newsletter (GDPR Art. 6.1.a).

Creating an account and setting up a profile

To use the platform and its features, you need to register an account. During registration, we’ll ask for your basic information, such as your first and last name, email address, language, account password, country and address, company affiliation, and voucher code (if applicable).

If you wish to automate your LinkedIn activities on the platform, you’ll have to link your LinkedIn account using your login credentials, password, and a temporary code. In the profile settings, you can customize interaction preferences for your LinkedIn account, like account warmup, number of messages to be sent, message limit ranges, active messaging time, and inactive messaging days. Without this information, we won’t be able to offer platform services to you.

Please remember that to connect other people’s LinkedIn accounts, you must have their consent or another valid legal basis according to GDPR Art. 6.

Once registered, you can upload your profile picture, enable 2-factor authentication, and choose your preferred subscription type. Additionally, you can create user groups on the platform (referred to as agencies).

We use your account information for the following purposes:

  1. Creating and managing your user account, including other related data points, based on the contract between us (GDPR Art. 6.1.b), or if you connect another person’s LinkedIn account, it’s based on your legitimate interest (GDPR Art. 6.1.f).

  2. Contacting you regarding platform-related matters or your account via email or web notifications (GDPR Art. 6.1.b).

  3. Analyzing the platform’s efficiency for our legitimate interests (GDPR Art. 6.1.f).

  4. With your consent, sending marketing or promotional materials (GDPR Art. 6.1.a).

We will retain your account data, including information from the platform functionality, payments, and technical support sections, as long as your account is active. If you become inactive, we will delete or anonymize your information after 12 months from your last user session.

Platform Functionality

Platform Functionality: Through the platform, you can automate your marketing activities on LinkedIn. We will store and process the following types of information:

  1. Tasks you create and manage on the platform.
  2. Messages you send via LinkedIn, including the date, time, recipients, and content.
  3. Messages you send to other platform users, including the date, time, recipients, and content.

The legal basis for this is either the performance of the contract (Terms and Conditions) between you and us (GDPR Art. 6.1.b) or, if you connect other people’s LinkedIn accounts, your legitimate interest (GDPR Art. 6.1.f).

Payments Simplified

You can easily generate invoices for platform usage within your profile. To calculate the amount payable and create the invoice, we will use your account data.

When it’s time to make a payment, you’ll be directed to a third-party payment provider. They will handle and store your payment information. We will only receive payment confirmation from them.

The reason we process payment information is to fulfill our contract with you (GDPR Art. 6.1.b). We also keep financial information for analyzing our performance (GDPR Art. 6.1.f) and to comply with accounting and financial laws (GDPR Art. 6.1.c).

How to get technical support

You can request support by using the support form on our website or through email. We use this information to assist you, enhance our platform, and analyze our marketing and product efforts, which includes creating statistics of inquiries.

The reason for collecting this information is because it is necessary to perform the contract between you and us (Terms and Conditions) (GDPR Art. 6.1.b) and because we have a legitimate interest in improving the platform (GDPR Art. 6.1.f). If you connect someone else’s LinkedIn account, the legal basis is your legitimate interest (GDPR Art. 6.1.f).

Our website collects various types of data for sales and marketing purposes. Here are the details:

  1. Visitor Logs: We collect device, browser information, and IP address data to prevent fraud and manage user sessions. This information is stored for 6 months from your last visit, and the legal basis is our legitimate interests.

  2. Cookies: Our website uses cookies, and you can find more information about them in our Cookie Policy.

  3. Visitor Traffic Analysis: We use third-party analytics providers to analyze website traffic. Depending on the method used, this analysis is based on your consent (cookie tracking) or our legitimate interests.

  4. Free eBook and Materials: To provide you with a free eBook and useful materials, we require your email address, first and last name. We also use this information to send you direct marketing messages. The legal basis for processing this data is your consent.

  5. Webinars: We organize our own webinars and participate in third-party webinars. We will use your information to send you direct marketing messages. The processing is based on your consent.

For marketing purposes, we store your data for 12 months after our last communication with you. You can withdraw your consent for activities based on consent at any time by contacting us directly. This withdrawal will not affect the processing that occurred before the withdrawal. You can also opt-out of email subscriptions by clicking the appropriate button in our emails.

Whitelabel and Affiliate Partner Registration

  1. If you want to partner with our platform, you can register as an affiliate or a whitelabel partner. During registration, we will collect your company affiliation, name, email address, phone number, marketing tools used, number of accounts managed, and information on how you plan to distribute subscriptions to our platform.

    We will process this data to establish and perform a partner contract with you. The legal basis for this processing is the performance of the contract. We will store this data for 12 months from your last activity.

Sharing with Third Parties

  1. We use various third-party software providers for different purposes, such as:

    1. Analytics providers: They help us analyze efficiency and conduct marketing research.
    2. Client relationship management software: Used to manage and perform marketing (email) activities.
    3. Email notification providers: For handling email notifications.
    4. Technical support and ticket management software: To handle technical support and ticket-related tasks.
    5. Cloud hosting providers: They store and process the data we collect.
    6. Third-party advertisement providers: Used for advertising purposes.
    7. Response forms, app-to-app integrations, and webinar platforms: Used for various interactions and integrations.
    8. Website personalization tools: For customizing website experiences.

    These providers process personal data based on our instructions only.

    Regarding analytics, we collect usage details of the platform, such as traffic data, location data, length of visits, and other communication data. Non-personally identifiable information is collected and processed by Google Analytics in an anonymized and aggregated way to improve the app’s usability and for marketing purposes.

    For payment processing, we use third-party payment processors. We do not receive your payment details from them, only payment confirmations and transaction details.

    The platform allows integration with third-party software providers via an API. When interacting with these providers, you provide your information directly to them.

    In addition to the above, we may disclose information about you if required by law, in connection with legal proceedings, or when selling, licensing, or assigning our company, corporate rights, the platform, or its parts to third parties.

    We do not sell, share, or rent your information to third parties except as mentioned in this privacy notice. For more details, you can visit the respective websites of the third-party providers or contact them directly.

Your Rights; Data Security

  1. You have rights regarding your personal data under GDPR. These rights include:

    1. The right to object to the processing of your information. If we use your data for purposes like direct marketing or marketing research and you disagree, let us know. We will consider your request, and unless we have compelling reasons to refuse, we will stop processing your data for those purposes. If we believe our interests outweigh your privacy rights, we will explain why.

    2. The right to access your information. You can request to know what personal data we process about you. We will disclose the data involved and provide a copy of the information being processed.

    3. The right to verify and correct your information. If you find inaccuracies or outdated data, you can verify the accuracy and ask for corrections.

    4. The right to restrict the processing of your information. If you believe the data is inaccurate, processed unlawfully, or you want to object to the processing, you can temporarily halt the processing while we investigate and provide evidence of lawful processing.

    5. The right to have your personal data deleted. If we are not legally required to retain your data or if it’s not necessary for an active contract or claim, we will delete your information upon your request.

    6. The right to have your personal data transferred to another organization. If we process your data based on your consent or for contract performance, we can provide your data to you or another organization at your request.

    To exercise these rights or ask further questions about data protection, you can contact us at support@mahay.co. If you feel that your rights have been violated or you are unsatisfied with our response, you have the right to lodge a complaint with the relevant data protection authority.

Information Security

We are committed to protecting your information from unauthorized access, accidental loss, destruction, alteration, copying, distribution, and other illegal activities by third parties. We take necessary measures to ensure the security of your data.

We may use third-party software providers located in countries outside the European Union. If we transfer your data to these countries for processing, we will ensure that appropriate safeguards are in place. If you want more details about the international safeguards we have taken, feel free to ask.

Only our authorized employees, who are responsible for maintaining the application, have immediate access to the data. These employees maintain strict confidentiality and prevent unauthorized access to personal information by third parties.

Notice Changes

This privacy notice may be updated occasionally. To stay informed about any changes, we recommend checking our website from time to time. However, we will also make an announcement for any significant updates.