Privacy Policy

1. Introduction

Maxwith ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at maxwith.com (the "Platform").

We comply with applicable data protection laws, including:

• General Data Protection Regulation (GDPR) - EU
• Protection of Personal Information Act (POPIA) - South Africa
• Nigeria Data Protection Regulation (NDPR) - Nigeria
• Data Protection Act, 2012 - Ghana

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, password (encrypted)
• Profile Data: Business information, industry, stage, preferences
• Contact Forms: Name, email, message content when you contact us
• Newsletter: Email address when you subscribe

2.2 Automatically Collected Information

• Usage Data: Pages visited, time spent, click patterns
• Device Information: Browser type, operating system, IP address
• Cookies: Session tokens, preferences (see Cookie Policy below)

3. How We Use Your Information

We use your information for the following purposes:

• Platform Operation: Provide access to opportunities, events, and resources
• Personalization: Recommend relevant opportunities based on your profile
• Communication: Send newsletters, updates, and respond to inquiries
• Security: Detect fraud, abuse, and ensure platform security
• Analytics: Understand usage patterns to improve the platform
• Legal Compliance: Comply with legal obligations and enforce our Terms

4. Legal Basis for Processing (GDPR)

We process your personal data based on:

• Consent: You have given explicit consent (e.g., newsletter subscription)
• Contract: Processing is necessary to provide our services
• Legitimate Interests: Platform improvement and security
• Legal Obligation: Compliance with applicable laws

5. Data Sharing and Disclosure

We do NOT sell your personal data. We may share your information with:

• Service Providers: Firebase (Google), Vercel, SendGrid - bound by confidentiality agreements
• Legal Requirements: When required by law or to protect rights and safety
• Business Transfers: In connection with a merger, acquisition, or asset sale

6. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States (Firebase/Google Cloud servers). We ensure appropriate safeguards are in place through:

• Standard Contractual Clauses (SCCs)
• Google Cloud's GDPR compliance certifications
• Data Processing Agreements with vendors

7. Your Rights

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Receive your data in a machine-readable format
• Objection: Object to processing of your data
• Restriction: Request restriction of processing
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@maxwith.com

8. Data Retention

We retain your personal data for as long as:

• Your account is active
• Needed to provide services
• Required by law (e.g., tax records: 7 years)
• Necessary for legitimate business purposes

After account deletion, we retain anonymized data for analytics. Personal identifiable information is deleted within 30 days.

9. Data Security

We implement industry-standard security measures:

• Encryption in transit (HTTPS/TLS)
• Encryption at rest (Firebase)
• Role-based access control
• Regular security audits
• Firewall protection
• Secure authentication (Firebase Auth)

10. Cookies and Tracking

We use cookies for:

• Essential: Authentication, security (required)
• Functional: Preferences, language (optional)
• Analytics: Usage statistics (optional - Vercel Analytics)

You can control cookies through your browser settings. Disabling essential cookies may affect platform functionality.

11. Children's Privacy

Our Platform is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via:

• Email notification
• Prominent notice on the Platform
• Updated "Last updated" date

Continued use of the Platform after changes constitutes acceptance of the updated policy.

13. Contact Us

For privacy-related inquiries or to exercise your rights:

• Email: privacy@maxwith.com
• Data Protection Officer: dpo@maxwith.com
• Address: [Your Business Address]

14. Regulatory Authorities

You have the right to lodge a complaint with your local data protection authority:

• EU: Your national Data Protection Authority
• South Africa: Information Regulator (POPIA)
• Nigeria: Nigeria Data Protection Bureau (NDPB)
• Ghana: Data Protection Commission