Mambu GmbH has designed a privacy policy and established the necessary means and procedures to fulfil it.

I. Definitions

Hereinafter, any reference to "we," "us," "Mambu" and "Company" will be to all of them Mambu GmbH and of its subsidiaries or any successor or assignee of the Company.

This Website/Product is the property of Mambu GmbH, institution registered under code HRB 149780 B, Seated in Berlin (Germany) and Tax Identification Code: USt-IdNr.: DE275271921.

All of the products and services provided by Mambu GmbH are subject to the German legislation in force. We are in the business of providing an online platform that our customers may use to create, send and manage clients, client savings and client loan accounts. The term "Mambu" refers either to the business or the online platform as the context requires. The term "Services" refers to the services offered by Mambu. The term "Customer" refers to an individual or entity who or which is registered with us to use the Services. The term "you" refers to any Customer (or other party whose contact information has been provided to us over the internet) who is reading this Privacy Policy, or on behalf of whom this policy is being read. The term "Website" refers to the website with the URL http://www.Mambu.com. The term "Personal Information" means information about an individual who is a Customer and includes any "Customer Data".

II. Categories of Information We Collect

1. Information You Provide to Us : When you register to use Mambu on a free or other basis, communicate with customer service, or send us an email, you provide us with information that we collect. Such information may include your IP address, name, physical address, email address, phone number, cell phone number, credit card information, alternative payment details and other information such as gender, occupation and other demographic information. By providing us with this information, you consent to your information being collected, used, disclosed and stored by us in accordance with this Privacy Policy.

2. Other Information We Receive and Store : When you register to use Mambu, we store "cookies," which are strings of code, on your computer. We also use electronic images known as Web beacons. With those cookies, we are aware of and collect information concerning when you visit our Website, when you use Mambu, your browser type and version, your operating system and platform and other similar information. With Web beacons, we can determine when you open email we send you, and collect other data. You may turn off all cookies that have been placed on your computer by following the instructions on your browser on how to block cookies that have been placed on your computer. However, if you block our cookies it will be more difficult, and maybe impossible, to use the Services.

3. Tracking Our Emails to Our Customers : When we send emails to our own registered Mambu customers, we'll sometimes track who opened the emails and who went so far as to click on any of the hyperlinks. We do this to measure the performance of our Email Campaigns, and to improve our offerings to specific customer segments.4.

4. Information From Other Sources : We may obtain additional information about you by using your email address, or other information, to directly, or through one or more services, search over the internet, or elsewhere. We thereby obtain information that appears to be related to such email address or other information, such as a name, age and participation in social media websites.

III. Use and Disclosure of Your Personal Information

We will use and disclose your Personal Information only as follows:

1. To promote use, including continued use, of our Services. For example, if you leave your personal information when you visit our Website and do not sign up for any of the Services, we may send you one or more emails asking whether you wish to sign up. If you use any of our Services, and may benefit from using one or more other Services we offer, we may send you an email telling you about the other Service or Services.

2. To bill and collect sums owed to us. Uses for this purpose include sending you emails, invoices, receipts and notices of delinquency, to alert you if we need a different credit card number, and to otherwise try to collect money owed. We use third parties to handle secure credit card transaction processing and send billing information to such third parties, who maintain all information in confidence, to process your orders and credit card payments.

3. To send you System Alert Messages to let you know about temporary or permanent changes to our Services including planned outages, new features offered, version updates, point releases, major releases, abuse warnings, changes to our Privacy Policy and possibly other documents and agreements.

4. To help enforce compliance with our Terms of Use and applicable law including, but not limited to, helping to create credit bureau information, to develop and test algorithms, heuristics and other methods and tools for detecting violations and to apply those methods and tools.

5. To provide customer support and obtain feedback.

6. To protect the rights and safety of us and our employees, Customers, owners, officers and others.

7. To meet legal requirements such as complying with court orders and valid subpoenas.

8. To provide information received hereunder to representatives and advisors such as attorneys and accountants to help us comply with legal and other requirements.

9. To prosecute and defend a court, arbitration or similar proceeding.

10. To support and improve the Services we offer including adding features and providing benchmarking and other comparison information regarding, for example, the relative success of a Customers compared to other institutions in the same or different regions. Benchmarking and similar information is derived from aggregating and analyzing data.

11. To communicate with you concerning your account for an informational, as opposed to promotional, purpose.

12. To transfer your information in the event of the sale of substantially all of the assets of our business to a third-party or in the event of a merger, consolidation or acquisition. However, in such event, any acquirer will be subject to our obligations under this Privacy Policy.

13. To send you informational and promotional materials that you elect ("opt-in") to receive.

IV. Customer Data

Your clients and client’s information is stored on a secure Mambu server. We do not, under any circumstances, steal your data, contact people on your database, sell your data, or share your data with any other party, except as required by law or, regarding contacting, except in response to a complaint. Only carefully selected, authorized personnel have access to view your data. We do not hold your data hostage. We do not make it difficult for you to reclaim it. You may export (download) your data from Mambu at any time so long as we have a copy.

We will use and disclose the information in your Data only for one or more of the following purposes:

1. To help enforce compliance with our Terms of Use and applicable law including, but not limited to, helping to create white lists and black lists, to develop and test algorithms, heuristics and other methods and tools for detecting violations, and to apply those methods and tools.

2. To bill and collect sums owed to us.

3. To protect the rights and safety of us and our employees, Customers, owners, officers and others.

4. To meet legal requirements such as complying with court orders and valid subpoenas.

5. To prosecute and defend a court, arbitration or similar proceeding.

6. To support and improve the services we offer including adding features and providing benchmarking and other comparison information based on aggregating and analyzing data.

7. To transfer your information in the event of the sale of all, or substantially all, of the assets of our business to a third-party or in the event of a merger, consolidation or acquisition. However, in such event, any acquirer will be subject to our obligations under this Privacy Policy.

8. To provide information received hereunder to representatives and advisors such as attorneys and accountants to help us comply with legal and other requirements.

9. To provide customer support and obtain feedback about our Services, but only for and from the Customer whose Personal Information and User Data are being used.

V. Safeguarding Your Information

In accordance with current legislation, Mambu GmbH has adopted the necessary technical and organisational means to maintain the safety level required insofar as the personal data dealt with. It also has the specific mechanisms available to it to prevent unauthorised access, illicit removal and modifications and the loss of data.

To protect your information, our credit card processing vendor uses the latest 128-bit Secure Socket Layer (SSL) technology for secure transactions. In addition, our vendor is certified as compliant with card association security initiatives, such as the Visa Cardholder Information Security and Compliance (CISP), MasterCard® (SDP), and Discovery Information Security and Compliance (DISC).

Mambu accounts require a username and password to log in. When you're finished using Mambu, please click the "log out" link in the top right corner of your screen, to prevent someone from using your computer to access your account. You must keep your username and password secure and not disclose it to a third party.

Due to the sensitive nature of your Data, we do not re-send forgotten passwords. Your Users must contact you directly to reset their passwords if they forget them. Should you forget your password then you must follow online instructions to reset your password.
Account passwords are encrypted. We cannot see your passwords. We can only reset them.

VI. Notice of Breach of Security

Nobody is safe from hackers these days. Mambu will notify you, as soon as possible, if a breach in security results in an unauthorized intrusion into our system which materially affects you or people on your Data, and will subsequently report the corrective action taken in response to the intrusion.

VII. Notification of Changes

Any changes to this Privacy Policy will be posted to this Website and emailed to the last email address you have given to us, and will become effective as of the later of the date we post on the Website or, send the email. You may object to any changes within 20 days after they are posted on our Website or delivered to you, in which case none of the proposed changes will be effective with respect to information that we have already collected from you; but will apply only to information we collect or access from you in the future. There are purposes, other than marketing, for which we are not willing or able to treat information of any open account differently from that of any other open account. Therefore, if you object to changes in our Privacy Policy which relate to those purposes, we will have to terminate your account. In contrast, in the event we ever changed our Privacy Policy to allow us to have an expanded right to use or disclose Personal Information for marketing purposes, you would be able to opt out without any such termination.

VIII. Accuracy of Data and Rights

We do our best to keep your data accurate and up-to-date to the extent that you provide us with the information we require to do that. If your data changes (including, but not limited to, a change in your email address) then you are responsible for notifying us of those changes so that we can keep your records up-to-date.
We retain the data about you only so long as reasonably required to meet the purposes for which we have the right to use the information.
We will give you access to any of your Personal Information that we hold about you within 30 days of any request you make for such information. We may charge for providing this information to you, as permitted by applicable law.

IX. Effective Date

This Privacy Policy is effective with respect to all data that we have collected, or collect, about and/or from you, both prior to your registration as a Customer and/or during the Term, in accordance with the Terms of Use.

X. Data Protection Clause

A.1. Users, in the case of individuals, are informed that their personal data, to which Mambu GmbH has access as a result of enquiries, transactions, operations, contract applications, and product and service commissioning appointed through any means or computer processes in relation to already registered data, will be included in the corresponding file of Mambu.
Mambu GmbH is hereby authorised to treat the necessary data for its use in relation to the undertaking of the agreed operation or service. Such data will be considered compulsory.
A.2. Mambu is also expressly authorised to use your data in the offering and contracting of products and services and for the undertaking of commercial action, whether this be general or adapted to their personal characteristics. Said commercial action may be undertaken by e-mail or equivalent electronic means of communication.
A.3. Users also authorise the communication or transfer of said data to companies belonging to Mambu for the same purpose indicated in the above paragraphs, giving said companies the express authorisation to use e-mail or equivalent means. The interested parties are informed that said data are hereby transferred at this time to the Companies whose name, activity and registered offices are indicated below. The parties agree that Mambu will inform the interested parties of such transfers in the usual manner used to inform them of the products contracted with the company.
A.4. Users are informed of their right to oppose, access, rectify and cancel their personal data under the terms established by Law. and may exercise these rights in writing together with a copy of their National Identity Document addressed to:

Mambu GmbH
Privacy Department
Jüdenstr. 50
10178
Berlin, Germany

Mambu, with Registered Offices for these purposes at the above address, is responsible for this file.
Or use our Contact Form
A.5. Users may revoke the authorisation given for the use or transfer of their personal data, except for what it is established under Section A.1. of this Clause, which is compulsory, in the manner established in Section A.4 above.

XI. Questions

If you have any questions, comments, or concerns or wish to update, delete or change any Personal Information submitted on this Site, or have any questions about our Privacy Policy, please notify us through postal mail at:

Mambu GmbH
Privacy Department
Karl-Liebknecht-Str. 5
10178 Berlin, Germany
Or you can use our Contact Form to email us.

Updated 21 July 2013