Privacy Policy
Last Updated: November 3, 2025
Your Privacy is Our Priority
At Mps Promotora (established 2008), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains our practices regarding the collection, use, sharing, and protection of information when you participate in our SMS messaging program.
Table of Contents
1. Introduction
This Privacy Policy applies to the SMS messaging program operated by Mps Promotora (Tax ID: 49071917000176). This policy describes:
- What personal information we collect when you opt-in to SMS alerts
- How we use, process, and store your information
- With whom we share your information (if anyone)
- Your rights regarding your personal information
- How we protect your information from unauthorized access
- How to contact us with privacy questions or concerns
By opting into our SMS program, you acknowledge that you have read this Privacy Policy and consent to the collection and use of your information as described herein. If you do not agree with any part of this policy, please do not opt-in to the program. Last updated November 3, 2025 to reflect current best practices and regulatory requirements.
2. Information We Collect
2.1 Information You Provide Directly
When you opt-in to our SMS program through our website or other enrollment methods, we collect the following information:
| Information Type | Purpose & Use | Required? |
|---|---|---|
| Mobile Phone Number | Essential for sending SMS messages to you and managing your subscription | Yes |
| Email Address | Account management, support communications, alternative contact method | Yes |
| Consent Timestamp | Legal requirement to document when you provided consent (TCPA compliance) | Yes |
| Opt-in Method | Track how you subscribed (website form, keyword, API, etc.) | Yes |
| Opt-in/Opt-out Status | Track whether you're currently subscribed or have unsubscribed | Yes |
| IP Address | Fraud prevention, security, and compliance documentation | Auto |
| Device Information | Browser type, operating system for technical support | Auto |
2.2 Information Collected Automatically
When you interact with our SMS messages, we may automatically collect:
- Message Delivery Status: Whether messages were successfully delivered or bounced
- Message Read Status: Whether messages were opened (if supported by carrier)
- Link Click Data: If you click links in messages, we track which links and when
- Reply Messages: Your text replies to our messages, including STOP, HELP, and other responses
- Carrier Information: Your mobile carrier name and network details
- Device Type: Phone model and operating system (when available from carrier)
- Timestamp Data: Date and time of message delivery, opens, clicks, and replies
- Geographic Data: General location based on area code (not precise GPS location)
2.3 Information We Do NOT Collect
We want to be clear about what we do NOT collect:
- Precise geolocation or GPS coordinates
- Contents of your other text messages or phone calls
- Your contacts list or address book
- Financial information such as credit card numbers or bank accounts
- Social Security numbers or government-issued ID numbers
- Health information or medical records
- Biometric data
- Social media profiles or credentials
- Browsing history beyond our own website
3. How We Use Your Information
3.1 Primary Uses
We use the information we collect for the following primary purposes:
- Send SMS Messages: Deliver marketing, promotional, and transactional messages you have opted to receive
- Manage Subscriptions: Process opt-ins, opt-outs, and update your subscription preferences
- Provide Customer Support: Respond to your questions, concerns, and support requests
- Comply with Legal Obligations: Maintain records required by TCPA, FCC, CTIA, and other regulatory bodies (minimum 4 years)
- Process Transactions: Fulfill orders, send confirmations, and provide shipping updates
- Verify Identity: Confirm you are the authorized user of the phone number
3.2 Secondary Uses
With your information, we may also:
- Improve Service Quality: Analyze program performance, delivery rates, and engagement metrics to enhance your experience
- Prevent Fraud and Abuse: Detect and prevent fraudulent activity, spam, abuse, and violations of our Terms
- Conduct Analytics: Generate aggregated, anonymized statistics about program engagement, popular offers, and trends
- Personalize Content: Tailor message content and frequency based on your interaction patterns and preferences
- Internal Business Purposes: Conduct research, business planning, audits, and comply with internal policies
- Legal Proceedings: Establish, exercise, or defend legal claims and comply with law enforcement requests
3.3 Legal Basis for Processing (for EEA Residents)
If you are located in the European Economic Area, our legal basis for processing your information includes:
- Consent: You have provided express, informed consent to receive SMS messages
- Contract Performance: Processing is necessary to fulfill our contractual obligations to provide the SMS service
- Legal Obligation: Processing is required to comply with applicable telecommunications and privacy laws
- Legitimate Interest: We have a legitimate business interest in improving our services, preventing fraud, and analyzing program effectiveness
You have the right to withdraw consent at any time by texting STOP, without affecting the lawfulness of processing based on consent before withdrawal.
4. Information Sharing and Disclosure
4.1 We Do NOT Sell Your Information
Mps Promotora does NOT and will NEVER sell, rent, lease, or trade your phone number or personal information to third parties for their marketing purposes.
This is a core principle of our business since our founding in 2008. Your trust is more valuable to us than any potential revenue from selling data. We have never sold data in our 18 years of operation and never will.
4.2 Service Providers (Necessary Sharing)
We share your information with trusted third-party service providers only as necessary to operate the SMS program:
| Service Provider Type | Purpose | Example Companies |
|---|---|---|
| SMS Platform Providers | Deliver text messages, manage phone number routing | Twilio, Bandwidth, MessageBird, Plivo, Telnyx |
| Cloud Infrastructure | Host data, provide computing resources | AWS, Google Cloud, Microsoft Azure |
| Analytics Services | Track delivery rates, engagement metrics | Internal analytics tools only |
| Security Providers | Fraud detection, DDoS protection | Cloudflare, security vendors |
All service providers are contractually required to:
- Use your information ONLY to provide services to us
- Maintain strict confidentiality and implement appropriate security measures
- Not use or disclose your information for their own business purposes
- Comply with all applicable privacy laws (TCPA, CCPA, GDPR)
- Return or delete your information upon termination of services
- Allow us to audit their security practices
4.3 Legal Requirements and Law Enforcement
We may disclose your information when required by law or in good faith belief that disclosure is necessary to:
- Comply with valid legal process (subpoenas, court orders, search warrants, civil investigative demands)
- Respond to government or regulatory requests (FCC, FTC, state attorneys general)
- Cooperate with law enforcement investigations of criminal activity
- Enforce our Terms of Service and protect our legal rights
- Protect the safety, rights, or property of Mps Promotora, our users, or the public
- Prevent, detect, or investigate fraud, abuse, illegal activity, security threats, or technical issues
- Comply with national security or public safety requirements
We will notify you of legal requests for your information when legally permitted, unless we believe notification could impede an investigation or endanger safety.
4.4 Business Transfers
If Mps Promotora is involved in a merger, acquisition, bankruptcy, reorganization, dissolution, or sale of all or part of our assets, your information may be transferred to the successor entity as part of the transaction. You will be notified via SMS or email before any such transfer, and you will have the option to opt-out before the transfer takes effect.
4.5 Aggregated and Anonymized Data
We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you. This includes:
- Overall program statistics (total subscribers, average engagement rates)
- Industry benchmarks and trends
- Research and whitepapers using anonymized data sets
- Public reports about SMS marketing effectiveness
This data does not identify individual users and is not considered personal information under privacy laws.
4.6 With Your Consent
We may share your information for purposes not described in this policy if we obtain your explicit consent at the time of sharing. You will always be informed about who will receive your information and for what purpose before we share it.
5. Data Retention Policy
5.1 Active Subscriber Data
While you are an active SMS subscriber, we retain your phone number, email address, consent records, and interaction history to provide the service. This data is stored securely in encrypted databases with redundant backups.
5.2 Opt-Out Records (Indefinite Retention)
We retain opt-out records indefinitely. This is a legal requirement under the Telephone Consumer Protection Act (TCPA) and FCC regulations. Here's why:
- Phone numbers are frequently recycled and reassigned by carriers to new users
- We must never send messages to a number that previously opted out, even if it's now assigned to someone else
- Maintaining a permanent opt-out list protects both you and future users of your number
- This is a compliance best practice and legal requirement in the SMS marketing industry
- Opt-out records are securely stored and used solely for suppression purposes
Your opt-out record includes: phone number (hashed), opt-out date, opt-out method, and confirmation that you requested removal. It does NOT include your name, email, or other personal details beyond what's necessary for suppression.
5.3 Account Deletion Requests
If you request deletion of your personal information (available to California residents under CCPA and all users under our policies):
- We will delete your phone number, email address, and personal identifiers within 30 days of verification
- We will permanently retain your opt-out status (legal requirement - cannot be deleted)
- We may retain anonymized or aggregated data that cannot identify you individually
- We may retain information necessary for legal compliance, dispute resolution, fraud prevention, or enforcing our Terms
- Backups containing your information will be deleted during our regular backup rotation (90 days maximum)
5.4 Inactive Account Policy
If you have not engaged with our messages (opens, clicks, or replies) for 24 consecutive months and are still technically subscribed, we may:
- Send you a re-engagement message asking if you want to continue
- Automatically unsubscribe you if you don't respond within 30 days
- Delete your personal information while retaining opt-out status
This helps us maintain list hygiene and respect your inbox if you're no longer interested.
5.5 Legal Hold and Litigation
If your information becomes subject to a legal hold, regulatory investigation, or pending litigation, we will retain it until the matter is resolved and all appeal periods have expired, regardless of standard retention periods.
6. Security Measures and Data Protection
We implement comprehensive security measures to protect your information from unauthorized access, use, disclosure, alteration, or destruction:
6.1 Technical Safeguards
- Encryption in Transit: All data transmitted between your device and our servers uses TLS 1.3 or higher encryption
- Encryption at Rest: Your information is stored in encrypted databases using AES-256 encryption
- Access Controls: Role-based access restrictions ensure only authorized personnel can access your data
- Authentication: Multi-factor authentication (MFA) required for all system access
- Network Security: Firewalls, intrusion detection systems, and DDoS protection
- Monitoring: 24/7 security monitoring, logging, and automated threat detection
- Regular Audits: Quarterly security audits and annual penetration testing
- Vulnerability Management: Regular security patches and updates
- Data Segmentation: Information is compartmentalized to limit exposure in case of breach
6.2 Organizational Safeguards
- Employee Training: Mandatory annual privacy and security training for all personnel
- Background Checks: Background screening for employees with data access
- Confidentiality Agreements: All personnel sign strict confidentiality and NDA agreements
- Least Privilege: Access granted only on a need-to-know basis
- Vendor Management: Due diligence and ongoing assessment of third-party security practices
- Incident Response Plan: Documented procedures for responding to data breaches or security incidents
- Data Protection Officer: Designated privacy officer oversees compliance (contact via help@patentwellnessco.com)
6.3 Security Limitations and Your Role
Important Disclaimer: While we strive to protect your information using industry-leading security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.
SMS-Specific Limitations:
- SMS messages are not end-to-end encrypted and may be vulnerable to interception by sophisticated attackers
- Messages may be accessible on your device if it's unlocked or compromised
- Your mobile carrier may have access to message content
Your Responsibilities:
- Keep your device secured with a password, PIN, or biometric lock
- Do not share your phone or leave it unattended where others can access messages
- Report any unauthorized access or suspicious activity immediately to help@patentwellnessco.com
- Use secure networks when accessing our website or opt-in forms
6.4 Data Breach Notification
In the event of a data breach that affects your personal information, we will:
- Notify you within 72 hours of discovering the breach (as required by CCPA/GDPR)
- Provide details about what information was affected and when the breach occurred
- Explain steps we're taking to mitigate harm and prevent future breaches
- Offer credit monitoring or identity theft protection if Social Security numbers or financial data were involved (which we don't collect)
- Report the breach to applicable regulatory authorities as required by law
Since our founding in 2008, Mps Promotora has maintained a perfect security record with zero data breaches affecting customer information.
7. Your Rights and Choices
You have significant rights regarding your personal information. Here's how to exercise them:
7.1 Right to Opt-Out (Unsubscribe)
How: Text STOP, UNSUBSCRIBE, CANCEL, END, or QUIT to any message
Processing Time: Immediate (typically within 60 seconds)
Confirmation: You'll receive a final message confirming your opt-out
Re-subscription: Text START or visit our website to opt back in
7.2 Right to Access
What: Request a copy of all personal information we hold about you
How: Email help@patentwellnessco.com with subject "Data Access Request"
Include: Your phone number and email used for registration
Format: We'll provide data in JSON or CSV format
Timeline: Within 30 days (45 days for California residents)
7.3 Right to Correction
What: Request correction of inaccurate or incomplete information
How: Email help@patentwellnessco.com with updated information
Processing: We'll verify and update within 10 business days
Notification: You'll receive confirmation once updates are made
7.4 Right to Deletion ("Right to Be Forgotten")
What: Request deletion of your personal information
How: Email help@patentwellnessco.com with subject "Deletion Request"
Timeline: Processed within 30 days of verification
Exceptions: We must retain opt-out status (legal requirement) and may retain information needed for legal compliance, dispute resolution, fraud prevention
Confirmation: Written confirmation sent once deletion is complete
7.5 Right to Data Portability
What: Receive your data in a machine-readable format to transfer to another service
How: Email help@patentwellnessco.com with subject "Data Portability Request"
Format: JSON, CSV, or XML (your choice)
Timeline: Within 30 days
7.6 Right to Object to Processing
What: Object to certain uses of your information (e.g., marketing analytics)
How: Email help@patentwellnessco.com specifying what processing you object to
Effect: We'll stop that specific processing unless we have compelling legitimate grounds
Note: You can always opt-out of SMS messages entirely by texting STOP
7.7 Right to Restrict Processing
What: Limit how we process your information in certain circumstances
When: If you contest accuracy, object to processing, or for legal claims
How: Email help@patentwellnessco.com with specific restriction request
Duration: Until the issue is resolved
7.8 How to Exercise Your Rights
To exercise any privacy right:
- Email us: help@patentwellnessco.com
- Subject line: Specify the right you're exercising (e.g., "Data Access Request")
- Include: Phone number, email address used for SMS program, and specific request
- Verification: We may ask for additional information to verify your identity
- Response: We will respond within 30 days (45 days for California residents)
- Free of Charge: Exercising your rights is always free (first request)
- No Retaliation: We will never discriminate against you for exercising your privacy rights
8. California Privacy Rights (CCPA and CPRA)
Special Notice for California Residents
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), effective since January 1, 2020, and enhanced January 1, 2023.
8.1 Categories of Personal Information Collected
| Category | Examples | Collected? | Sold/Shared? |
|---|---|---|---|
| Identifiers | Phone number, email, IP address | YES | NO |
| Commercial Info | Subscription status, message history, preferences | YES | NO |
| Internet Activity | Link clicks, message opens | LIMITED | NO |
| Geolocation | Precise GPS location | NO | NO |
| Sensitive Personal Info | SSN, financial data, health data, precise geolocation | NO | NO |
| Inferences | Preferences, characteristics | LIMITED | NO |
8.2 Sale and Sharing of Personal Information
We do NOT sell or share your personal information for cross-context behavioral advertising.
- Sale: We have NOT sold personal information in the past 12 months and never will
- Sharing: We have NOT shared personal information for cross-context behavioral advertising
- Sensitive Data: We do not collect or use sensitive personal information
8.3 California Consumer Rights
California residents have the right to:
- Right to Know: Request disclosure of personal information collected, used, disclosed, or sold in the past 12 months
- Right to Delete: Request deletion of personal information we have collected (subject to legal exceptions)
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt-Out of Sale/Sharing: Opt-out of sale or sharing of personal information (not applicable as we don't sell/share)
- Right to Limit Use of Sensitive Information: Limit use of sensitive personal information (not applicable as we don't collect it)
- Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
8.4 How to Exercise California Rights
California residents can submit requests by:
- Email: help@patentwellnessco.com
- Subject Line: "California Privacy Rights Request" or "CCPA Request"
- Include: Your full name, phone number, email, and specific right you're exercising
- Verification: We will verify your identity before processing (may request government ID or answer security questions)
- Response Time: 45 days (extendable by additional 45 days if complex)
- Format: You can request data in portable format
- Frequency: You may submit requests twice per 12-month period
8.5 Authorized Agents
You may designate an authorized agent to submit CCPA requests on your behalf. The agent must provide:
- Written authorization signed by you (notarized or with comparable formality)
- Proof of their identity
- Proof of their authority to act on your behalf
We may also require you to verify your identity directly with us and confirm you authorized the agent.
8.6 California "Shine the Light" Law
Under California Civil Code Section 1798.83 ("Shine the Light"), California residents can request information about disclosure of personal information to third parties for direct marketing. Since we do not disclose personal information to third parties for their direct marketing purposes, no such information exists to provide.
9. Children's Privacy (COPPA Compliance)
Our SMS program is not intended for, nor do we knowingly collect information from, individuals under 18 years of age.
- We do not knowingly market to, solicit, or collect personal information from anyone under age 18
- You must be at least 18 years old to opt-in to our SMS program (clearly stated in opt-in form)
- If we discover we have inadvertently collected information from someone under 18, we will delete it promptly (within 48 hours)
- Parents or legal guardians who believe we have collected information from their minor child should contact us immediately at help@patentwellnessco.com
- We comply with the Children's Online Privacy Protection Act (COPPA) and related regulations
If you are under 18, please do not use our SMS service, provide any information to us, or complete the opt-in form. If you are a parent or guardian and believe your child has provided information to us, please contact us immediately for removal.
10. International Users and Data Transfers
Our SMS program is primarily intended for users in the United States with US phone numbers.
10.1 Data Transfer and Storage
Your information may be transferred to, processed in, and stored in the United States or other countries where our service providers operate. These countries may have data protection laws that differ from those in your country of residence.
- By opting in, you consent to the transfer of your information to the United States
- We ensure service providers in other countries provide adequate data protection
- We use Standard Contractual Clauses (SCCs) approved by the European Commission where applicable
10.2 European Economic Area (EEA) and UK Users
If you are located in the EEA or UK, you have additional rights under the General Data Protection Regulation (GDPR), including:
- Right to withdraw consent at any time without affecting prior processing
- Right to lodge a complaint with your local data protection authority (supervisory authority)
- Right to restrict processing in certain circumstances (e.g., contesting accuracy)
- Right to data portability in a commonly used, machine-readable format
- Right to object to processing based on legitimate interests
Our legal basis for processing EEA/UK data: Consent (Article 6(1)(a) GDPR), Contract performance (Article 6(1)(b)), Legal obligation (Article 6(1)(c)), Legitimate interests (Article 6(1)(f)).
EEA Representative: For GDPR-related inquiries, contact our Data Protection Officer at help@patentwellnessco.com
10.3 Brazil (LGPD)
For residents of Brazil, we comply with Lei Geral de Proteção de Dados (LGPD). You have rights similar to GDPR including access, correction, deletion, and portability. Contact help@patentwellnessco.com to exercise rights.
11. Cookies and Tracking Technologies
Our SMS program website may use cookies and similar tracking technologies:
11.1 Types of Cookies
- Essential Cookies: Required for website operation (login, forms, security)
- Analytics Cookies: Help us understand how visitors use our site (Google Analytics with IP anonymization)
- Preference Cookies: Remember your settings and choices
11.2 Your Cookie Choices
- Most browsers allow you to refuse cookies or alert you when cookies are sent
- Blocking cookies may limit website functionality
- You can opt-out of Google Analytics: Google Analytics Opt-out
11.3 Do Not Track
Some browsers have "Do Not Track" (DNT) features. Our website responds to DNT signals by disabling non-essential tracking.
12. Updates to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. This policy was last updated on November 3, 2025.
12.1 How We Notify You of Changes
When we make material changes to this policy, we will notify you by:
- Sending an SMS message to your registered phone number at least 7 days before changes take effect
- Sending an email notification to your registered email address
- Posting a prominent notice on our website homepage for 30 days
- Updating the "Last Updated" date at the top of this policy
We encourage you to review this policy periodically to stay informed about how we protect your information.
12.2 Material vs. Non-Material Changes
Material changes (requiring notification) include changes that:
- Expand the types of information we collect
- Change how we use or share your information
- Reduce your rights or protections
- Affect compliance with applicable laws
Non-material changes (no notification required) include:
- Clarifications of existing practices
- Updates to contact information
- Formatting or organizational changes
- Adding more detail to existing practices without changing them
12.3 Your Acceptance of Changes
Your continued participation in the SMS program after notification of changes constitutes your acceptance of the updated Privacy Policy. If you do not agree with changes, you have the right to opt-out by texting STOP or emailing help@patentwellnessco.com before the effective date of changes.
13. Contact Us for Privacy Questions
If you have questions, concerns, complaints, or requests regarding this Privacy Policy or our privacy practices at Mps Promotora, please contact us:
Privacy Contact Information
Primary Contact: help@patentwellnessco.com
Subject Line for Privacy Matters: "Privacy Inquiry" or "Privacy Rights Request"
Company Name: Mps Promotora
Tax Identification: 49071917000176
Established: 2008
Data Protection Officer: Available via email
Response Time: We aim to respond to all privacy inquiries within 30 days (45 days for CCPA requests)
Mailing Address: Available upon request via email
13.1 Escalation and Complaints
If you believe we have not adequately addressed your privacy concerns or if you wish to file a complaint, you have the right to:
- Escalate within Mps Promotora: Request escalation to senior management via help@patentwellnessco.com
- File FCC Complaint: Federal Communications Commission (for TCPA violations): consumercomplaints.fcc.gov
- File FTC Complaint: Federal Trade Commission (for privacy violations): reportfraud.ftc.gov
- Contact State Attorney General: Your state's consumer protection office for state privacy law violations
- File with Privacy Regulator: California residents can contact the California Privacy Protection Agency
- EEA Residents: Lodge a complaint with your local data protection authority (supervisory authority)
13.2 Anonymous Reporting
If you wish to report concerns anonymously, you may do so via email from a temporary or anonymous email address. While we may not be able to respond directly, we will investigate all credible reports.
Thank you for trusting Mps Promotora with your personal information.
We are committed to protecting your privacy and providing transparency about our practices.
Serving customers since 2008 with 95% satisfaction.