Privacy Policy

Last updated: January 01, 2026

This Privacy Policy (the "Policy") explains how MCNG Digital LLC operating under the brand eFactored ("eFactored", "we", "us", or "our") collects, uses, discloses, and protects personal data when you access or use www.efactored.com and related services (the "Website").

This Policy is designed to apply globally, including users located in the United States, the European Economic Area (EEA), the United Kingdom, South Africa, and other jurisdictions. Where required, jurisdiction-specific rights are described in dedicated sections below.

1. Data Controller

For the purposes of applicable data protection laws, including the EU General Data Protection Regulation ("GDPR") and the South African Protection of Personal Information Act ("POPIA"), the data controller is:

MCNG Digital LLC
United States
Email: info@efactored.com

If required by law, we will appoint an EU or UK representative and make their contact details available.

2. Personal Data We Collect

2.1 Data You Provide Directly

We may collect personal data that you voluntarily provide, including:

  • Identification and contact details (name, email address, telephone number, business address)

  • Account credentials (username and password, where applicable)

  • Business or professional information submitted through forms or applications

  • Communications you send to us (emails, messages, support requests)

2.2 Data Collected Automatically

When you access the Website, we may collect:

  • IP address

  • Device and browser information

  • Usage data (pages visited, time spent, referring URLs)

  • Approximate geographic location

Where IP addresses or similar identifiers are considered personal data under applicable law, we treat them accordingly.

2.3 Data From Third Parties

We may receive personal data from:

  • Service providers (e.g., analytics, hosting, payment, or security providers)

  • Business partners or referrers

  • Publicly available sources

3. Purposes and Legal Bases for Processing (GDPR / POPIA)

We process personal data only where permitted by law. Depending on the context, processing is based on one or more of the following legal bases:

  • Performance of a contract (e.g., providing requested services, managing accounts)

  • Legal obligation (e.g., accounting, tax, regulatory compliance)

  • Legitimate interests (e.g., improving services, fraud prevention, security)

  • Consent (e.g., marketing communications, non-essential cookies, where required)

Where processing is based on consent, you may withdraw that consent at any time.

4. How We Use Personal Data

We use personal data to:

  • Provide, operate, and maintain the Website and services

  • Communicate with users regarding accounts, inquiries, or services

  • Process transactions and manage payments

  • Improve functionality, performance, and user experience

  • Ensure security, prevent fraud, and enforce our terms

  • Comply with legal and regulatory obligations

5. Cookies and Similar Technologies

We use cookies and similar technologies to operate and improve the Website.

  • Strictly necessary cookies are required for core functionality

  • Analytics and performance cookies help us understand usage and improve services

  • Functionality cookies remember user preferences

  • Marketing or targeting cookies may be used where permitted by law

Where required by applicable law (including in the EU/EEA and UK), we will obtain prior consent before placing non-essential cookies. You can manage cookie preferences through your browser settings or our cookie consent tool.

Note for South African users: While POPIA does not explicitly require a cookie banner, we use this banner to provide transparency and choice regarding analytics and marketing cookies.

6. Data Sharing and Disclosure

We do not sell personal data. We may share personal data with:

  • Service providers acting on our behalf

  • Professional advisors (legal, accounting, compliance)

  • Authorities or third parties where required by law

  • Successors in the event of a merger, acquisition, or asset sale

All service providers are contractually required to protect personal data.

7. International Data Transfers

As a U.S.-based company, we may transfer personal data outside your country of residence, including to the United States. Where required by law, we rely on appropriate safeguards such as:

  • Standard Contractual Clauses approved by the European Commission

  • Other lawful transfer mechanisms

For South African users, by using our services, you consent to the transfer of your personal information outside South Africa, including to the United States, where it will be processed in accordance with this Privacy Policy.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law. Backup data is retained for a maximum of 13 months.

9. Your Privacy Rights

9.1 EEA, UK, and Swiss Residents

If you are located in the EEA, UK, or Switzerland, you have the right to:

  • Access your personal data

  • Rectify inaccurate or incomplete data

  • Request erasure of your data

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent at any time

  • Lodge a complaint with a supervisory authority

9.2 United States Residents

Depending on your state of residence, you may have rights to:

  • Access, correct, or delete personal data

  • Opt out of certain data processing activities

  • Not be discriminated against for exercising privacy rights

9.3 South African Residents

Under POPIA, South African users may:

  • Request access to their personal information

  • Request correction of inaccurate, incomplete, outdated, or misleading personal information

  • Withdraw consent where processing is consent-based

  • Lodge a complaint with the Information Regulator (South Africa)

Requests can be made using the contact details below.

10. Children’s Privacy

Our services are not intended for:

  • Children under 16 in the EEA/UK, or

  • Children under 13 in the United States.

We do not knowingly collect personal data from children.

11. Security

We implement appropriate technical and organizational measures to protect personal data. However, no system is completely secure, and we cannot guarantee absolute security.

12. Contact Us

If you have questions, requests, or concerns about this Policy or our data practices, contact us at:

info@efactored.com

13. Changes to This Policy

We may update this Policy from time to time. Any changes will be posted on this page with an updated revision date. Where required by law, we will provide additional notice of material changes.

If translations of this Privacy Policy are provided, the English version shall prevail in the event of any inconsistency.

Copyright © 2026 eFactored