Privacy Policy
July 2025
Introduction
Welcome to the Mize portal ("Portal"). The Portal allows you, a Mize Customer to review transactions, logs and indices of Mize's products integrated with your system. The Portal allows you, a representative of a travel agency with which MST Travel has a commercial agreement, to manage and review the billing status of the agency's end-customers' bookings. The Portal is developed and is owned and operated by MST Travel Ltd. (“ Company ” or “ we ”, “ us ”, “ our ”).
We are committed to complying with applicable data protection laws. This Privacy Policy (“ Policy ”) explains how we collect and use your information when you use our Portal.
The Portal is not intended for users under the age of 18. We do not knowingly collect information from children under the age of 18 or knowingly allow minors under the age of 18 to use the Portal.
This Policy may be amended from time to time. We will post any change to this Policy on our Portal at a reasonable time in advance of the effective date of the change, and we will also make efforts to proactively notify you of the changes.
Contact us
If you have any questions, comments or concerns regarding this Policy or our processing of your personal information, please contact us through the Portal or email us at: Privacy@mize.tech.
What we collect and why
|
Scenario |
Purposes |
Categories of information processed |
|
Creating an account on the Portal |
Providing you with the functionality of the Portal; contacting you regarding administrative issues related to the Portal, this Policy or our Terms of Service |
You must register to create an account on the Portal in order to use it. When you register, we collect your full name, email address and password. |
|
Contacting us with an inquiry |
Handling your inquiry and providing you with support in your use of the Portal; maintaining our business relationship with you and your organization |
Your user account details, the contents of your inquiry, our communications with you in relation to your inquiry. |
|
You provide payment information through the Portal |
Billing of payments due to the Company |
Bank account information or credit card information. We do not store or have access to your credit card information. We use qualified third party payment processors who process the credit card information. |
|
Use of authentication cookies on the Portal |
Authenticating your access to the Poral |
Your authenticated token enabling access to the Portal |
|
Use of analytics cookies on the Portal |
Operating and improving the Portal; our business development |
Information about your use of the Portal, e.g., IP address from which you access the Portal, time and date of access, type of device and browser used, language used, links clicked via a mouse or a touch screen, and actions taken while using the Portal. |
You do not have a legal obligation to provide the above Information; however, if you choose to not share this information with us, we may not be able to create your account on the Portal or handle your inquiry.
Methods and sources for collecting your personal information
We collect the personal information from several sources:
- Directly from you, when you register to create an account on the Portal or contact us with an inquiry.
- Through the device you use to access our Portal.
Sharing your personal information
We will not share your information with third parties, except in the events listed below or when you provide us your explicit and informed consent.
|
Scenario |
Purposes |
Examples of third parties involved |
|
We will share your information with our service providers who assist us with the internal operations of our Portal. These companies are authorized to use your personal information in this context only as necessary to provide these services to us and not for their own promotional purposes |
Operating the Portal and managing our business |
Hotjar, Bluesnap |
|
If you abused your rights to use the Portal or violated any applicable law while engaging with us |
Responding to, handling, and mitigating suspected violations of law in connection with our business |
Competent authorities, courts, legal counsels, and advisors |
|
If a judicial, governmental, or regulatory authority requires us to disclose your information |
Complying with a binding request from a competent authority |
Competent authorities |
|
If the operation of the Portal or our business is organized within a different framework, or through another legal structure or entity |
Enabling a structural change in the operation of the Portal and our business. |
The target entity of the merger or acquisition, legal counsels, and advisors. |
Cookies
When you interact with our Portal, we obtain certain information using cookies. A “cookie” is a text file that websites send to a visitor’s computer or other internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser.
The information that the cookies maintain is read by the website during the session of the visit (these are called session cookies), and when the user returns to visit it again (these are called persistent cookies).
We use Cookies for several purposes, as detailed below:
Strictly necessary cookies . Strictly necessary cookies are cookies that are required to enable core features of the Portal, and the Portal cannot fully function without them.
Analytics cookies . Analytics cookies are used for analyzing the use of the Portal and the activities performed through it. They help us understand how you and other users interact with our Portal.
You can always delete or disable cookies. Disabling cookies for future uses is possible through your browser or device settings.
Please bear in mind that deleting or disabling cookies may affect your experience when using the Portal.
Data retention and security
We retain your information for as long as you are an active user, and thereafter as needed for record-keeping matters (but no longer than 4 years).
We will retain your information for as long as you are an active user of the Portal. Thereafter, we will still retain your personal information as necessary to comply with our legal obligations, resolve disputes, establish and defend legal claims and enforce our agreements. The overall retention following the termination or expiration of your engagement with us will not exceed 4 years.
We implement measures to secure your information.
We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information. However, these measures do not provide absolute information security. Therefore, although efforts are made to secure your personal information, there is no guarantee that it will be immune from information security risks.
Your rights
As a user of our Portal, you have the following rights in relation to your personal information:
Right to review your information . You have the right to review, either by yourself or through an authorized representative or a guardian, any information we have stored about you in our databases.
Right to request to rectify your information . If, upon reviewing your information, you find your information to be incorrect, incomplete or outdated, you have the right to ask us to rectify your information or delete it. We will inform you within 30 days whether we can comply with your request.
Right to have your personal information deleted, under certain circumstances, such as when the information is no longer necessary for the purposes the information was collected for.
Additional Information for Individuals in EEA And UK
Data Controller. MST Travel Ltd. is the controller of your personal information processed on the Portal.
International data transfers. To facilitate processing your information through the Portal and by our service providers, we will transfer your information to and within countries outside the EU or the UK, such as Israel. We do so under an adequacy decision or under the terms of a data transfer agreement which contains standard data protection contract clauses with adequate safeguards determined by the EU Commission and the UK Information Commissioner’s Office.
Legal basis for processing your personal data. We process your personal data based on the following legal bases:
|
Purpose or Scenario |
Legal Basis |
|
Registering to our Portal |
Our legitimate interest in the proper operation of the Portal and our business. |
|
Contacting us with an inquiry |
Our legitimate interest in handling your inquiry and providing you with support in your use of the Portal, and in maintaining our business relationship with you. |
|
Processing bank account and credit card information |
Our legitimate interest in billing payments due to the Company |
|
Use of strictly necessary cookies on the Portal |
Our legitimate interest in developing and enhancing the Portal and our business. |
|
Use of analytics cookies on the Portal |
Your consent. |
|
Sharing your data with our service providers |
Our legitimate interest in the proper operation of the Portal and our business. |
|
Responding to, handling, and mitigating suspected violations of law in connection with our business |
Our legitimate interest in defending and enforcing against violations and breaches that are harmful to our business. |
|
Complying with a binding request from a competent authority |
Our legitimate interest in complying with mandatory legal requirements imposed on us. |
|
Enabling a structural change in the operation of the Portal and our business |
Our legitimate interest in our business continuity. |
Data subject rights. If you are in the EEA or the UK, you have the following rights:
- Right to Access and receive a copy of your personal information that we process.
- Right to Rectify inaccurate personal information we have concerning you and to have incomplete personal information completed.
- Right to Data Portability, that is, to receive the personal information that you provided to us, in a structured, commonly used, and machine-readable format. You have the right to transmit this data to another person or entity. Where technically feasible, you have the right to have your personal information transmitted directly from us to the person or entity you designate.
- Right to withdraw your consent to processing your personal information, easily and at any time, if the basis for our processing is your consent. We may continue to process personal information with respect to which your consent is not necessary. Withdrawing your consent will not affect the lawfulness of the processing we carried out based on your consent before such withdrawal.
- Right to Object to our processing of your personal information based on our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or if we need to process such personal information for the establishment, exercise, or defense of legal claims.
- Right to Restrict us from processing your personal information (except for storing it): (a) if you contest the accuracy of the personal information (in which case the restriction applies only for a period enabling us to determine the accuracy of the personal information); (b) if the processing is unlawful and you prefer to restrict the processing of the personal information rather than requiring the deletion of such data by us; (c) if we no longer need the personal information for the purposes outlined in this Policy, but you require the personal information to establish, exercise or defend legal claims; or (d) if you object to our processing based on our legitimate interest (in which case the restriction applies only for the period enabling us to determine whether our legitimate grounds for processing override yours).
- Right to be Forgotten, under certain circumstances, such as when you object to our processing of your personal information based on our legitimate interest and there are no overriding legitimate grounds for the processing. However, notwithstanding such a request, we may still process your personal information if it is necessary to comply with our legal obligations, or for the establishment, exercise, or defense of legal claims. If you wish to exercise any of these rights, please contact us through the channels listed in this Policy.
We do not implement automated decision-making mechanisms in the Portal.
When you contact us with a request, we reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. If we are not able to provide you with the information that you have asked for, we will explain the reason.
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, then according to Article 77 of the GDPR, you can lodge a complaint to the supervisory authority in the Member State of your residence, place of work, or place of an alleged infringement of the GDPR. For a list of supervisory authorities in the EU, click here.
If you are in the UK, you can lodge a complaint to the Information Commissioner’s Office (ICO) pursuant to the instructions provided here.