Privacy Policy

1. Introduction & Scope

MLB Matrix (the “Service”) is the official customer relationship management (CRM) system for Mainline Brands. This Privacy Policy describes how we collect, use, store, share, and protect personal data of individuals (e.g. customers, leads, prospects, and contacts) whose information is recorded and managed using MLB Matrix. This policy applies to all data handled via MLB Matrix, regardless of where the data was collected (website, form, phone call, email, in-person, etc.).

By using MLB Matrix (directly or indirectly via Mainline Brands’ services), you agree to the terms of this Privacy Policy.

2. Data Controller / Data Processor

Controller / Processor: MLB Matrix

Contact Information:
Email: [email protected]
Address:2359 Perimeter Pointe Parkway, Suite 250, Charlotte, NC 28208
Role for inquiries: Privacy Officer

You may contact us via the above to ask questions, request access, corrections, or deletion of personal data, or raise any concerns about this policy or your personal data.

3. What Information We Collect

MLB Matrix may collect and store the following categories of personal data, depending on the context and interaction with Mainline Brands:

Contact Information: name, company name (if applicable), address, phone number(s), email address.

Demographic / Business Information: company size, role/position, company address, industry, customer status (lead / client / past client), notes about interactions (meetings, calls, emails), service preferences, service history, subscription/treatment history (if applicable), status flags (e.g. active / inactive), opt-in consent status.

Communications Data: Records of communications (emails, calls, messages), notes or logs (e.g. meeting notes, follow-ups), service requests or support ticket history.

Usage / Metadata: Timestamps of interactions (e.g. when contact was created, last updated), CRM activity logs (who accessed or modified data, when), possibly IP address or device/browser metadata if data was submitted via web forms.

Consent & Preference Data: Explicit consent records (e.g. for marketing communications), opt-out or unsubscribe requests, marketing / contact preferences.

We only collect the information that is necessary to provide, manage, or improve our services, maintain relationships, communicate with you, fulfill legal obligations, or for marketing/business development, depending on your consent and local regulations.

4. How We Use the Information (Purpose)

We use the collected data for one or more of the following purposes:

To manage and maintain relationships with customers, leads, partners, and contacts.

To communicate with you: service notifications, updates, reminders, customer support, follow-ups, and administrative communications.

To provide services you requested: e.g. scheduling, billing or subscription management, service delivery tracking, history of treatments/purchases.

To send marketing communications only if you have given consent (e.g. newsletters, promotions, offers, updates about Mainline Brands’ services).

To personalize and improve our services and interactions (e.g. customer segmentation, support history, service recommendation, internal analytics, record keeping).

To comply with applicable laws, regulations, audits, legal obligations, or legitimate business purposes (e.g. fraud prevention, data retention, regulatory compliance).

To maintain internal records, data integrity, backup, and security.

5. Data Sharing and Disclosure

We may share your personal data in the following ways / with the following parties (only as necessary):

Within Mainline Brands’ group — authorized employees, departments (sales, support, operations, marketing) who need access to perform their duties.

With third-party service providers or subprocessors that help us deliver, maintain, or enhance the CRM system and related services (e.g. hosting providers, email delivery services, analytics providers, payment processors, etc.), provided they agree to safeguard and limit use of your data.

When required by law or regulation (e.g. compliance with legal orders, court orders, law enforcement requests).

In connection with acquisitions, business transfers, mergers, or restructuring — but only under confidentiality obligations and ensuring that data remains protected.

For fraud prevention, security, legal protection, or to enforce our terms and policies.

We do not sell your personal data to third-party advertisers or outside parties for their independent marketing use (unless explicitly disclosed and consented to).

6. Data Retention

We retain personal data for as long as needed to fulfill the purposes outlined above (relationship management, service provision, communications, legal compliance). When data is no longer needed (e.g. upon request for deletion, or after a reasonable retention period following last activity), we will securely delete or anonymize it, unless there is a compelling legal or business reason to retain it (e.g. for tax, audit, or dispute resolution).

7. Security Measures

We are committed to protecting your personal data. We implement appropriate technical and organizational safeguards to protect data from unauthorized access, disclosure, alteration or destruction. These include (but are not limited to):

Secure access controls (role-based permissions, least-privilege access)

Encryption (in transit and at rest) for sensitive data

Secure hosting environment / infrastructure (if data is stored on cloud or third-party servers)

Audit logging (who accessed or modified data, when)

Regular security reviews / audits and access reviews

Staff training on data privacy and handling procedures

However — while we strive to protect your data, no system is 100% secure; in the event of a data breach, we will follow applicable legal requirements (notification, mitigation, etc.) and notify affected individuals as appropriate.

8. Your Rights

Depending on your jurisdiction, you may have certain rights regarding your personal data. These may include:

Right to access — request a copy of the personal data we hold about you.

Right to correct or update — request corrections or updates if your data is inaccurate or incomplete.

Right to erase / delete — request deletion of your personal data, subject to legal and business constraints (e.g. data needed for legitimate business or legal compliance).

Right to restrict or object to processing — e.g. object to marketing communications, or limit use of your data.

Right to withdraw consent — if processing is based on your consent, you can withdraw it at any time.

Right to data portability — where applicable, request a copy of your data in portable, machine-readable format.

If you wish to exercise any of these rights, please contact us at [privacy/contact email]. We will respond within a reasonable timeframe (or as required by applicable law).

9. Cookies & Tracking (if applicable)

If MLB Matrix (or any public-facing Mainline Brands website connected to it) uses cookies, analytics, or other tracking technologies, this policy applies to the data collected. We will clearly inform users about such technologies, what data is collected (IP addresses, device metadata, usage data), why it is collected (e.g. performance monitoring, analytics), and how users can opt out or manage preferences.

If required by applicable law, we will obtain consent before placing non-essential cookies or tracking mechanisms.

For notifications about cookies and consent mechanisms, please refer to our separate Cookie Policy (if any), linked here: [link to Cookie Policy] — or contact us to request a copy.

10. Changes to This Policy

We may update this Privacy Policy periodically (for example, when we add new features, change our data handling practices, or to comply with new laws/regulations). When we do, we will:

Update the “Last Updated” date at the top of the policy.

Notify our customers/users of significant changes (e.g. via email or notification in the dashboard).

Provide access to the previous version (upon request).

We recommend you review this Privacy Policy regularly so you stay informed about how we handle your data.

11. Contact Us / Privacy Inquiries

If you have questions about this Privacy Policy, want to exercise your data rights (access, correct, delete, portability, etc.), or have concerns about your personal data, please contact:

Contact Information:
Email: [email protected]
Address:2359 Perimeter Pointe Parkway, Suite 250, Charlotte, NC 28208
Role for inquiries: Privacy Officer

We will review and respond to your request as soon as reasonably possible (or within the timeframe required by applicable law).