Back to the top

Privacy Policy

Introduction

This Privacy Policy describes how Medelz Incorporated (“Medelz,” “we,” “our,” or “us”) collects, uses, shares, and protects your personal information when you access or use our websites, platforms, applications, or services (collectively referred to as the “Services”). By accessing or using the Services, you agree to the collection, use, and sharing of your information as described in this Privacy Policy. If you do not agree with our policies and practices, you should not use the Services.

Medelz is a Delaware corporation headquartered in San Diego, California, U.S.A., and for individuals located in the European Economic Area (EEA) or jurisdictions with data protection laws, Medelz acts as the data controller of your personal information. If you have any questions, concerns, or requests, you can contact us at [email protected] or by mail at PO BOX 5010 PMB185, Rancho Santa Fe, CA 92067, USA.

Information We Collect

When you use the Services, Medelz collects personal information that you provide directly, such as your name, email address, phone number, payment details, profile information, and any content or submissions you create. This includes information provided when registering for an account, participating in competitions, purchasing merchandise, interacting with other users, or contacting us. We also automatically collect technical data about your device and usage patterns, including your IP address, browser type, device information, location data, interaction data, cookies, and similar technologies. Information may also be collected from third-party sources, including social media platforms, public databases, and marketing partners, where permitted by law and with your authorization.

Medelz processes personal data in the United States and does not operate localized versions of its platform in other countries. Users outside the U.S. acknowledge that the platform is provided from the United States and that local platform-operator registration requirements, if any, do not apply to Medelz as a foreign entity.

How We Use Your Information

We use your information to provide, operate, maintain, and improve the Services, including managing your account, processing transactions, delivering content and merchandise, providing customer support, and ensuring compliance with our Terms of Service. We use your information to communicate with you, including service updates, promotions, surveys, and direct marketing, subject to applicable legal requirements and your preferences. We rely on your consent for certain types of processing, the necessity to perform a contract for core services, compliance with legal obligations, or our legitimate interests in securing the platform, enhancing user experience, and conducting business operations. We also use your information for analytics, fraud prevention, enforcement of our rights, and compliance with applicable laws.

The lawful bases for our processing include performance of a contract, compliance with legal obligations, your consent, and our legitimate interests as outlined in the ‘EEA and UK Privacy Rights’ section.

Compliance Screening

Medelz may require identity verification (KYC), tax information, and sanctions screening (e.g., OFAC, UK, EU lists) before enabling redemption. Medelz may deny or limit redemption, impose thresholds, or close accounts where required by applicable AML, CTF, export-control, or sanctions laws.

Sharing of Your Information

Medelz does not sell or rent your personal information for third-party marketing purposes. We may share your data with trusted third-party service providers that assist in delivering the Services, including payment processors, cloud hosting providers, analytics services, marketing platforms, and customer support vendors. These providers are contractually bound to handle your data securely and only in accordance with Medelz’s instructions. In the event of a merger, acquisition, or sale of all or part of our assets, your information may be transferred to the successor entity, subject to data protection commitments. We may disclose information to comply with legal obligations, court orders, or regulatory requests, or to protect the rights, safety, and property of Medelz, its users, or the public. If you choose to integrate or interact with third-party platforms through the Services, you authorize us to share relevant data with those platforms as necessary.

Data Retention

We have implemented a detailed data retention policy that regulates how long we retain your personal data. The retention period for your data is based on a combination of legal, regulatory, and business requirements.

We will retain your information for as long as your account is active or as needed to provide you with the Services. We will also retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.
For most types of personal data, we retain it for as long as necessary to fulfill the purpose for which it was collected, such as to provide you with our services or to comply with legal and regulatory requirements. For example, we may retain certain transaction records for a number of years to comply with tax laws.
Once the retention period has expired, we securely delete or anonymize your personal data, so that it can no longer be associated with you.
In some cases, you may request that we delete your personal data before the end of the retention period. We will assess your request in accordance with our legal and regulatory obligations and will delete your data as soon as it is reasonably possible to do so.

Data retention is further subject to our Terms of Service, which govern the use and deletion of user-generated content.

International Data Transfers

Because Medelz operates globally, your information may be transferred to, processed in, or stored in countries outside your jurisdiction, including the United States. Where required by applicable law, Medelz implements appropriate safeguards for such transfers, including Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), or reliance on adequacy decisions issued by regulatory authorities. By using the Services, you acknowledge and consent to the cross-border transfer of your data, recognizing that privacy protections may differ in other jurisdictions.

Data Protection

We take the protection of your personal data very seriously. We have implemented several physical, technical, and organizational measures to ensure the security of your personal information and to prevent unauthorized access, use, disclosure, or destruction of it.

We have implemented strict internal policies to ensure that your personal information is only accessible by authorized personnel who have a valid business reason to access it. All our employees and third-party contractors who have access to your personal information are bound by strict confidentiality agreements.
We have implemented a number of technical security measures, including firewalls, intrusion detection systems, and encryption, to protect your personal information from unauthorized access, use, or disclosure.
We use a variety of industry-standard security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. When we transmit sensitive information (such as a credit card number or password) over the Internet, we protect it through the use of encryption, such as the Secure Socket Layer (SSL) protocol.
We regularly review and update our security measures to ensure that your personal information is protected at all times.
We will inform our users of any data breaches in case of any incident where unauthorized access, use, disclosure or destruction of their data. Where required by law, Medelz will notify authorities within 72 hours of becoming aware of a personal data breach.
We comply with all applicable data protection and privacy laws. If you have any concerns about the security of your personal information, please let us know by contacting us as described below in the Contact Us section. We will do our best to address them promptly.

Use of Publicly Available Artist Content for Marketing

Medelz may use content that you publicly post or share on your artist profile, competition entry pages, or other public areas of the platform for promotional or marketing purposes. This may include your display name, profile image, artwork, videos, music, performances, or other publicly visible content.
Such use is limited to materials that you have chosen to make publicly available on Medelz and will be used solely to promote Medelz competitions, events, featured artists, or community engagement.

By maintaining a public artist profile or submitting content to a competition, you grant Medelz a worldwide, non-exclusive, royalty-free license to reproduce, display, distribute, and communicate such public materials for promotional purposes in accordance with our [Terms of Service].
Medelz will not use your private messages, non-public data, or personally sensitive information (such as payment or contact details) for marketing without your explicit consent.

If you prefer not to have your public content featured in marketing materials, you may adjust your privacy settings or contact us at [email protected].

Your Rights, Choices, and Access

You have the following choices regarding the information we collect and use:

Opt-out of marketing communications: You can opt-out of receiving marketing communications from us by following the unsubscribe instructions included in each communication or by contacting us directly.
Access and update your information: You have the right to access, update, and correct any inaccuracies in your personal information at any time by logging into your account and making the desired changes. You can also contact us directly to request access to, or correction of, your personal information.
Close your account: You can close your account at any time by contacting us directly. Please note that we may retain certain information as required by law or for legitimate business purposes. We may also retain de-identified or aggregated information after your account has been closed.
The right to access: You have the right to request a copy of the personal data that we hold about you, along with information about how and why it is processed.
The right to rectification: If you believe that any personal data we hold about you is incorrect or incomplete, you have the right to request that we correct or complete it.
The right to erasure: In certain circumstances, you have the right to request that we delete any personal data that we hold about you. This is often referred to as the “right to be forgotten.”
The right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have us transfer that data to another controller without hindrance.
The right to object: You have the right to object to our processing of your personal data in certain circumstances, for example, for direct marketing purposes or for scientific or historical research.
The right to restrict processing: In certain circumstances, you have the right to request that we temporarily or permanently stop processing your personal data.
The right to withdraw consent: If we are relying on your consent as a legal basis for processing your personal data, you have the right to withdraw that consent at any time.
Exercise your rights under applicable data protection laws: Depending on where you live, you may have certain rights under data protection laws, such as the right to request access to or correction of your personal information, the right to object to or request the restriction of processing of your personal information, and the right to data portability. You can exercise these rights by contacting us as set forth below in the Contact Us section.
If you wish to exercise any of these rights, please contact us. We will do our best to respond to your request as soon as possible and will provide you with information about any actions taken in response to your request. Please note that in certain circumstances, we may not be able to fully comply with your request.
Please note that we may need to verify your identity before fulfilling your request. We will respond to your request in a reasonable time frame and in accordance with applicable laws.

We will do our best to address any concerns you may have. You also have the right to file a complaint with the relevant data protection authority if you believe that we have not addressed your concerns in a satisfactory manner.

Supervisory Authority and Representative Information

Medelz Incorporated is headquartered in the United States and does not maintain offices or establishments within the European Economic Area (EEA) or the United Kingdom (UK). For matters relating to the processing of personal data of EEA residents, Medelz designates the Data Protection Commission (DPC) of Ireland as the competent supervisory authority.

Residents of the United Kingdom may direct privacy-related inquiries or complaints to the Information Commissioner’s Office (ICO).

You may also contact Medelz directly at [email protected].

California Consumer Privacy Act (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) gives you the right to request that we disclose certain information to you about our collection, use, and sharing of your personal information over the past 12 months.

You have the right to request that we:

Disclose to you the personal information we have collected about you.
Provide you with a list of the categories of personal information we have collected about you.
Provide you with a list of the categories of sources from which we collected your personal information.
Provide you with a list of the categories of third parties with whom we shared your personal information.
Provide you with a list of the specific pieces of personal information we have collected about you.
To exercise your rights under the CCPA, please contact us as set forth in the “Contact Us” section below.

Please note that we may need to verify your identity before fulfilling your request. We will respond to your request in a reasonable time frame and in accordance with applicable laws.

Notice of Financial Incentive (California)

If we offer a program providing benefits (e.g., discounts, tokens) conditioned on the collection or retention of personal information, we will provide a Notice of Financial Incentive describing material terms, categories of personal information implicated, and how to opt in/out at any time without penalty.

Do Not Track and Global Compliance

Medelz does not currently respond to “Do Not Track” signals or similar mechanisms but allows you to manage tracking preferences through your browser or device settings. We comply with global data protection laws, including but not limited to GDPR, CCPA, Brazil’s LGPD, Canada’s PIPEDA, and other applicable regulations. Users outside the United States and EEA should be aware that their local laws may grant additional rights or require specific handling of personal data. Medelz will comply with local regulations where applicable and may establish regional annexes or supplemental policies as needed.

California Shine the Light

Under California law, California residents who provide personal information in obtaining products or services for personal, family, or household use are entitled to request and obtain from us, once per calendar year, information about the customer information we shared, if any, with other businesses for their own direct marketing purposes. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately preceding calendar year (e.g., requests made in 2023 will receive information regarding 2022 sharing activities).

In your request, please specify that you want a “California Shine the Light” notice. Please allow 30 days for a response.

EEA and UK Privacy Rights (GDPR and UK Data Protection Act)

If you reside in the European Economic Area (EEA) or the United Kingdom (UK), this Privacy Policy complies with the General Data Protection Regulation (GDPR) and the UK Data Protection Act.
Medelz acts as the data controller of your personal data and upholds the following rights:

  • Right of Access: You have the right to request access to the personal data we hold about you and to receive information about how it is processed.

  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.

  • Right to Erasure (“Right to be Forgotten”): You may request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected or where processing is unlawful.

  • Right to Restrict Processing: You may request that we temporarily or permanently restrict the processing of your personal data in certain circumstances, such as when you contest its accuracy or object to its processing.

  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that we transmit it directly to another controller where technically feasible.

  • Right to Object: You may object to the processing of your personal data for certain purposes, including direct marketing or profiling.

  • Right not to be Subject to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal or similarly significant effects on you.

  • Right to Human Intervention: You may request human review of any automated decision that significantly affects you.

If you wish to exercise any of these rights, please contact us at [email protected].

In competitions or sponsored events, Medelz and its sponsors may act as independent or joint data controllers for specific processing activities (e.g., prize delivery or promotion fulfillment). Each party is independently responsible for its own compliance obligations.

Automated Processing and Content Moderation

Medelz uses automated systems and artificial intelligence (AI) tools to help identify, classify, and moderate content—including text, images, audio, and video—that may violate our Terms of Service or community guidelines.
These tools assist in detecting potentially infringing, unsafe, or inappropriate material before it is published or publicly displayed.

Automated moderation decisions are not solely determinative. Medelz maintains human oversight and review processes for contested or borderline cases, and users may request a human review if they believe that automated moderation has been applied in error.

Such automated processing is performed based on Medelz’s legitimate interest in maintaining platform safety, compliance, and legal integrity, as described in our Terms of Service.
The use of AI for moderation does not produce legal effects or other decisions that significantly affect users’ rights or access to the Services.

Children’s Privacy

Medelz does not knowingly collect or solicit personal information from individuals under the age of 18. If we become aware that we have collected information from a minor without verified parental consent, we will delete such data promptly. Parents or guardians may contact us at [email protected] to request removal of such information.

Changes to This Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in our practices, legal requirements, or Services. We will notify users of material changes through prominent notices on our platform or by direct communication, and we encourage you to review the policy periodically. Continued use of the Services after updates signifies your acceptance of the revised policy.

In the event of any conflict between this Privacy Policy and the Terms of Service, the Terms of Service shall govern your use of the Services, while this Privacy Policy shall govern the collection and use of personal data.

Contact Us

To request this information or if you have any questions about this privacy policy or our treatment of your personal information, please contact us by email at [email protected] or by mail at:

Medelz Incorporated

PO BOX 5010 PMB185

Rancho Santa Fe, CA 92067, U.S.A.

We are not required to respond to requests made by means other than through the provided contact information.

© 2025 MEDELZ INCORPORATED - All Right Reserved
click to show

Logout

Are you sure you want to logout?

Logout
× Success!

OK
× Alert!

OK