This Data Protection & Privacy Notice explains how Black Manta Data Analytics (“the Firm”) collects, uses, processes, stores, and protects data in connection with its website, services, and client engagements. The purpose of this notice is to provide clear, professional transparency regarding data protection practices for small and mid-sized business clients, enterprise reviewers, auditors, and regulators.
This notice applies to visitors to the Firm’s website, prospective clients, and clients who engage the Firm’s services. It does not replace or modify any executed agreement, including master service agreements, statements of work, or data protection addenda, which govern specific client engagements.
This notice covers information that the Firm may collect or process through website interactions, communications, service delivery, and internal operations. Such information may include contact details, business identifiers, technical information related to website access, and client-provided data necessary to perform analytics, reporting, or technology services.
Client-provided data may include operational, transactional, customer, financial, or other business data supplied for the limited purposes defined in the applicable engagement. The Firm processes such data solely in accordance with agreed service scopes.
This notice does not apply to data processed exclusively within client-managed systems where the Firm does not have access. It also does not apply to third-party websites, platforms, or services that may be linked to or integrated with the Firm’s website or services. Third parties operate under their own privacy and data protection practices, and the Firm is not responsible for those practices.
The Firm uses data for legitimate business purposes, including operating its website, responding to inquiries, delivering contracted services, maintaining service quality, ensuring system security, and meeting contractual or legal obligations.
Any dashboards, reports, models, forecasts, or analytical outputs derived from data are informational in nature and intended to support business decision-making. These outputs require human review and judgment prior to use. The Firm does not provide legal, medical, financial, tax, or regulatory advice.
Clients are responsible for ensuring that any data provided to the Firm has been lawfully collected and may be shared and processed for the intended purposes. Clients remain responsible for compliance with applicable laws, regulations, contractual obligations, and internal policies governing their data.
The Firm does not independently verify the legality, completeness, or accuracy of client-provided data unless expressly agreed in writing. All decisions made using analytical outputs remain the responsibility of the client.
The accuracy and reliability of analytics outputs depend on the quality, completeness, and timeliness of input data. Data analytics, automation, and models are subject to inherent limitations, including incomplete information, modeling assumptions, system constraints, and changing business conditions.
Predictive or forward-looking outputs are estimates based on available data and should not be treated as guarantees of future outcomes. The Firm does not warrant that outputs will be error-free or suitable for every purpose.
The Firm retains data only for as long as necessary to fulfill the purposes described in this notice, support service delivery, meet contractual obligations, and comply with applicable legal requirements. Retention periods may vary depending on the nature of the data and the engagement.
Where specific retention, return, or deletion terms apply, those terms are governed by the applicable written agreement between the Firm and the client.
The Firm implements reasonable administrative, technical, and organizational safeguards designed to protect data against unauthorized access, disclosure, alteration, or destruction. Security measures are proportionate to the nature of the services provided and the sensitivity of the data involved.
No method of data transmission or storage is completely secure. The Firm does not guarantee absolute security and is not responsible for incidents resulting from factors beyond its reasonable control.
The Firm may use third-party platforms, infrastructure providers, or software tools to support hosting, analytics, development, monitoring, or communications. These providers may process limited data as necessary to deliver their services.
Third-party tools operate under their own policies and controls. The use of such tools does not transfer responsibility for data governance, compliance, or decision-making from the client to the Firm.
The Firm provides services in a general commercial context and across industries such as retail, hospitality, healthcare, and financial services. Clients remain responsible for understanding and complying with industry-specific data protection or regulatory requirements. The Firm does not certify compliance or perform regulatory audits unless expressly agreed in writing.
This notice is provided for informational purposes only. The Firm makes no guarantees regarding compliance outcomes, regulatory approvals, or business results. Nothing in this notice constitutes legal, medical, financial, tax, or regulatory advice.
The Firm may update this Data Protection & Privacy Notice periodically to reflect changes in services, technologies, or practices. The most current version published on the Firm’s website applies unless otherwise agreed in writing.
This notice is intended for general commercial use. Applicability and interpretation may vary by jurisdiction, and clients are responsible for determining how applicable laws and regulations apply to their data and operations.
