Privacy & Cookies
ModSquad EU-US Data Privacy Framework,
GDPR Policy and CCPA Policy
ModSquad is responsible for your Personal Data. ModSquad comprises of ModSquad, Inc., an American corporation, and all entities owned or controlled by it in connection with its business, including Metaverse Mod Squad UK Ltd., a Northern Ireland private limited company, ModSquad Costa Rica S.A., a Costa Rica sociedad anonima, and ModSquad PH Corp., a Philippines company. References in this Statement to “ModSquad”, “we”, “our” or “us” include these ModSquad companies and each of these entities is committed to protecting your privacy.
When Do We Process Your Personal Data and To Whom Might We Disclose It?
We may process your Personal Data (1) when you, or an organization with which you are connected, are our client; (2) for marketing, business operation and relationship management purposes; (3) when you work with us or apply to work with us as an employee, contractor or vendor; and/or (4) when you visit our website.
Specifically, ModSquad may process Personal Data of our clients’ customers in connection with our digital engagement services, including moderation, customer support, community management, social media services, and consulting. We may disclose this Personal Data to qualified subcontractors (vetted with non-disclosure agreements) working in our Mod Network and Third Parties like technology provider vendors (again vetted with non-disclosure agreements). ModSquad also processes Personal Data of our qualified subcontractors and Mod Network applicants and human resources data; we may disclose this personal information to vendors (vetted with non-disclosure agreements) for payment, payroll and human resources functions.
ModSquad also complies with the GDPR concerning Individuals in the European Union, Switzerland, and the United Kingdom. All ModSquad employees and contractors who handle Personal Data from Europe, the United Kingdom, Switzerland, California and elsewhere are required to comply with the Principles stated in this Policy.
ModSquad also complies with the CCPA concerning Individuals in California. All ModSquad employees and contractors who handle Personal Data from California and elsewhere are required to comply with the Principles stated in this Policy.
ModSquad never sells Personal Data.
Some of the capitalized terms we use here are defined at the end of the Policy.
Individuals have the right to be informed about the collection and use of their Personal Data.
Right to Be Informed
Individuals have the right to be informed about the collection and use of their Personal Data.
Right to Access, Change or Delete Personal Data
A. Right to Access. Individuals may have the right to know what Personal Data about them is included in the databases and to ensure that such Personal Data is accurate and relevant for the purposes for which ModSquad or its client collected it. Individuals who are ModSquad employees or contractors may review their own Personal Data stored in the databases and correct, erase, or block any data that is incorrect, as permitted by applicable law and ModSquad policies. If Individuals who are customers of a ModSquad client make such a request, ModSquad will forward the request to the ModSquad client and work with the ModSquad client for resolution. To make a request, Individuals should send an email to
B. Requests for Personal Data. ModSquad will track each of the following and will provide notice to the appropriate parties under law and contract when either of the following circumstances arise: (a) legally binding request for disclosure of the Personal Data by a law enforcement authority unless prohibited by law or regulation; or (b) requests received from the Data Subject.
C. Satisfying Requests for Access, Modifications, and Corrections. ModSquad will endeavor to respond in a timely manner to all reasonable written requests to view, modify, or inactivate Personal Data.
Right to Limit the Use and Disclosure and Deletion of Your Personal Data
Individuals have the right to know what processing is undertaken on their Personal Data and to ensure it is relevant for the purposes for which ModSquad or its client collected it. They also have the right to restrict processing or to object to it.
Individuals who are ModSquad employees or contractors may review the processing of their own Personal Data and to restrict or object to processing, as permitted by applicable law and ModSquad policies.
Where Personal Data are processed for direct marketing purposes, the Individual shall have the right to object at any time to processing of Personal Data concerning him or her for such marketing, which includes profiling to the extent it is related to such direct marketing. If Individuals who are customers of a ModSquad client make such a request, ModSquad will forward the request to the ModSquad client and work with the ModSquad client for resolution.
Pursuant to GDPR and CCPA, the affected Individuals have the right to erasure or deletion of their Personal Data we have collected, subject to certain exceptions. If you would like any or all of your Personal Data deleted, please email us your request at
Right of Data Portability
Individuals have the right to receive the Personal Data concerning him or her, which he or she has provided to ModSquad, in a structured, commonly used and machine-readable format. Further the Individual shall have the right to have the Personal Data transmitted directly to another Controller, where technically feasible.
Rights in Relation to Automated Decision Making and Profiling
Individuals have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, unless:
- it is necessary for entering into, or performance of, a contract between the data subject and a data controller;
- authorized by Union or Member State or other applicable law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests;
- or is based on the data subject’s explicit consent.
Our Principles of Processing
Lawful, Transparent and Fair
When ModSquad collects personal data directly from an Individual or where we obtain it from a source other than the Individual, we will work to provide the following privacy information:
- The purposes that we will use the data for
- The period of time for which we will retain and process the data
- Information relating to the individuals’s rights and a means to exercise them
- Any third parties or categories of third parties to whom the data might be transmitted
Where the personal data is collected from a source other than the Individual, ModSquad will additionally work to provide the Individual with the source of the data.
Restricted to Specific Purposes
ModSquad-collected Personal Data will be processed only for the purposes for which it was collected. If ModSquad wishes to use an Individual’s Personal Data for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individuals, ModSquad will seek authorization for the new forms of processing.
In the case of ModSquad client-provided data, the client is responsible for ensuring that it has obtained consent and notified the individual about what processing ModSquad will be doing on its behalf.
ModSquad will only retain personal data for as long as we have a legitimate business or legal need. When there is no longer a legitimate need to retain the data, or when the data retention specified at the time of collection has expired, ModSquad will delete the data from our systems. Also, as discussed above, if you would like us to delete any Personal Information we collected on you, please email us at
Confidentiality and Data Security
ModSquad uses reasonable efforts to maintain the accuracy and integrity of Personal Data and to update it as appropriate. ModSquad has implemented physical and technical safeguards to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Specifically, Personal Data is stored on Third Party cloud services that fully satisfy the most stringent requirements for data protection, identity verification, service security, business practices and legal protection. ModSquad also employs access restrictions, limiting the scope of persons who have access to Individual Personal Data to those on a need-to-know basis. Despite these precautions, no data security safeguards guarantee 100% security all of the time.
Internal Transferral of Personal Data
ModSquad may move personal data internally on an international basis. ModSquad works with contractors in its Mod Network around the world. It also has operation centers and employees in the US, the UK and Latin America, with plans for expansion in other areas of the world. Such data transfers are covered by our compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, the Swiss-U.S. DPF, and national laws, such as GDPR and CCPA. ModSquad is liable pursuant to applicable law for onward transfers of personal data to Third Parties.
However, Individuals may opt out of whether ModSquad may provide their personal information to Third Parties in certain circumstances by contacting ModSquad at
Collection and Use of Personal Data
ModSquad provides digital engagement services to clients who provide various solutions to Individuals. Our clients collect Personal Data from their Individuals when they purchase their products, register with their website, log-in to their account, complete surveys, request information or otherwise communicate with them. In order for us to perform our services, our clients may share the Personal Data with ModSquad.
The Personal Data we receive may vary based on the Individuals’ interaction with our clients’ products and services. As a general matter, ModSquad’s clients may collect the following types of Personal Data from their Individuals: contact information, including, a contact person’s name, work email address, work mailing address, work telephone number, title, and company name, as well as payment information (which might include credit card and/or bank account information). Individuals may have the option to log into their accounts online and to request service online, including through a live support option; our clients may collect information that they choose to provide to them through these portals.
When Individuals use our clients’ services online, our clients may collect their IP address and browser type, and they may associate IP address and browser type with a specific customer. They also may collect Personal Data from persons who contact them through their website to request additional information; in such a situation, our clients would collect contact information (as discussed above) and any other information that the person chooses to submit through the website.
The information that our clients collect from Individuals may be used for selling the products and services they buy from that client, managing transactions, reporting, invoicing, renewals, other operations related to providing services and products to the Individual.
In our capacity as a service provider, we will receive, store, and/or process Personal Data. In such cases, we are acting as a data processor and will process the personal information on behalf of and under the direction of our clients. ModSquad uses Personal Data that it collects indirectly in its role as a service provider for the following business purposes, without limitation:
- maintaining and supporting its clients’ products, delivering and providing the requested products/services, and complying with its contractual obligations related thereto (including managing transactions, reporting, invoices, renewals, and other operations related to providing services to an Individual);
- satisfying governmental reporting, tax, and other requirements (e.g., import/export);
- storing and processing data, including Personal Data, in computer databases and servers located in the United States;
- verifying identity (e.g., for online access to accounts);
- as requested by the Individual;
- for other business-related purposes permitted or required under applicable local law and regulation;
- and as otherwise required by law.
Disclosures / Onward Transfers of Personal Data
ModSquad discloses Personal Data only to Third Parties who reasonably need to know such data to perform tasks on our behalf and under our instructions. For example, ModSquad may store such Personal Data in the facilities operated by Third Parties. Such Third Parties must reasonably need to know such data for the limited and specific scope of the transaction and not for other purposes and must agree to comply with EU-U.S. DPF and GDPR principles for transfers and processing Personal Data, including confidentiality obligations. They must also obtain written authorization from and give flow down, liability, assistance, data deletion and onward transfer assurances to ModSquad before subcontracting its obligations.
ModSquad also may disclose Personal Data for other purposes or to other Third Parties when a Data Subject has consented to or requested such disclosure.
ModSquad may also be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Responsibilities and Management
ModSquad has designated the Legal Department to oversee its information security program, including its compliance with GDPR and the EU-U.S. DPF program. The Legal Department shall review and approve any material changes to this program as necessary. Any questions, concerns, or comments regarding this Policy also may be directed to
Renewal / Verification
ModSquad will renew its EU-U.S. DPF certifications annually, unless it subsequently determines that it no longer needs such certification or if it employs a different adequacy mechanism.
Prior to the re-certification, ModSquad will conduct an in-house verification to ensure that its attestations and assertions with regard to its treatment of Individual Personal Data are accurate and that the company has appropriately implemented these practices. Specifically, as part of the verification process, ModSquad will undertake the following:
C. Ensure that this Policy continues to comply with the EU-U.S. DPF principles
D. Confirm that Individuals are made aware of the process for addressing complaints and any independent dispute resolution process. (ModSquad may do so through its publicly posted website, Individual contract, or both.)
E. Review its processes and procedures for training personnel about ModSquad’s participation in the EU-U.S. DPF program and the appropriate handling of Individual’s Personal Data. ModSquad will prepare an internal verification statement on an annual basis.
Changes to this Policy
This Policy may be amended from time to time, consistent with the Data Privacy Framework Principles, GDPR, CCPA and other applicable data protection and privacy laws and principles. Any changes will be updated on the website at https://modsquad.com/privacy-and-cookies .
Questions or Complaints
Anyone may contact ModSquad with questions or complaints concerning this Policy at the following address:
Enforcement and Dispute Resolution
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, ModSquad commits to resolve complaints about your privacy and our collection or use of Personal Data. EU, UK, and Swiss individuals with DPF inquiries or complaints regarding our handling of Personal Data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact ModSquad at
If one’s question or concern cannot be satisfied through our internal complaint process, in compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, ModSquad commits to refer unresolved complaints concerning our handling of Personal Data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to the International Centre for Dispute Resolution/American Arbitration Association (ICDR/AAA), an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.icdr.org/dpf for more information or to file a complaint. The services of ICDR/AAA are provided at no cost to you.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, ModSquad commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF in the context of the employment relationship.
If your DFP complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not otherwise resolved by other redress mechanisms. For more information about binding arbitration for EU-US DPF and the UK Extension visit https://go.adr.org/dpfeufiling.html and for the Swiss-U.S. DPF visit https://go.adr.org/sw-us_dpf_annexi.html.
Investigatory and Enforcement Powers of the Federal Trade Commission (FTC)
The Federal Trade Commission (FTC) has jurisdiction over ModSquad’s compliance with EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. We may be required to disclose personal information that we handle under the EU-U.S. DPF in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
“Individual” means an individual, especially from the EU, Switzerland or California who is a customer of a ModSquad client. The term shall also include all website visitors, leads, applicants, employees, contractors or vendors of ModSquad where ModSquad has obtained his or her Personal Data.
“Data Subject” means an identified or identifiable natural living person. An identifiable person is one who can be identified, directly or indirectly, by reference to a name, or to one or more factors unique to his or her personal physical, psychological, mental, economic, cultural or social characteristics. For those residing in Switzerland, a Data Subject also may include a legal entity.
“Europe” or “European” refers to a country in the European Union.
“Personal Data” means any information relating to an identified or identifiable household or natural person (‘data subject’); an identifiable data subject is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;.
“Third Party” means any individual or entity that is neither ModSquad nor ModSquad employee.
Effective Date: September 18, 2023
ModSquad Cookies Policy
This Cookies Policy covers our collection, use and disclosure of personal information we collect through our website, modsquad.com. It does not cover our collection, use and disclosure of personal information we may collect through other means. If you have questions or complaints regarding our Cookies Policy practices, please contact us at
A cookie is a small amount of data that a web site’s computer or mobile device sends to your browser and which is stored on your computer’s hard drive. Each cookie is unique to your web browser. It will contain some anonymous information such as a unique identifier and the site name and some digits and numbers.
First party cookies are those that are set by the website you are visiting. Third party cookies are set by other websites who are running content on the page you are viewing.
Some people don’t like the idea of a website storing information about them, especially if it involves a third party they don’t know. For example, some people don’t want to see advertising that the website has targeted for you based on your interests.
Third Party Cookies
Clear Gifs (Web Beacons)
Our website employs or may employ a software technology called clear gifs (a.k.a. Web Beacons), that help us better manage content on our site by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of website users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on websites and are about the size of the period at the end of this sentence. We may tie the information gathered by clear gifs to our customers’ personally identifiable information.
Analytics/ Log Files
As is true of most websites, we gather or may gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We do link or may link some of this automatically-collected data to personally identifiable information. This allows us to deliver a better experience by reducing the amount of data that needs to be entered when filling out forms, downloading gated content, and completing surveys.
Our blog is managed by a third party application that may require you to register to post a comment. We do not or may not have complete access or control of the information posted to the blog. If you want the personal information that you posted to the comments section removed, you can contact us at
Social Media (Features) and Widgets
ModSquad takes all reasonable steps and follows all generally accepted industry standards to protect the information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Although we cannot guarantee the security of information on or transmitted via the internet, we have put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information from loss, misuse, unauthorized access or disclosure, alteration or destruction.
Compliance with Children’s Online Privacy Protection Act
As a business-to-business service, ModSquad does not target its offerings toward, and the website does not knowingly collect any personal information from users under 13 years of age.
If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information by us to a third party for the third party’s direct marketing purposes. To make such a request, please send an email to
2018 19th Street
Sacramento, CA 95818
Last Updated: March 4, 2020