Privacy Policy — Merchant Cash Advance Leads (MCA Leads)

This Privacy Policy explains how Master MCA, LLC d/b/a Master MCA ("Company", "we", "us") collects, uses, discloses, sells, shares, and protects information in connection with our merchant cash advance leads (MCA leads) products and services, including aged data, fresh data, aged submissions, and full submissions. By using our services, you agree to this Policy.

The controller of your personal information is Master MCA, LLC d/b/a Master MCA. Contact us at privacy@mastermca.com for privacy matters.

This Policy covers data we collect from lead suppliers, public sources, partners, and from you through our websites, apps, and sales and delivery workflows. It does not apply to third‑party websites or services that we do not control (e.g., Stripe).

• Business Identifiers: name, role, business name, emails, phone numbers, postal addresses, website/domain.
• Lead/Deal Fields: industry, time‑in‑business, estimated revenue bands, requested amount, submission timestamps.
• Transaction & Support: order metadata, delivery status, support tickets, communications.
• Device/Usage: IP address, device identifiers, pages viewed, referral URLs, approximate location, cookies.
• Payments: processed by Stripe (we do not store full card numbers).

• Lead brokers/suppliers and other data partners.
• Public sources (business registries, websites, public posts).
• You and your organization (orders, forms, email, live chat).
• Analytics, advertising, and anti‑fraud tools.

• Provide services (fulfill orders, deliver leads, account administration).
• Improve & secure (analytics, debugging, fraud prevention).
• Communicate (support, transactional notices, marketing with opt‑out).
• Legal compliance (tax, contracts, TCPA/CAN‑SPAM/DNC obligations, regulatory requests).

GDPR bases where applicable: Performance of contract; Legitimate interests (B2B marketing, fraud prevention); Consent (cookies/marketing where required); Legal obligation.

• Payments are processed by Stripe. We receive limited payment metadata (e.g., last 4, status) but do not store primary card numbers.
• Stripe processes your payment information in accordance with its own privacy policy and security certifications.

• Processors: hosting/CDN, analytics, email/sms providers, customer support tools, anti‑fraud services.
• Business partners: lead suppliers and fulfillment partners for quality control and delivery.
• Legal & compliance: to comply with law, enforce agreements, protect rights and security.

• We sell and share B2B contact information for MCA marketing under CPRA definitions.
• You can opt out of sale/sharing at any time using the button below or by sending a valid Global Privacy Control (GPC) signal.
• We do not knowingly sell or share personal information of individuals under 16.

• US (CPRA/CPA/CTDPA/VDCDPA/etc.): access, delete, correct, portability, opt‑out of sale/sharing/targeted ads, limit sensitive PI (if applicable), and non‑discrimination.
• EU/UK GDPR: access, delete, correct, portability, restrict/obj ect, and withdraw consent where relied upon.
• Canada (PIPEDA): access and correction rights.

Use the request shortcuts below or email privacy@mastermca.com.

• We use necessary cookies for site functionality and security.
• With consent where required, we use analytics/advertising cookies. You can manage preferences in your browser or via our cookie banner.
• We honor valid GPC signals as an opt‑out of sale/sharing for that browser.

We retain information for as long as reasonably necessary to provide services, comply with obligations, resolve disputes, and enforce agreements. Typical windows: B2B contact data 12–36 months; transactional/accounting records 7 years; ad/analytics cookies up to 13 months.

We implement commercially reasonable administrative, technical, and physical safeguards designed to protect information. No method of transmission or storage is 100% secure, but we continuously improve defenses, monitor for abuse, and restrict access on a need‑to‑know basis.

• We support lawful outreach practices. Buyers are responsible for complying with TCPA, CAN‑SPAM, and Do Not Call rules and maintaining suppression lists.
• If we send marketing communications, you can opt out at any time via unsubscribe links or the request buttons above.

Our services are intended for adults engaged in B2B commerce. We do not knowingly collect, sell, or share personal information of individuals under 16.

If data is transferred internationally, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) and ensure processors provide adequate protection.

Use the buttons above or contact us at privacy@mastermca.com. We may verify your identity and authority (for authorized agents).

Appeal process: If we deny a request, you may appeal by replying to our decision email with “Appeal.” We will review and respond within the time required by applicable law.

We may update this Policy periodically. The “Last Updated” date at the top of this page reflects the most recent changes.

Questions about privacy? Email privacy@mastermca.com. For legal notices, email legal@mastermca.com.