:+1 561 657 4132

Privacy Policy

This Privacy Policy explains how Million Fixes, Sociedade Unipessoal LDA (“Million Fixes”, “we”, “us”), a Portuguese company, and its affiliates (including U.S.-based entities such as Break Front LLC) collect, use, store, and share personal data when you use our website, services, or communicate with us. By using our services, you agree to the practices described in this Policy.

1. Lawful Basis for Processing (GDPR Article 6)

We process personal data under the following lawful bases:

  • Contract performance – to provide requested services;
  • Legal obligation – compliance with tax, anti-fraud, and payment regulations;
  • Legitimate interests – fraud prevention, service improvement;
  • Consent – for marketing communications and optional features.
2. Information We Collect
Personal Information:

Name, email, postal address, telephone number, and identifiers you provide.

Payment Information:

Payment card details are processed via PCI DSS-compliant payment gateways. We do not store CVV/CVC codes. We may store anonymized, tokenized payment references for authorized future transactions.

Technical & Device Data:

Device type, operating system, IP address, browser type, system configuration, and service logs.

Fraud Prevention Data:

Data used in fraud detection tools (e.g., IP geolocation, transaction patterns) may be processed for security purposes.

3. How We Use Your Data
  • Delivering and improving services;
  • Processing payments and preventing fraud;
  • Providing technical support and resolving issues;
  • Complying with legal and regulatory requirements.
4. Cross-Border Data Transfers

Your data may be transferred and processed outside the European Economic Area (EEA), including in the United States, when processed by our affiliates or service providers (e.g., payment processors like Nuvei, Stripe, Mollie, PayPal, PayKings, PaymentCloud). We implement safeguards such as Standard Contractual Clauses to protect your data.

5. Information Sharing
  • With affiliates and subsidiaries for operational purposes;
  • With PCI DSS-compliant payment processors for payment handling;
  • With service providers who help deliver our services;
  • When required by law, regulation, or legal process.
6. Retention Period

We retain personal data only as long as necessary for the purposes collected, or as required by law. Payment transaction records are generally kept for 7 years for legal and accounting purposes.

7. Cookies and Tracking

We use cookies and similar technologies to enhance user experience and analyze website usage. You can disable cookies in your browser settings, but some site functions may not work properly.

8. Your Rights
  • Access, correct, or delete your personal data;
  • Object to processing or request restriction;
  • Request data portability;
  • Withdraw consent where processing is based on consent;
  • Lodge a complaint with your local Data Protection Authority.
9. CCPA Rights (California Residents)

If you are a California resident, you have the right to request information on data we collect, request deletion, and opt out of sale of your personal data (we do not sell personal data).

10. Security Measures

We use administrative, technical, and physical safeguards to protect your data. While no system is 100% secure, we follow industry best practices, including encryption and restricted access controls.

11. Children’s Privacy

Our services are not intended for individuals under 13. We do not knowingly collect data from children.

12. Changes to this Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last Modified” date.

13. Contact

For questions about this Privacy Policy or to exercise your rights, contact us at dpo@millionfixes.com.

MillionFixes

Services

Quick Links

If you initiate a payment, we may securely store a tokenized reference to your payment method for authorized future transactions, in compliance with PCI DSS, GDPR, and card brand rules, and only with your explicit consent.