<img src="https://secure.leadforensics.com/772.png" style="display:none;">

Privacy Policy

Your data security is our top priority.

MDSL Commitment to Privacy

MDSL’s mission is to empower our customers to control and manage their technology expenses through our suite of Internet-based products. Part of this suite includes communication with end-users to streamline procurement, categorize and charge back expenses, and delegate authority for invoice payment to appropriate managers.

We share our customers’ paramount concern with protecting the integrity of information gathered on their behalf. Since privacy is of the greatest importance to us, MDSL has created this privacy policy to communicate our practices regarding personal information that can be linked to a specific individual, such as a name, address, phone number or email address.

About this Policy

This version of the MDSL privacy policy is effective from 28 January 2020.

Any access requests, complaints or other issues pertaining to this policy should be addressed to the Office of the CTO, MDSL, 4 Century Place, Lamberts Road, Tunbridge Wells, Kent TN2 3EH, United Kingdom or Tel: +44 (0)1892 545353.

EU-U.S. and Swiss – US Privacy Shield

Telesoft, LLC and Market Data Services Limited Inc. operating under the brand name “MDSL”, comply with the EU‑U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework set forth by the United States Department of Commerce with respect to the collection, use and retention of Personal Data transferred from the European Economic Area (“EEA”) and Switzerland to the United States as further described in the Scope section below.  This Privacy Shield Policy outlines our commitment to the Privacy Shield Principles (the “Principles”) and our practices for implementing the Principles. If there is any conflict between the terms in this Privacy Shield Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. MDSL’s Privacy Shield certification can be found here. To learn more about the Privacy Shield Framework, please visit the Department of Commerce’s dedicated Privacy Shield website, located here

MDSL is subject to the authority in the US of the Federal Trade Commission (FTC). As such, the FTC has jurisdiction to hear any claims against MDSL regarding possible unfair or deceptive practices and violations of laws or regulations governing privacy.

View the full MDSL Privacy Shield policy.

Dispute resolution (EU and Switzerland)

In the event that any dispute cannot be satisfactorily resolved by the party concerned and MDSL, MDSL commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship. MDSL commits to implement specific actions and remedial or compensatory measures required to ensure compliance with Privacy Shield Principles. When such action is taken, MDSL will confirm this in writing to the DPAs and update and post a new version of this dispute policy.

Personal Information Collected

MDSL hosts applications, web pages, web applications and databases (“Services”) on behalf of organizations and other entities ("Clients") to control expenses and communicate with their employees, members, suppliers and other visitors ("End-Users"). Our Clients collect information about End-Users and store this information at MDSL-hosted Services. This information, which is then stored for our Clients on MDSL-hosted databases, may include, but is not limited to, an End-User's name, email, other personal contact information, and responses to specific inquiries by a Client. The information is collected and stored purely for the purpose of helping Clients control certain categories of business expense.

We will not sell, share, trade, rent, distribute or otherwise disclose personal information provided by End-Users to any third party other than for the specific business purpose for which it has been collected except as required by law. In cases where we do distribute the information to a third party, MDSL will ensure that the third party has a privacy policy which provides the End-User with at least the same level of protection as MDSL’s own policy.

At times, MDSL may view or access individual records for the purpose of resolving a problem, support issue, or suspected violation of the MDSL Terms and Conditions. Certain information such as Internet addresses may also be used to help diagnose technical problems and to improve the quality of MDSL products. We may also track and analyze aggregate usage and volume statistical information from our Clients and End-Users.


MDSL uses security measures to protect against the loss, misuse, and alteration of information under our control. We store information in databases located in secured data centers with live personnel monitoring 24 hours a day, 7 days a week. Since our business involves hosting application accounts, data security is paramount, and we are constantly re-evaluating and deploying, where appropriate, the latest technologies, including Secure Socket Layer encryption and firewalls, to enhance our security and the confidentiality of personal information.

Also, MDSL requires unique names and passwords that must be entered each time a Client logs on. These safeguards help prevent unauthorized access, maintain data integrity, and ensure appropriate use of data. Each Client will own the information collected about its End-Users and is responsible for maintaining the confidentiality and security of its MDSL Client administration user name and password.

Cookies, Click-Throughs, and Log Files

Like many Internet companies, MDSL uses "cookies" with some of its Web-hosted products and services for its Clients. A cookie is a small piece of data that is stored on an End-User's hard drive but does not itself contain any personal information. Cookies enhance an End-User's experience by saving the End-User the effort of providing specific information each time he or she re-visits a MDSL-hosted Web page and by customizing content based on an End-User's preferences. An End-User can configure his or her browser to be alerted when a site is attempting to send a cookie and refuse the cookie.

MDSL may also track End-User click-through behavior on behalf of a Client to provide an End-User with more personalized email alerts and a more personalized experience while visiting a Client's MDSL-hosted Web pages. MDSL may provide a Client with this information in individual and aggregate form.

MDSL uses IP addresses to analyze trends, administer the site, track user movement and gather broad demographic information for aggregate use.

Updating Information, Opting-out, and Permission-Based Communications

End-Users can update their personal information and ask to unsubscribe (opt-out) from receiving future communications from MDSL Services on behalf of a Client by contacting the Client’s representative in charge of the MDSL-provided Services. MDSL is happy to assist in this process – please send such requests to support@mdsl.com – but is not responsible for decisions taken by Clients, who are the owners of the data.

MDSL strongly encourages our Clients to employ best practices in permission-based communications. Such practices include, but are not limited to, the following: communicating only with End-Users who have expressly shared their information for the purpose of receiving a future communication; communicating with a personalized message that indicates a pre-existing relationship with an End-User; and not selling, sharing, trading, renting, distributing, or otherwise disclosing personal information from individuals to third parties without first receiving an individual's explicit consent. However, while we strongly encourage our Clients to employ best practices; we cannot control our Clients' business practices and cannot be responsible for their practices or the use of information owned by our Clients.

If you have received an unwanted, unsolicited email sent via the MDSL system or purporting to be sent via MDSL, please forward the email with your comments to support@mdsl.com for our review.


In accordance with the Principles, MDSL will offer Customers and Users choice to the extent it (i) discloses their Personal Data to third party Controllers, or (ii) uses their Personal Data for a purpose that is materially different from the purposes for which the Personal Data was originally collected or subsequently authorized by the Customer or User.  To the extent required by the Principles, MDSL also will obtain opt‑in consent if it engages in certain uses or disclosures of Sensitive Data.  Unless MDSL offers Customers and Users an appropriate choice, MDSL uses Personal Data only for purposes that are materially the same as those indicated in this Policy.

MDSL may disclose Personal Data of Customers and Users without offering an opportunity to opt out, and may be required to disclose the Personal Data, (i) to third‑party Processors that MDSL has retained to perform services on its behalf and pursuant to its instructions, (ii) if it is required to do so by law or legal process, or (iii) in response to lawful requests from public authorities, including to meet national security, public interest or law enforcement requirements.  MDSL also reserves the right to transfer Personal Data in the event of an audit or if the company sells or transfers all or a portion of its business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution or liquidation).

Liability for Onward Transfers

MDSL complies with the Privacy Shield’s Principle regarding accountability for onward transfers.  MDSL remains liable under the Principles if its onward transfer recipients process Personal Data in a manner inconsistent with the Principles, unless MDSL proves that it was not responsible for the event giving rise to the damage.

Dispute Resolution

If MDSL maintains your Personal Data in one of the Services within the scope of our Privacy Shield certification, you may direct any inquiries or complaints concerning our Privacy Shield compliance to privacy@mdsl.com, or in the U.S. or EEA by regular mail as indicated below. MDSL shall respond within 45 days.  If your complaint cannot be resolved through MDSL’s internal processes, MDSL will cooperate with JAMS pursuant to the JAMS International Mediation Rules, available on the JAMS website at https://www.jamsadr.com/eu-us-privacy-shield. JAMS mediation may be commenced as provided for in the relevant JAMS rules.  The mediator may propose any appropriate remedy, such as deletion of the relevant Personal Data, publicity for findings of non‑compliance, payment of compensation for losses incurred as a result of non‑compliance, or cessation of processing of Personal Data of the Customer or User who brought the complaint. The mediator, or the Customer or User, also may refer the matter to the U.S. Federal Trade Commission, which has Privacy Shield investigatory and enforcement powers over MDSL. Under certain circumstances, Customers and Users may be able to invoke binding arbitration to address complaints about MDSL’s compliance with the Principles.

Third Party Sites

Web pages hosted by MDSL for our Clients may contain links to other websites. MDSL is not responsible for the privacy policies or the content of these other websites. Clients and End-Users should review the policy statements of these other websites to understand their policies before disclosing personal information.

Information Collected from Visitors to the MDSL Corporate Website

We make the same commitment to privacy for visitors to our corporate website located at www.mdsl.com as we do for our Clients and End-Users who use our Web-hosted services. The following also applies to visitors to our corporate website.

Our website's optional information request forms ask for your name, email address, phone number, company name, mailing address and other related information. MDSL uses this information to contact individuals to respond to their inquiries, discuss their interest in our company, its products and services and to send information about our company upon request. Such information will not be sold, shared, traded, rented, distributed or otherwise disclosed to any third party.

Web pages at our corporate website may contain links to other websites. MDSL is not responsible for the privacy policies or the content of these other websites. End-Users should review the policy statements of these other websites to understand their policies before disclosing personal information.

We may disclose personal information when required by law or in the good-faith belief that such action is necessary in order to conform to the edicts of the law or comply with a legal process served on us.

Transfer upon sale of the Business

In the event that the all or substantially all of the assets or capital stock of MDSL is acquired by a third-party entity, we reserve the right, in any of these circumstances, to transfer or assign the information we have collected from Clients and End-Users as part of such acquisition, sale, or other change of control.

Notification of Changes to the Privacy Policy

If at some point in the future there is a change in how MDSL handles personal information, we will notify our Clients of such changes and request that each Client notify its End-Users. Any new policy will be posted on the privacy policy page at least one week prior to its effective date.

How to Contact MDSL

To ask questions or comment about this Privacy Shield Policy and our privacy practices or if you need to update, change or remove your information, contact us at:  privacy@mdsl.com or by regular mail addressed to:

Attn: Privacy
5343 N 16th St., Suite 300
AZ, 85016

Alternatively, regular mail may also be directed to our European Union‑based headquarters, Market Data Services Limited, by addressing it to:

Attn: Privacy
4 Century Place, 2nd Floor,
Lamberts Road
Tunbridge Wells
United Kingdom