Transparency Statement

1. Our Commitment

Absolute Integrity is one of our core values. It requires us to be honest about something most providers keep quiet: the conditions under which a government or law-enforcement agency can ask us to hand over user information, and how we respond when that happens. This page explains what we will — and will not — do.

2. What We Commit To

• We do not voluntarily cooperate with intelligence or law-enforcement requests beyond what applicable law requires.
• We do not operate backdoors, bulk-data programs, or undisclosed monitoring interfaces in our services or on the Mahoney Control platform.
• Every formal request is reviewed by counsel for legal validity, scope, and jurisdictional authority before any response is given.
• Where legally permitted (i.e., no gag order applies), we notify the affected user before any disclosure so they may seek their own legal remedy.
• Where a request appears to exceed legal authority (overbroad scope, invalid process, extraterritorial overreach), we challenge it through counsel.

3. U.S. Legal Frameworks That Apply to Us

Mahoney IT Group USA LLC is a Florida-registered entity. As a U.S. service provider, we may receive the following types of legal process:

• Subpoenas — grand-jury, administrative, or judicial.
• Search warrants — issued upon probable cause under Rule 41 of the Federal Rules of Criminal Procedure.
• Court orders — including orders under the Electronic Communications Privacy Act (ECPA 2703(d)) and the Foreign Intelligence Surveillance Act (FISA).
• National Security Letters — issued by the FBI under 18 U.S.C. § 2709, commonly accompanied by non-disclosure provisions.

Two frameworks deserve specific mention because they affect non-U.S. users:

• CLOUD Act (18 U.S.C. § 2523). Enables U.S. authorities to compel U.S.-based providers to disclose data — including data stored outside the U.S. — subject to valid legal process.
• FISA Section 702. Can compel U.S. electronic-communications service providers to produce communications of non-U.S. persons located outside the United States for foreign-intelligence purposes.

4. What Qualifies as a Valid Legal Request

Informal requests — a phone call, an email without legal basis, a request "as a courtesy" — are declined. Before any action, a request must pass these checks:

• Is the issuing authority legally empowered to make this request?
• Is the scope proportionate to the stated purpose?
• Does compliance conflict with our contractual obligations (customer DPA, MSA) or with higher-law principles (e.g., fundamental rights under EU law for EU customer data)?
• Is a privileged relationship (attorney-client, medical, journalistic) implicated that requires heightened protection?

5. How We Respond

1. Acknowledge receipt to the requesting authority.
2. Route to counsel for legal review — outside counsel is engaged for complex or cross-border cases.
3. Where we comply, we disclose only the minimum data the law requires — never more.
4. Where a gag order does not apply, we notify the affected user so they can seek their own remedy.
5. We document every request for the annual Transparency Report (see below).

6. Annual Transparency Report

We intend to publish an annual report summarizing the number and type of legal requests received, the number complied with, and the number challenged — subject to applicable non-disclosure restrictions. The first report will be published after a full calendar year of operation under this commitment.

7. Contact for Legal Requests

8. Relationship to Our Privacy Policy

This statement complements our Privacy Policy (Section 15, Cross-Border Transfers and U.S. Jurisdictional Context). The Privacy Policy describes what we collect and how we use it; this statement describes what happens if a third party — specifically a government or law-enforcement agency — asks us to disclose that information.