Privacy Policy

Last updated: May 24, 2018

Mozaik.io Limited ("us", "we", or "our") operates the https://www.mozaik.io website (the "Service").

This page informs you of our policies regarding the collection, use and disclosure of Personal Information when you use our Service.

We will not use or share your information with anyone except as described in this Privacy Policy.

We use your Personal Information for providing and improving the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.

Information Collection And Use

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to, your email address ("Personal Information").

Personal Information

When creating a user account with the Services, you'll be asked to provide your email and name. These are required in order to set up a unique account and for the transactional emails within the Services. Your email will also be used to help onboard you to the Services and provide you information about the Services.

Your email and name is also used with our in-application tracking for the legitimate interest of improving the Service. This tracking is used to identify issues, bugs and help us improve the product. We retain the information until you delete your account.

We also use your email and name for providing the legitimate interest of technical and sales support. We retain this information indefinitely. You can object to the processing of this information by contacting support@mozaik.io.

Customer data

Content and information submitted by users to the Services is referred to in this policy as “Customer Data”. As further explained below, Customer Data is controlled by the organization or other third party that created the account (the “Customer”).

Mozaik.io employees or contractors only access Customer Data at the request of Customer in order to provide support.

Billing Information

Billing information is collected in order to fulfill the contract of providing Services to the Customer. The collected billing information includes credit card details, billing address and billing contact. According to UK law, we are obliged to retain these details for a period of 6 years.

The billing information is processed by Stripe Inc. which process the data in the US. The data is transferred to the US under the US-EU Privacy Shield.

Log Data

We may also collect information that your browser sends whenever you visit our Service ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.

In addition, we may use third party services such as Google Analytics that collect, monitor and analyze this type of information in order to increase our Service's functionality. These third party service providers have their own privacy policies addressing how they use such information.

Newsletter

If you sign up to our newsletter you are consenting to receiving newsletter and marketing communications about the Services from us. You can withdraw consent at any time by clicking unsubscribe in the emails.

Your Individual Data Rights

You have various rights over your personal information. Those rights are:

  1. Being informed about data collected and how it is processed
  2. Access to the data we have on you
  3. Being able to correct and update the data we have on you
  4. Erasure of the data we have on you
  5. Restricting of the processing of the data we have on you
  6. Being able to move the data we have on you to another service
  7. Knowledge of what automated decision-making and/or profiling we do with your personal information

There are circumstances when your data rights can be overridden, such as in the case of billing information which is required to be maintained for 6 years under UK law.

We don’t do any automated decision-making or profiling.

We provide you with information about the data collected and how it is processed via this privacy policy and the privacy notices displayed when we collect the data.

You can access and update (rectify) the Personal Information we have on you by logging onto the site and navigating to your account. If you wish to rectify information in other services please email support@mozaik.io.

You can erase the data we have on you by closing and deleting your Service account. This will also anonymize the tracking data we have collected in the process of using the Service.

You can restrict various processing of your Personal Information by opting out of various services (see Appendix B).

Service Providers

We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Data processors

Data TypeProcessing LocationProcessorGDPR Legal BasisRetention Period
Customer DataEUMozaik.io Ltd., AWS EuropeN/AUntil deleted by the customer or the account deleted
Personal InformationEU, USMozaik.io Ltd., AWS Europe, Intercom IncLegitimate Interest, ContractualVaries (see Appendix A)
Log DataEUMozaik.io Ltd., AWS EuropeLegitimate InterestVaries (see Appendix A)
Billing InformationEU, USStripe IncContractual6 years as required by UK statutory obligations

Supervisory Authority

For the purposes of the GDPR legislation our Supervisory Authority is the UK’s Information Commissioner’s Office. If you wish to lodge a complaint about your data subject rights or the lawfulness of processing about the you can do so by contacting the ICO.

Compliance With Laws

We will disclose your Personal Information where required to do so by law or in accordance with an order of a court of competent jurisdiction, or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service.

Security

The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. As such we make no warranties as to the level of security afforded to your data, except that we will always act in accordance with the relevant UK and EU legislation.

International Transfer

Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United Kingdom and choose to provide information to us, please note that we transfer the information, including Personal Information, to United Kingdom and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

In the event that a dispute arises with regards to the international transfer of data, you agree that the courts of England and Wales shall have exclusive jurisdiction over the matter.

Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Children's Privacy

Our Service does not address anyone under the age of 16 ("Children").

We do not knowingly collect personally identifiable information from children under 16. If you are a parent or guardian and you are aware that your Children has provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from a children under age 16 without verification of parental consent, we take steps to remove that information from our servers.

Changes To This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

Jurisdiction

This Policy shall be governed and construed in accordance with the laws of England and Wales, without regard to its conflict of law provisions.

Contact Us

If you have any questions about this Privacy Policy, please contact us.

 

Appendix A – Personal Information Collected

Personal InformationProcessingLawful Basis of ProcessingRetention Period
EmailStored and used to provide a unique account. Used to send transactional emails and product related updatesContractual, Various Legitimate InterestsUntil you request the deletion of your account
NameStorage and display in the application and transactional emails sent to you and other account usersContractual, Various Legitimate InterestsUntil you request the deletion of your account
IP addressStorage and usage in application trackingLegitimate interest of securityIndefinite
Analytics CookiesPseudo-anonymous id cookie used to aggregate session statisticsLegitimate interest of improving the application for your benefitUp to 2 years

 

Appendix B – Personal Information Processors

ProcessorInformation ProcessedLocation of ProcessingPrivacy ProtectionsOpt-out
Amazon Web Services, Inc.Email, Name, IP addressEUGDPR, Privacy Shield, Data Processing AddendumDelete your account
Stripe, IncName, Email for billing and fraud purposesUSPrivacy Shield, Data Processing AddendumN/A
Google LLCAnalytics Cookie for anonymous trackingUSPrivacy Shield, Data Processing AddendumOpt-out with browser add-on