mozaic

Privacy Policy

Our Mozaic, LDA

AV da República, no 52, 7, Lisboa, 1050-196

Portugal

Last Updated:

1. Introduction

Welcome to Our Mozaic ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, process, and store your information when you use our community hosting services, website, and related applications (collectively, the "Services").

By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies, please do not use our Services.

2. Data Controller and Processor Roles

Our Mozaic acts primarily as a data processor for the communities that use our Services. The community administrators who use our platform to manage their communities are the data controllers for the personal data of their community members.

When you directly use our website or Services as an individual user, we act as the data controller for the personal data you provide to us.

3. Information We Collect

3.1 Information You Provide

We collect information that you voluntarily provide when using our Services, including:

  • Account information (name, email address, password)
  • Profile information
  • Content you create, upload, or share through our Services
  • Communications with us or other users through our platform
  • Payment information (when purchasing our services)
  • Feedback and support requests

3.2 Information Collected Automatically

When you access our Services, we may automatically collect certain information, including:

  • Device information (device type, operating system, browser type)
  • Usage data (pages visited, features used, actions taken)
  • Log data (IP address, access times, session duration)
  • Cookies and similar tracking technologies

3.3 Community Member Data

For community administrators using our platform, we process data of community members that you provide to us or that is collected through our Services, including:

  • Contact information of community members
  • Messages and content shared within communities
  • Interaction data (participation, response times, engagement metrics)
  • Other information provided by community members

As a data processor, we only process this information according to the instructions provided by community administrators (the data controllers).

4. Widgets and Cookies

4.1 Our Mozaic Widgets

Our Services include widgets that community administrators can embed on their websites. These widgets may collect information from visitors interacting with them, including:

  • Information voluntarily provided through the widget (e.g., contact details)
  • Technical information (device information, IP address)
  • Interaction data with the widget

When our widgets are deployed on third-party websites, the community administrators (data controllers) are responsible for:

  • Obtaining appropriate consent from their website visitors
  • Providing privacy notices regarding data collection through the widget
  • Ensuring compliance with applicable data protection laws
  • Managing cookie consent for widget-related cookies

4.2 Cookies and Similar Technologies

We use cookies and similar tracking technologies on our website and Services. These include:

  • Essential cookies: Required for the operation of our Services
  • Functional cookies: Enable features and remember your preferences
  • Analytics cookies: Help us understand how users interact with our Services
  • Marketing cookies: Used to deliver relevant content and track marketing effectiveness

When you visit our website directly, we will ask for your consent to non-essential cookies in accordance with applicable laws. You can manage your cookie preferences through our cookie consent tool.

4.3 Third-Party Websites and Services

Our Services may contain links to third-party websites or services that have their own privacy policies. We are not responsible for the privacy practices of these third parties, and we encourage you to review their privacy policies.

5. How We Use Your Information

We use the information we collect for the following purposes:

5.1 For Services Provided to You

  • Providing and maintaining our Services
  • Processing transactions and payments
  • Managing your account and preferences
  • Responding to your inquiries and support requests
  • Fulfilling our contractual obligations to you

5.2 For Community Administrators

  • Processing community member data according to your instructions
  • Providing analytics and insights about your community
  • Facilitating communication within your community
  • Supporting your community management activities

5.3 For Legitimate Business Interests

  • Improving and optimizing our Services
  • Ensuring the security and integrity of our Services
  • Detecting and preventing fraud, abuse, and security incidents
  • Conducting research and analytics to better understand our users
  • Sending service-related communications

5.4 For Marketing Purposes (With Consent)

  • Sending promotional communications about our products and services
  • Delivering personalized content and recommendations
  • Running contests, promotions, and surveys

We will only send marketing communications with your consent, and you can opt out at any time.

5.5 For Legal Compliance

  • Complying with applicable laws and regulations
  • Responding to legal requests and preventing harm
  • Enforcing our Terms of Service and other agreements

6. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contractual necessity: To fulfill our contractual obligations to you
  • Legitimate interests: For our legitimate business interests, where these don't override your rights and freedoms
  • Consent: Where you have given us explicit consent to process your data
  • Legal obligation: Where we need to comply with a legal or regulatory obligation

For community member data processed on behalf of community administrators, we act as a data processor, and the legal basis for processing is determined by the community administrator (data controller).

7. Data Sharing and Transfers

7.1 Sharing with Service Providers

We may share your information with third-party service providers who help us deliver our Services, including:

  • Cloud hosting and infrastructure providers
  • Payment processors
  • Customer support services
  • Analytics providers
  • Communication and messaging services

These service providers are contractually obligated to protect your information and only use it for the specific purposes we authorize.

7.2 Sharing with Communities

If you are a community member, we share your information with the community administrators as necessary to provide our Services. Community administrators are independent data controllers for this information and are responsible for its proper handling.

7.3 Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information.

7.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

7.5 International Transfers

We may transfer your information to service providers located in countries other than your country of residence. When we transfer personal data outside the European Economic Area (EEA) or the UK, we implement appropriate safeguards in accordance with GDPR requirements, such as Standard Contractual Clauses or ensuring the recipient country has an adequacy decision.

8. Data Retention

We retain your personal information for as long as necessary to provide you with our Services, comply with our legal obligations, resolve disputes, and enforce our agreements.

For information we process as a data processor on behalf of community administrators, we retain the data according to their instructions and for the duration specified in our agreement with them.

When determining the appropriate retention period, we consider:

  • The amount, nature, and sensitivity of the personal data
  • The potential risk of harm from unauthorized use or disclosure
  • The purposes for which we process the data
  • Whether we can achieve those purposes through other means
  • Applicable legal, regulatory, tax, accounting, or other requirements

9. Your Data Protection Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request access to your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your personal data
  • Restriction: Request restriction of processing of your data
  • Data portability: Request transfer of your data to another service provider
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: Withdraw your consent at any time

If you are a community member and wish to exercise your rights regarding data processed by a community administrator, please contact them directly as they are the data controller for that information.

To exercise your rights for data where we are the data controller, please contact us using the details provided in the "Contact Us" section.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Encryption of sensitive data
  • Regular security assessments
  • Access controls and authentication mechanisms
  • Staff training on data protection
  • Incident response procedures

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your data.

11. Children's Privacy

Our Services are not intended for children under the age of 13 (or the applicable age in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will take steps to delete such information.

12. Community Administrator Responsibilities

If you are a community administrator using our Services, you are the data controller for the personal data of your community members. As such, you are responsible for:

  • Obtaining valid consent from community members for data processing
  • Providing appropriate privacy notices to community members
  • Ensuring you have a legal basis for processing community member data
  • Responding to data subject rights requests from your community members
  • Complying with applicable data protection laws and regulations
  • Implementing appropriate security measures for data you control
  • Notifying affected individuals and authorities in case of a data breach
  • Ensuring proper management of cookies and tracking technologies on your websites where our widgets are deployed

We will support you in meeting these obligations as outlined in our Data Processing Agreement.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top.

We encourage you to review this Privacy Policy periodically for any changes. Your continued use of our Services after changes to this Privacy Policy constitutes your acceptance of the updated terms.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us here.

If you are in the European Union, you also have the right to lodge a complaint with us directly here or with your local data protection authority.