/MobilityMojo-logo-pos%201.svg){kind=logo}
Privacy Policy
Mobility Mojo Limited (referred to as “Mobility Mojo,” “we,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard personal data when you visit MobilityMojo.com (the “Website”) or otherwise interact with us. Mobility Mojo Limited is a company registered in and operating from Republic of Ireland , a member of the EU, and serving clients globally, and we comply with the EU General Data Protection Regulation (GDPR) as well as applicable privacy laws in other jurisdictions for our B2B, consumer-accessible Website. By using our Website, you agree to the practices described in this Privacy Policy.
Scope: This Policy applies to personal data collected through the Mobility Mojo Website, including any related pages and customer login portal. It does not cover third-party websites, services, or applications that we do not control, including our clients’ own websites even if they use our accessibility tools or link to our site. We are not responsible for the privacy practices of third-party sites – please review their policies separately.
No Direct Sales: Please note that we do not sell products or services directly via our public Website. The site’s purpose is to provide information about our services and allow existing customers to access their accounts through a login portal. While you cannot make purchases on this Website, we may facilitate payments for our services through secure third-party processors as described below.
Data Controller: For the purposes of GDPR and other data protection laws, the Data Controller of personal data collected via this Website is:
Mobility Mojo Limited
Guinness Enterprise Centre (GEC), Taylor’s Lane, The Liberties, Dublin 8, D08 X6YE, Ireland.
If you have any questions or concerns about this Privacy Policy or our data practices, you can contact us at admin@mobilitymojo.com or at the postal address above (Attn: Data Protection Administrator).
Information we collect
We may collect various types of personal information from you through our Website and related interactions. This includes:
Information You Provide Voluntarily: When you fill out forms on our Website (such as contact forms, demo requests, or account signup/login forms), or when you contact us by email, phone, or other means, you may provide personal data. This can include your name, business name, job title, email address, telephone number, postal address, and any other information you choose to supply. For example, if you inquire about our services or request a demo, we will collect and store the information you provide on the form (e.g. your contact details and the content of your inquiry). If you are an existing customer with a login account, we will also collect information necessary to create and maintain your account (such as your username/email and password).
We do not ask for or collect sensitive personal data via our contact forms.
Account and Customer Data: If you are a registered customer (e.g. a client who uses our accessibility platform), additional data may be collected and processed to provide you with our services. This includes account credentials, profile information, and any content or data you input into our platform or provide to our support team. For instance, if you are a hotel or other organisation using Mobility Mojo’s tools, you might provide details about your premises or accessibility features. Any personal information related to your account usage will be handled in accordance with this Policy and any applicable service agreements.
Payment Information: While we do not sell anything on the Website itself, if you become a customer of Mobility Mojo you may need to make payments for our services (for example, subscribing to our platform). Payment transactions are handled through trusted third-party payment processors (such as Stripe). If you make a payment, you will provide your payment details (e.g. credit card number, billing information) directly to our payment processor via secure payment forms. We do not store full credit card details on our systems. We will receive certain information about the transaction from the payment processor (such as your name, the amount, date, and status of the payment) for record-keeping. All payment information is processed and stored by the third-party processor in accordance with their privacy policy (for example, Stripe’s Privacy Policy). We ensure any such processor is PCI-DSS compliant and maintains adequate data protection standards.
Information Collected Automatically (Cookies and Usage Data): When you visit our Website, our system and third-party tools automatically collect certain technical data about your device and browsing activities. This includes:
Device and Browser Data: IP address, device identifiers, browser type, operating system, referring URL (the page you came from), and timestamps of your visits. We use this information to administer and secure the Website, and to gather aggregate demographic information (such as what regions our visitors come from).
Usage Data: Information about how you navigate and use our pages – for example, pages you viewed, the time spent on each page, links clicked, and other actions on the site. This helps us understand user engagement and improve our content and services.
Cookies and Similar Technologies: We (and our service providers) use cookies, pixels, and analytics scripts to collect some of the data mentioned above. Cookies are small text files placed on your browser or device. They allow the Website to recognize you, keep you logged in (for account users), remember your preferences, and understand usage patterns. See “Cookies and Tracking Technologies” below for more details.
Information from Third Parties: We may receive personal data about you from third-party sources in certain situations. For example, if you interact with our social media pages or mention us in a social post, we might receive your public username or profile information via those platforms. If you register for an event or webinar that we host with a partner, the partner may share your contact information with us (with your consent). Additionally, if one of our business clients (e.g. your employer) provides your details as a contact or authorised user for using our services, we will collect and use that information to set up your access and communicate with you. We treat any personal data obtained from third parties in line with the practices described in this Privacy Policy.
We do not knowingly collect personal data from children. Our Website and services are intended for business use and general audiences, not for minors. If you are under the age required by your local law for consent (for example, under 16 in the EU), please do not submit any personal information on our Website. If we become aware of any such data, we will delete it.
Cookies & tracking technologies
As noted above, we use cookies and similar tracking technologies to ensure our Website works smoothly and to help us understand and improve your experience. This section explains how we use these tools:
What Are Cookies? Cookies are small data files stored on your computer or device when you visit a website. They serve a variety of functions, such as keeping you logged in, remembering your site preferences, and collecting information about your interaction with the site. Cookies can be “session” cookies (which are deleted when you close your browser) or “persistent” cookies (which remain on your device for a set period or until you delete them).
Types of Cookies We Use:
Essential Cookies: These cookies are necessary for the Website to function properly. For example, if our site offers a login for customers, an essential cookie will maintain your session once you log in so you don’t have to re-enter credentials on every page. Essential cookies might also be used for security (e.g. to prevent fraudulent use of accounts). Without these cookies, certain services or features (like account access) may not be available.
Analytics and Performance Cookies: We use analytics cookies to collect information about how visitors use our site, which pages are popular, and how users move around. This helps us improve the Website’s performance and design. The analytics cookies we use include third-party cookies from Google Analytics and similar tools (as described below). These cookies collect information such as your IP address, device identifiers, browser, and site usage information. We employ IP anonymisation with Google Analytics (which truncates the last octet of your IP address within the EU) to enhance your privacy. Analytics data is aggregated and does not directly identify you.
Functionality Cookies: These cookies remember choices you make (such as your language or region, or other preferences) to provide a more personalized experience. For instance, if our site has a cookie preferences tool and you set your cookie consent choices, a cookie will save those settings so that your preferences are respected on future visits.
Targeting/Advertising Cookies: At present, we do not serve third-party advertising on our Website and do not use advertising cookies for third-party marketing. However, we may use tracking technologies (like the analytics tools mentioned) that could be used to retarget relevant content to you. For example, if we ever run marketing campaigns on platforms like Google or LinkedIn, cookies might help us show ads to people who have visited our site. If we introduce any advertising or retargeting cookies in the future, we will update our cookie notices and obtain any necessary consent.
Google Analytics: We use Google Analytics, a web analytics service provided by Google, Inc., to understand how visitors use our Website. Google Analytics uses cookies and similar technologies to collect usage data (e.g. pages visited, time on site, interactions, and approximate geolocation based on IP). This information is transmitted to Google servers (which may be outside your country, e.g. in the United States) and aggregated for us. We use these analytics reports to evaluate the effectiveness of our site content, marketing campaigns, and to identify areas for improvement. We have configured Google Analytics to anonymise IP addresses for visitors from the EU/EEA. Google will process this information on our behalf for the above purposes. For more details, you can refer to Google’s own Privacy Policy. If you wish to opt out of Google Analytics tracking, you can do so by refusing analytics cookies via our cookie consent tool, or by using Google’s browser add-on available at https://tools.google.com/dlpage/gaoptout.
Google Tag Manager: Our Website also uses Google Tag Manager, a tool that helps us manage and deploy analytics and marketing tags (scripts). Google Tag Manager does not collect personal data itself. It simply loads other tools (such as Google Analytics or other scripts) on the page. Any data collection is done by those individual tools as described in this Policy. Tag Manager might record certain technical information (like tag loading success or errors), but it does not profile users or store information about your visit. It’s essentially a utility that ensures our other analytics/marketing integrations run correctly.
HubSpot Cookies and Tracking: We utilize HubSpot, which is a Customer Relationship Management (CRM) and marketing automation platform, on our Website. HubSpot helps us store and manage information you provide (e.g. via contact forms) and also provides analytics and tracking capabilities. HubSpot may place cookies or tracking pixels on our site to gather data about your visit and interactions (for example, how you found our site, pages viewed, forms submitted, etc.). The information collected through HubSpot’s cookies and trackers can include your IP address, browser type, device, geographic location (based on IP), pages visited, and actions taken on the site. HubSpot compiles this data to help us analyse web traffic and the effectiveness of our outreach. For instance, if you fill in a contact form, HubSpot’s tracking allows us to see which pages you viewed before submitting the form, which helps our sales and support team understand your needs. HubSpot may also be used to send you follow-up emails or newsletters (only if you have opted in, see “How We Use Your Information” below). The data collected by HubSpot is stored on HubSpot’s servers (HubSpot Inc. is a US-based company), but we ensure this data is protected and transferred lawfully (see “International Data Transfers” section). You can opt out of HubSpot’s non-essential cookies by adjusting your cookie settings on our site or your browser. Further details on HubSpot’s privacy practices can be found in HubSpot’s own Privacy Policy on their website.
Cookie Consent & Control: When you first visit our Website (from applicable regions), you will see a cookie banner or pop-up requesting your consent for non-essential cookies. We will not set analytics or other non-essential cookies unless you agree/consent via that banner (in line with EU ePrivacy laws and similar requirements). You can always manage or change your cookie preferences by using the Cookie Preferences link on our Website (typically found in the footer) or by adjusting your browser settings to refuse or delete cookies. Please note that if you disable certain categories of cookies (especially essential or functional ones), parts of the Website (like the customer login or video content) may no longer work properly.
Do Not Track: Some browsers offer a “Do Not Track” (DNT) setting that can signal your privacy preference to websites. At this time, our Website does not respond to DNT signals in a uniform way, because there is not yet an industry or legal standard for interpreting them. We treat all visitors’ data according to this Privacy Policy, and if you have consented to certain cookies, we will use them as described. You may opt out of specific tracking (like Google Analytics or HubSpot as noted) via other means, regardless of DNT.
How we use your information
We use personal information collected from and about you for the following purposes:
To Provide and Improve our Services: We process your data to operate our Website and deliver our services. For example, if you are a customer with an account, we use your registration information to authenticate you and allow access to the customer portal. If you request information (such as a demo or whitepaper), we use your details to deliver that content or service. We also use data internally to understand usage of our platform and to improve functionality, user experience, and the quality of our offerings.
To Respond to Your Inquiries and Communicate with You: If you contact us via a form, email, or phone, we will use the information you provided (e.g. your name and contact details) to respond to you and handle your request. This may include providing customer support, answering questions about our product, or following up on demo requests. We may also use your information to communicate important notices to you, such as updates to our terms or privacy policy, security alerts, or administrative messages relating to your use of our Website or services. These service-related communications are necessary for us to fulfil our obligations to you and are not promotional in nature.
For Marketing and Business Development (with Consent or as Permitted by Law): We may use your contact information to send you marketing and promotional communications about our products and services, but only if you have consented to such communications or if we have another lawful basis to do so. For example:
If you subscribe to our newsletter or opt-in to receive updates, we will use your email to send you news about Mobility Mojo, industry insights, or invitations to our events/webinars.
If you are a business contact or existing client, and where allowed by law, we might send you information about related services or products that might interest you (our legitimate interest in promoting our services), provided you haven’t opted out.
Each marketing email we send will include an unsubscribe link so you can opt out at any time. You can also contact us at any time to request we stop sending marketing emails. We will respect your choice and remove you from marketing lists, though note you may still receive essential service or transactional messages as noted above.
Analytics and Product Research: We use data (mostly aggregated or pseudonymised data) about Website usage, traffic patterns, and user interactions to analyse how our Website and services are performing. This helps us troubleshoot issues, perform research and development, and make informed decisions about new features or content. For example, we might review which pages on our site receive the most visits or how users progress through our site’s pages, and then use that insight to optimize the site navigation or content layout. We may also use analytics on our customer platform (portal) to understand feature usage by our clients, which guides our product improvements. Wherever possible, for analytics we use aggregated data that does not directly identify individuals; when we do need to review identifiable information (such as in a support context or investigating a bug affecting a specific user), we limit access to authorised personnel and use the data strictly for the necessary analysis.
Cookies and Advertising Purposes: As described in the Cookies section, we and third-party tools use cookies to collect data for analytics and potentially to provide interest-based advertising. While we do not serve third-party ads on our own site, we may at times use information about your visits to our site to tailor or measure our advertising on other platforms. For instance, if we were to run an advertising campaign on Google Ads or social media, we might use data from cookies (or upload a list of business emails in a hashed form to a platform) to ensure our ads reach relevant audiences or to measure conversion rates. Any such activities will be done in compliance with privacy laws (e.g. we will obtain consent for any cookies that track advertising information, and we honour opt-out requests). If you opt out of advertising cookies, we will not use your Website visit data for third-party ad targeting.
To Use and Integrate Third-Party Services: We rely on certain trusted third-party services to operate our business (see “Disclosure of Your Personal Data” below). We will share and use data as needed with these services for purposes such as: hosting our Website and databases, sending out emails (e.g. our email service provider or CRM, which is HubSpot), processing payments (Stripe), or analysing web traffic (Google Analytics). For example, we use HubSpot to manage our sales pipeline and customer relations — this means the information you submit via a form may be stored in HubSpot so our team can follow up with you. We use the data within those systems to keep track of our interactions and improve our services to you.
For Legal Compliance and Protection: We may process and retain your personal data as necessary to comply with our legal obligations, such as tax and accounting requirements or responding to lawful requests by authorities. Additionally, if necessary, we will use personal data to enforce our Terms of Service or other agreements, to detect or prevent fraud and security issues, and to protect the rights, property, or safety of Mobility Mojo, our users, or others. For example, we might use certain information to investigate a potential breach of our terms or attempts to misuse our Website, and we may disclose data to law enforcement if we believe in good faith that disclosure is required by law or is necessary to prevent harm or illegal activities.
Corporate Transactions: If Mobility Mojo undergoes a business transaction such as a merger, acquisition, restructuring, or sale of assets, personal data may be transferred to the successor or acquiring entity as part of the transaction. We would only do this in accordance with applicable data protection laws, and the recipient of the data would be obligated to respect the same privacy commitments described in this Policy. We would inform you of any such change in data control, either via a notice on our Website or other communication, and outline your choices in that event.
We do not use your personal data for automated decision-making or profiling that has legal or similarly significant effects on you, without your explicit consent. Any profiling we might do (e.g. segmenting our user base by industry or job role for marketing analysis) is done at an aggregate level and does not produce decisions that would affect your individual rights or circumstances.
Legal bases for processing (GDPR compliance)
If you are located in the European Economic Area (EEA) or United Kingdom, we will only collect and process your personal data when we have a valid legal basis under the GDPR. The main legal grounds we rely on are:
Contractual Necessity: When we need to process your data to fulfil a contract with you or to take steps at your request before entering into a contract. For example, when you sign up as a customer for our services, we process your account data and any necessary personal information to create and administer your account, provide the services, and handle billing. Likewise, if you ask for a demo or quote, processing your contact details and requirements is necessary as a pre-contractual step to potentially providing our services.
Legitimate Interests: We process certain data as needed for our legitimate business interests, provided those interests are not overridden by your data protection rights. We have a legitimate interest in understanding how our customers and visitors use our Website and services so we can improve, secure, and market them effectively. For instance, collecting analytics data and using CRM systems to manage relationships are activities we undertake in our legitimate interests. When we rely on this basis, we consider and balance any potential impact on you (both positive and negative) and your rights under GDPR. We will not use your personal data for activities where our interests are outweighed by the impact on you (unless we have your consent or are otherwise required/permitted by law). Examples of processing under legitimate interests include: responding to your inquiries, improving our Website’s functionality, running analytics and diagnostics, sending marketing communications to business contacts about our similar services (subject to opt-out), and preventing fraud or misuse of our Website.
Consent: In cases where we are required to obtain your consent (e.g. for certain marketing emails to individuals, or for placing non-essential cookies like analytics/ad cookies on your device), we will process your data on the basis of your explicit consent. You have the right to withdraw consent at any time. For example, if you consent to our newsletter, you can unsubscribe later; if you consent to analytics cookies, you can revoke that through our cookie settings. Withdrawing consent will not affect the lawfulness of any processing we already performed based on your consent before its withdrawal.
Legal Obligation: We will process personal data when necessary to comply with a legal obligation to which we are subject. For instance, retaining invoicing information for tax law compliance, or disclosing data if required by court order or regulatory authorities, would fall under this basis. In such cases, we only process the data to the extent necessary to meet those obligations.
Vital Interests/Public Interest: These bases are rarely applicable to our standard Website operations. However, in extraordinary circumstances, we may process personal data if it’s necessary to protect someone’s vital interests (e.g. life or health in an emergency) or for tasks clearly in the public interest. We will generally not rely on these bases unless absolutely required (for example, providing information during a public health crisis if mandated).
International Users: Regardless of your location, we ensure that we have a lawful basis to process your personal data. If you are outside of the EEA/UK, typically our legitimate interest or your consent will cover the types of processing we do via the Website. We strive to uphold the principles of privacy and data protection for all our users internationally, not just those in the EU.
Disclosure of your personal data
We value your privacy and only share your personal information with third parties in limited circumstances and with appropriate safeguards. We do not sell or rent your personal data to third-party marketers. The situations in which we may share data include:
Within the Mobility Mojo Organisation: Your information may be accessed by authorized personnel within Mobility Mojo Limited who need it to perform their job duties (such as our customer support team, sales team, or IT administrators). All our staff are subject to confidentiality obligations and trained on data protection principles.
Service Providers and Data Processors: We use trusted third-party companies to support our operations and services. These third parties process personal data on our behalf (acting as “Data Processors” under GDPR) and are contractually obligated to keep your information secure and use it only for the purposes we specify. Key service providers we work with include:
HubSpot: As mentioned, we use HubSpot (HubSpot, Inc.) as our CRM and marketing automation platform. Personal data that you provide (such as form submissions or email interactions) is stored in HubSpot’s systems. HubSpot helps us manage contacts, send emails, and analyse engagement. HubSpot may process this data in the United States (see “International Data Transfers” below), but they do so under our instructions and in compliance with GDPR via a Data Processing Agreement.
Website Hosting and IT Infrastructure: Our Website and related data (including any databases) are hosted on secure servers provided by third-party hosting providers. These providers might be located within the EEA or in other jurisdictions (with appropriate safeguards). They ensure our site stays up and running and store data such as Website content and information you submit through the site.
Analytics Providers: We share certain online identifiers and usage data with analytics services like Google Analytics. Google acts as a processor when providing aggregate insights to us. We have configured settings to limit data sharing and have a data processing agreement with Google as required. Analytics providers may use their own cookies or tracking technologies on our site (with your consent) as described in the Cookies section.
Payment Processors: If you make payments to us, your payment details will be handled by external payment processors (e.g. Stripe, Inc.). These processors will receive the information needed to verify and complete the transaction (such as your credit card number, expiration date, CVV, billing address, and the transaction amount). We share the minimum necessary personal data with payment processors, and they are responsible for safeguarding your payment information. We have agreements in place to ensure they comply with relevant security standards. We ourselves only receive confirmation of payment and limited details, as described earlier, for our records.
Email and Communication Tools: We may use third-party platforms (for example, HubSpot’s email tools or other email service providers) to send out newsletters, confirmations, or service-related emails. These providers will have access to your email address and the content of messages as needed to perform their function. They are not allowed to use your info for any other purposes.
Other Vendors: We might use other specialized vendors for things like survey management, event registration, live chat support on the Website, or IT support services. Any such vendors will only have access to personal data as required for their tasks (for example, a survey tool would handle any data you submit in a feedback survey). We vet our vendors for strong privacy and security practices and ensure appropriate contracts are in place.
Business Partners (for Client Services): In some cases, if you are a customer, we may share limited information with our business partners or resellers only as needed to deliver the service to you. For instance, if you were introduced to Mobility Mojo through a referral partner or if we collaborate with a local partner in your region for implementation, we might share your contact information and project details with that partner (with appropriate confidentiality and only with your knowledge). Such sharing would typically be outlined in the service agreement with you. We do not share user data with third parties for their own marketing purposes without your explicit consent.
Legal Requirements and Safety: We may disclose your personal data to third parties if we believe disclosure is necessary to:
- Comply with any applicable law, regulation, legal process, or enforceable governmental request (for example, to respond to a subpoena or court order).
- Enforce or apply our Terms and Conditions and other agreements, or investigate potential breaches thereof.
- Detect, prevent, or otherwise address fraud, security, or technical issues.
- Protect the rights, property, or safety of Mobility Mojo, our customers, users, or the public, as required or permitted by law.
- This could include exchanging information with law enforcement or other organizations for fraud protection and credit risk reduction. We will carefully review such requests and only provide data to the extent we are compelled or allowed, and will ensure any request is legitimate.
Corporate Transactions: As noted earlier, if we participate in a merger, acquisition, reorganization, or sale of all or part of our assets or business, personal data relevant to that transaction may be disclosed to the parties involved (such as a prospective buyer and its auditors/advisors). We will ensure that any such parties understand that they must handle personal data in line with this Privacy Policy (or provide notice of any changes), and we will only transfer data that is necessary for the transaction’s purposes. Your information would remain subject to confidentiality obligations even during due diligence phases. If a change of ownership happens, we will notify affected users if their personal data becomes subject to a new Privacy Policy.
In all cases of sharing as above, we endeavour to share only the minimum amount of information necessary for the purpose. We also require any third-party recipient to have appropriate security measures in place to protect your data.
International data transfers
Mobility Mojo operates from Ireland, and our Website is accessible globally. Your personal data may be transferred to and stored in countries outside of your own country or outside the European Economic Area (EEA). In particular, some of our service providers are based in the United States or other jurisdictions which may not have data protection laws as strict as those in the EU/UK.
For example: - HubSpot (our CRM provider) and Google (our analytics provider) are U.S.-based companies. Data we store with these services or data that these services collect (like analytics data) may be processed on servers in the U.S. or other countries. - Stripe (payment processor) is a global company and may process payments in the U.S. or other regions. - Our web hosting or other tech support services might involve infrastructure in the U.S., EU, or elsewhere.
When we transfer personal data out of the EEA/UK, we take steps to ensure that appropriate safeguards are in place to protect your information in accordance with GDPR requirements. Mobility Mojo Limited complies with Chapter V of the GDPR (and equivalent UK provisions) regarding international data transfers. This means that for any transfer of personal data to a country not deemed to have “adequate” data protection by the European Commission (such as the U.S. at the time of writing), we implement one or more of the following safeguards:
Standard Contractual Clauses (SCCs): We have entered into EU Commission-approved Standard Contractual Clauses with relevant service providers (like HubSpot, Google, etc.) to contractually ensure a high level of data protection for European personal data transferred overseas. These SCCs obligate the recipient to protect the data to EU standards regardless of local law.
Data Processing Agreements: All our major vendors have Data Processing Agreements in place which include commitments to GDPR compliance, including around international transfers and security.
Additional Technical and Organisational Measures: Where appropriate, we employ measures such as data encryption (both in transit and at rest), access controls, and pseudonymisation to protect data that may be stored in another country. For instance, we use encryption for data transfers to our cloud systems. Also, as noted, we enable features like IP anonymization in analytics.
Adequacy Decisions: If data is transferred to a country that the EU has deemed to have adequate data protection laws (for example, countries like Canada, Japan, or the UK itself post Brexit under the EU’s adequacy decision), we rely on that decision for the transfer.
By using our Website or submitting information to us, you acknowledge that your personal data may be transferred internationally. However, this does not mean we take your data protection lightly – we will always ensure any such transfers are lawful and that your data remains protected to the standards of this Privacy Policy. If required by applicable law, we will obtain your consent for international data transfers.
If you would like more information about the specific transfer mechanisms or safeguards, we use for exporting personal data, you can contact us (see Contact Us section below).
Please note, while data transferred to jurisdictions like the U.S. may be subject to foreign government access under certain conditions (e.g. law enforcement requests under U.S. law), our service providers have committed to handling government data requests in a manner consistent with EU standards and to notify us (or you) where legally possible. We continuously monitor developments in international data transfer law (such as new frameworks or rulings) and will adapt our practices accordingly.
Data retention
We will retain your personal data only for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In general:
If you contact us with an inquiry but do not become a customer, we will retain your information for as long as needed to respond and follow-up, and then a reasonable period thereafter in case you have additional questions or to keep records of our communications. This retention period may be influenced by our interest in understanding potential client needs or by legal limitation periods. We periodically review contact data and purge it if it’s no longer needed.
If you are a customer (with an account or contract with Mobility Mojo), we will retain your data for the duration of our business relationship and as long as your account is active. After you stop using our services or your contract ends, we will retain relevant data for a certain time in our archives. For example, we may keep account information, communications, and transaction records for a number of years after the contract ends, to have an accurate history for any potential legal disputes, inquiries, or reactivation of services. Financial and payment records are kept as required by finance and tax regulations (often 6–7 years or according to local law).
Data collected via cookies and analytics is retained according to the specifications of those tools. For instance, Google Analytics data may be retained for a set period (e.g. 26 months) as configured in our account, unless you clear those cookies or opt out. We don’t personally identify users in analytics data, and we review aggregated trends over time.
If you unsubscribe from marketing communications, we will stop sending you emails but will maintain minimal information (like your email address) on a suppression list to ensure we respect your opt-out going forward. We will keep that suppression record indefinitely (or as required by law) to avoid accidentally resubscribing you.
When we have no ongoing legitimate business need or legal obligation to process your personal data, we will delete it or anonymise it. For example, if we hold backup archives, we have processes to eventually delete or securely isolate personal data within them once the retention period expires. In cases where deleting data is complex (e.g. data stored in long-term backups), we may retain it securely until deletion is feasible. We always ensure that any retained data is kept secure and not used for other purposes beyond the retention rationale.
Keep in mind that due to technical reasons, complete removal of data might not be immediate from all systems (for example, data might persist in secure backups for a short period). However, we have internal policies to ensure data is not kept longer than necessary or active in our systems after the need ends.
Your rights
Mobility Mojo is committed to upholding the data protection rights of all individuals who interact with us. If you are in the EU/EEA or UK, you have specific legal rights under GDPR regarding your personal data. Likewise, individuals in other jurisdictions (such as California, Brazil, etc.) may have similar rights under their own laws. We honour applicable rights requests in line with the law. These rights include:
Right of Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to obtain a copy of the personal data we hold about you. This allows you to check what information we have and to verify that we are processing it lawfully. Upon request, we will provide a copy of your personal data in our records, usually free of charge. For further copies or in certain scenarios allowed by law, we may charge a reasonable fee based on administrative costs. (Under GDPR, we typically must respond within one month of receiving a valid request and proof of identity.)
Right to Rectification: You have the right to request that we correct or update any of your personal data that is inaccurate or incomplete. We want to ensure we have correct information about you. For example, if you change your email address or notice that we have misspelled your name, you can ask us to fix it. Once we verify the new data, we will rectify our records and inform you of the update. If we have shared the incorrect data with any third parties, we will, where required, let them know about the correction as well.
Right to Erasure (“Right to be Forgotten”): You have the right to request the deletion of your personal data in certain circumstances. You can ask us to erase your data, for instance, if it is no longer necessary for the purposes for which it was collected, if you have withdrawn your consent (where the processing was based on consent) and we have no other legal basis to retain it, or if you object to processing based on our legitimate interests and we have no overriding legitimate grounds to continue. We will also erase your data if we processed it unlawfully or if required to erase it to comply with a legal obligation. Please note that this right is not absolute – sometimes we must retain certain information, for example for legal compliance (see Data Retention above). If that is the case, we will inform you of what we cannot delete and why (e.g. “We cannot delete your invoice records because of tax law requirements”). Otherwise, we will comply with your erasure request and also instruct any relevant service providers to delete the data from their systems.
Right to Restrict Processing: You have the right to request that we limit the processing of your personal data under certain conditions. This means we would mark the stored data to be used only for specific purposes in the future. You might exercise this right if you contest the accuracy of your data (for the period it takes us to verify accuracy), or if you have objected to processing (pending our determination of whether we have overriding legitimate grounds). You can also ask for restriction if our processing is unlawful but you prefer restriction over deletion, or if we no longer need the data but you need us to keep it for establishing, exercising, or defending legal claims. When processing is restricted, we will continue to store your personal data but will not use it except for the limited reasons allowed (such as with your consent or for legal claims). We will inform you before lifting any such restriction.
Right to Data Portability: For data you have provided to us and which we process by automated means based on your consent or on a contract with you, you have the right to obtain that data from us in a structured, commonly used, machine-readable format (for example, a CSV file). You also have the right to request that we transmit this data directly to another data controller where technically feasible. This right facilitates moving your data to other services. In practice, this might apply to information you gave us via the Website forms or your account data, if you ever needed us to transfer it to another service provider at your direction.
Right to Object: You have the right to object to our processing of your personal data in certain circumstances:
Objection to Legitimate Interest Processing: If we are processing your data based on legitimate interests, you may object to this processing if you feel it impacts your rights or freedoms. If you raise an objection, we will consider it carefully. We will be required to stop processing your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or unless we need to continue processing for the establishment, exercise, or defence of legal claims.
Objection to Marketing: You have an absolute right to object to your personal data being processed for direct marketing purposes at any time. This includes profiling related to direct marketing. If you object, we will cease using your data for marketing immediately. For example, if you no longer wish to receive marketing emails or calls, you can opt out (unsubscribe) and/or contact us to object, and we will remove you from any marketing lists. (As noted, you might still receive necessary service communications if you’re a customer, since those are not marketing.)
Right to Withdraw Consent: Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time. For instance, if you consented to cookies or subscribed to our newsletter, you can withdraw consent by changing your cookie settings or clicking “unsubscribe” in emails. Withdrawing consent will not affect the lawfulness of processing done before the withdrawal. If you withdraw consent for a specific purpose, we will stop the processing of your data for that purpose (assuming no other legal basis applies). There is no penalty or negative consequence for withdrawing consent – it is your right.
Right Not to be Subject to Automated Decisions: As mentioned, we do not typically make decisions about you solely by automated means (without human involvement) that have legal or similarly significant effects. However, you have the right not to be subject to such a decision if it were to occur, unless it is necessary for entering into or performing a contract with you, authorized by law, or based on your explicit consent. If we ever use automated decision-making (including profiling) in the future, we will inform you and ensure appropriate safeguards are in place, including the possibility to request human intervention or to contest the decision.
Right to Complain to a Supervisory Authority: If you believe that we have not complied with data protection laws in handling your personal data, you have the right to lodge a complaint with a supervisory authority. For EU users, you can contact the Data Protection Commission (DPC) in Ireland (as Mobility Mojo is an Irish company) or your country’s supervisory authority. In the UK, you can contact the Information Commissioner’s Office (ICO). We would, however, appreciate the chance to address your concerns directly before you approach an authority – so please consider reaching out to us first, and we will do our best to resolve any issues.
Other Jurisdictions: Users in other states or countries may have additional or similar rights. We will endeavour to honour all legitimate requests to the extent required by applicable law. Regardless of location, we respond to privacy inquiries and requests as described in this Policy. If you contact us from outside the EU with a request concerning your data, we will review and accommodate it in line with the principles of transparency, fairness, and applicable laws.
Exercising Your Rights: To exercise any of your rights or make a privacy-related request, please contact us at admin@mobilitymojo.com with the details of your request. For certain requests (like accessing or deleting significant amounts of data), we may ask you to verify your identity to ensure we’re protecting your information from unauthorized access (for example, we might ask you to confirm some basic details we have on file, or in some cases request a form of ID). We will respond to your request as soon as possible, typically within one month. If we need more time (e.g. the request is complex or we received many requests), we will inform you of the extension period and the reason. There is generally no fee for making a request, but if a request is manifestly unfounded or excessive, we may either charge a reasonable fee or refuse to act on it (we would explain our reasoning in such case).
Security
We take the security of your personal data very seriously. Mobility Mojo has implemented a variety of technical and organisational measures to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include:
Encryption: Any sensitive information transmitted via our Website (such as login credentials or payment details input into Stripe’s forms) is encrypted using industry-standard protocols like TLS (Transport Layer Security). This means data is scrambled in transit to prevent eavesdropping. Our Website pages use HTTPS to secure the communication between your browser and our servers.
Access Controls: Internally, personal data is accessible only to those who need it. We use access control mechanisms to limit who in our organisation and among our service providers can see your personal information. For example, our databases and CRM require authentication and are accessible only by trained staff with permissions. We regularly review user permissions and follow the principle of least privilege.
Secure Data Storage: We store personal data on secure servers. Our cloud providers maintain high security standards (physical security, network firewalls, intrusion detection, etc.). We also use safeguards like up-to-date antivirus software, system monitoring, and security patches on our systems to protect against vulnerabilities and attacks.
Password Protection: If you have an account on our platform, it is protected by a password which you must keep confidential. We never ask you to share your password with us; please do not reuse your Mobility Mojo password on other services. We store passwords in a hashed form (we do not store them in plain text) to add an extra layer of protection.
Employee Training and Policies: Our team members are trained on data protection best practices and are required to adhere to our internal privacy and security policies. We have incident response plans in place in the event of a security breach, and protocols for regular security assessments.
Payment Security: All payment transactions processed by Stripe or other providers are encrypted and compliant with Payment Card Industry Data Security Standards (PCI-DSS). We do not handle or store your raw credit card numbers on our servers.
Ongoing Efforts: We continuously update and audit our security practices. This includes keeping software updated, performing periodic security testing, and reviewing our procedures to adapt to new threats. We also contract with reputable vendors who themselves have strong security track records.
Despite all these measures, it’s important to note that no method of transmission over the internet or method of electronic storage is 100% secure. We strive to protect your personal data, but we cannot guarantee absolute security. Cyber threats evolve rapidly, and while we work hard to guard against them, there’s always some residual risk. In the unlikely event of a data breach that affects your personal data, we will follow all applicable breach notification laws. This means we would notify the relevant supervisory authority, and if required, notify you as well without undue delay, particularly if the breach is likely to result in a high risk to your rights and freedoms.
You also play a role in data security. We encourage you to use a strong, unique password for our services, never share your account details with others, and use secure networks when accessing sensitive information. If you suspect any unauthorized access to your account or any security vulnerabilities, please contact us immediately so we can assist.
Changes to this Privacy Policy
We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. If we make material changes, we will post the updated policy on this page and update the “Last updated” date at the top. In some cases, we may provide additional notice of significant changes, such as via email notification or a notice on our homepage, especially if required by law.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Website after any updates constitutes your acknowledgment of the changes and agreement to the updated terms, to the extent permitted by law. If you do not agree with any changes to the Policy, you should stop using the Website and can contact us regarding removal of your data as needed.
External links
The Mobility Mojo Website may contain links to other websites or third-party content for your convenience and information (for example, links to our clients’ sites, articles on our blog referencing external sources, or social media buttons that lead to platforms like Facebook or LinkedIn). If you follow a link to any website not controlled by Mobility Mojo, please be aware that those websites have their own privacy policies. We do not have control over and are not responsible for the content, security, or privacy practices of external sites. We recommend that you review the privacy policy of any third-party website you visit before providing any personal information there. This Privacy Policy applies solely to data collected by Mobility Mojo on our own domain and services.
Contact us
If you have any questions, concerns, or requests regarding this Privacy Policy or how Mobility Mojo handles your personal data, please do not hesitate to contact us. We are here to help and committed to addressing any privacy or data security questions you may have.
Contact Information for the Data Controller:
Mobility Mojo Limited – 1st Floor Fleming Court
Flemings Place, Ballsbridge
Dublin 4, D04 N4X9
Email: admin@mobilitymojo.com
We will respond to your inquiry as soon as possible, generally within normal business hours. If you are contacting us to exercise a specific data right, please clearly describe your request (for example, “I am requesting a copy of my personal data” or “Please delete the data I submitted via the contact form on [date]”) and include sufficient information for us to verify your identity. We may follow up with you for verification or clarification as needed.
Thank you for reading our Privacy Policy. We value your trust and are dedicated to protecting your privacy while providing you with a valuable service.