MindfulScale Privacy Policy

Last Updated: 14 April 2025

1. Introduction

MindfulScale Ltd ("we", "our", "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our workflow automation platform, website, and services (collectively, the "Service").

This policy applies to all users of MindfulScale, including visitors to our website, subscribers, and users of our workflow automation tools. This policy should be read alongside our Terms of Service.

MindfulScale Ltd is registered in the United Kingdom and serves as the data controller for personal information collected through our Service.

2. Information We Collect

2.1 Information You Provide to Us

We collect information you provide directly to us, including:

• Account Information: When you register for an account, we collect your name, email address, password, company name, job title, and billing information.

• Profile Information: Information you provide in your user profile, such as profile pictures, contact details, and preferences.

• Customer Data: Data that you input, upload, or transfer into our Service as part of using our workflow automation tools. This may include various types of data depending on how you configure and use the Service.

• Communications: When you contact us, we collect information you provide in your communications, including support requests and feedback.

2.2 Information We Collect Automatically

When you use our Service, we automatically collect certain information, including:

• Usage Information: Information about how you use the Service, including log data, the features and functions you use, the time spent on the Service, and other usage statistics.

• Device Information: Information about the devices you use to access the Service, including hardware model, operating system and version, unique device identifiers, and mobile network information.

• Log Information: Server logs, which may include your IP address, browser type, referring/exit pages, operating system, date/time stamps, and clickstream data.

• Cookies and Similar Technologies: We use cookies and similar tracking technologies to collect information about how you interact with our Service and to remember your preferences. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Service Providers: Information from our service providers who help us provide services to you.

• Integration Partners: If you integrate third-party services with our platform, we may receive information from those services as necessary to provide the integrated services.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 To Provide, Maintain, and Improve the Service

• Set up and maintain your account

• Process transactions and send related information

• Provide customer support and respond to your requests

• Monitor and analyse usage patterns and trends

• Improve the functionality and user experience of our Service

3.2 For Communications

• Send administrative messages about your account, service changes, or policy updates

• Provide customer support and technical assistance

• Send promotional communications about new features, offers, and events (where you have opted in to receive such communications)

3.3 For Security and Compliance

• Detect, investigate, and prevent fraudulent transactions and other illegal activities

• Protect the security and integrity of our Service

• Enforce our Terms of Service and other agreements

• Comply with legal obligations

3.4 For Personalisation

• Customise and personalise your experience with the Service

• Suggest features or content that may be of interest to you

4. How We Share Your Information

We may share your personal information in the following circumstances:

4.1 With Service Providers

We may share your information with third-party vendors, consultants, and other service providers who need access to such information to carry out work on our behalf. These providers are subject to contractual obligations to protect your personal information.

4.2 For Legal Reasons

We may disclose your information if we believe in good faith that disclosure is necessary to:

• Comply with applicable laws, regulations, legal processes, or governmental requests

• Enforce our Terms of Service, including investigation of potential violations

• Detect, prevent, or address fraud, security, or technical issues

• Protect the rights, property, or safety of MindfulScale, our users, or the public

4.3 Business Transfers

If we are involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any change in ownership or the uses of your personal information.

4.4 With Your Consent

We may share your information with third parties when you have given us your consent to do so.

5. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

When you delete your account, we will delete or anonymise your personal information within 30 days, unless we are legally required to retain it.

6. International Data Transfers

Your information may be transferred to, and maintained on, computers located outside of your country or jurisdiction where the data protection laws may differ from those in your jurisdiction.

If you are located outside the United Kingdom and choose to provide information to us, please note that we transfer the information to the United Kingdom and process it there.

When we transfer personal data outside the UK or European Economic Area (EEA), we ensure an adequate level of protection for your rights and freedoms in relation to the processing of your personal data. This is achieved through standard data protection clauses approved by the relevant authorities.

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

7.1 Access and Update

You can access and update certain information about yourself through your account settings or by contacting us.

7.2 Data Protection Rights

If you are in the UK or EEA, you have rights under data protection laws in relation to your personal data, including:

• The right to be informed

• The right of access

• The right to rectification

• The right to erasure

• The right to restrict processing

• The right to data portability

• The right to object

• Rights in relation to automated decision making and profiling

To exercise these rights, please contact us using the details in the "Contact Us" section.

7.3 Marketing Communications

You can opt out of receiving promotional communications from us by following the instructions in those communications or by adjusting your email preferences in your account settings. Even if you opt out, you will still receive non-promotional communications, such as those about your account or our ongoing business relations.

7.4 Cookies

Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Service.

8. Data Security

We take reasonable measures to help protect your personal information from loss, theft, misuse, unauthorised access, disclosure, alteration, and destruction. However, no security system is impenetrable, and we cannot guarantee the security of our systems or your information.

We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of personal information including:

• All sensitive information is transmitted via Secure Socket Layer (SSL) technology

• All information is stored in secure databases protected by multiple layers of security

• Regular security assessments and penetration testing

• Employee access controls and training

9. Children's Privacy

Our Service is not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take steps to delete such information as quickly as possible.

10. Third-Party Links and Services

Our Service may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the Service prior to the changes becoming effective. Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

12. Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact our DPO using the details set out below.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: privacy@mindfulscale.com

Data Protection Officer: dpo@mindfulscale.com

If you are in the UK or EEA and you feel that we have not addressed your concerns adequately, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) in the UK or your local data protection authority.