M
Mivoo

Privacy Policy

Last updated: 12 March 2026

At Mivoo, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our supported living management platform.

This policy applies to all users of Mivoo, including organizations, staff members, and any individuals whose data is processed through our platform. By using Mivoo, you agree to the collection and use of information in accordance with this policy.

1. Data Controller

Mivoo

Email: info@mivoo.app

For data protection inquiries, please contact us at the email address above.

2. Information We Collect

2.1 Account Information

  • Name and contact details (email address, phone number)
  • Organization affiliation and role
  • Authentication credentials (encrypted passwords)
  • Profile information and preferences

2.2 Operational Data

  • Young person records and personal information
  • Daily logs, incident reports, and submissions
  • Staff schedules and rota information
  • Handover notes and task management data
  • File uploads and attachments (photos, documents)

2.3 Technical Data

  • IP address and browser information
  • Device information and operating system
  • Usage logs and analytics data
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide and maintain our supported living management platform
  • Authentication: To verify user identity and manage access to the platform
  • Data Management: To store, organize, and manage operational data for your organization
  • Communication: To send important updates, notifications, and respond to inquiries
  • Security: To detect, prevent, and address security issues and unauthorized access
  • Compliance: To comply with legal obligations and regulatory requirements
  • Improvement: To analyze usage patterns and improve our services

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on:

  • Contractual Necessity: To fulfill our service agreement with your organization
  • Legitimate Interests: To operate and improve our platform securely
  • Legal Obligations: To comply with applicable laws and regulations
  • Consent: Where you have provided explicit consent for specific processing activities

5. Data Sharing and Disclosure

We do not sell your personal data. We may share information only in the following circumstances:

  • Within Your Organization: Data is accessible to authorized users within your organization based on role permissions
  • Service Providers: With trusted third-party service providers who assist in operating our platform (e.g., cloud hosting, database services)
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with prior notice)

6. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (HTTPS/TLS) and at rest
  • Secure authentication and access controls
  • Regular security audits and vulnerability assessments
  • Role-based access control (RBAC) to limit data access
  • Regular backups and disaster recovery procedures
  • Secure file storage with access verification
  • Rate limiting and protection against abuse

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to maintaining the highest standards.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Specifically:

  • Account Data: Retained while your account is active and for a reasonable period after closure
  • Operational Data: Retained according to your organization's requirements and legal obligations
  • Logs and Analytics: Retained for up to 12 months for security and troubleshooting purposes

Upon request, we will delete your personal data in accordance with applicable data protection laws, subject to any legal retention requirements.

8. Your Rights (GDPR)

Under GDPR and other applicable data protection laws, you have the following rights:

  • Right of Access: Request a copy of your personal data we hold
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data (subject to legal requirements)
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request transfer of your data to another service provider
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at info@mivoo.app. We will respond to your request within 30 days.

9. Cookies and Tracking

We use cookies and similar technologies to maintain your session, improve security, and enhance your experience. Essential cookies are required for the platform to function. You can manage cookie preferences through your browser settings.

10. International Data Transfers

Your data may be processed and stored in servers located outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) with service providers
  • Compliance with GDPR requirements for international transfers
  • Regular security assessments of data processors

11. Children's Privacy

Our platform is designed for use by organizations providing supported living services. While we may process data related to young people in care, this is done under the legal authority and responsibility of the organization using our platform. We comply with all applicable laws regarding the protection of children's data.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on this page
  • Updating the "Last updated" date at the top of this page
  • Sending an email notification for significant changes

Your continued use of Mivoo after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or wish to exercise your data protection rights, please contact us:

Email: info@mivoo.app

Data Protection Officer: Available upon request at info@mivoo.app

You also have the right to lodge a complaint with your local data protection authority if you believe we have not addressed your concerns adequately.

Need help? Contact us