top of page

Mosey Privacy Policy

Effective Date: 30 October, 2025

This privacy policy ("Privacy Policy") applies to the personal information that Mosey processes in connection with Mosey apps, websites, software and related services (the "Platform"), that link to or reference this Privacy Policy.

We are committed to protecting your privacy and handling your Personal Data in a transparent and secure manner. This policy should be read in conjunction with our "Terms and Conditions" and, for Businesses, our "Data Processing Addendum" or "DPA".

This Privacy Policy adheres to the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR') and the Irish Data Protection Act 2018 ('DPA 2018').
 
1. ABOUT MOSEY AND OUR DATA PROCESSING ROLES

Mosey Limited, an Irish company, is the Data Controller for certain data, registered in Ireland at 77 Camden Street Lower, Dublin 2, D02 XE80. Mosey operates in two distinct data processing roles:
 

  • Mosey as a Data Controller: We act as a Data Controller when we collect and process Personal Data directly from Users (individuals accessing or using the Platform for personal purposes) and Businesses (entities using the Platform for commercial purposes) for our own purposes. This includes data necessary for:

    • Operating and improving the Platform (e.g., user account management, analytics on how our Platform is used, personalization of the Platform).

    • Marketing our Platform.

    • Ensuring the security and integrity of our Platform.

    • Complying with our legal obligations. For this type of processing, we determine the "why" and "how" of the data processing.

 

  • Mosey as a Data Processor: We act as a Data Processor when Businesses use certain features of our Platform (e.g., staff management, CRM tools, or event/reservation management for their customers) to process Personal Data of their own customers, employees, or job applicants. In these cases:

    • The Business is the Data Controller for that data. They determine the "why" and "how" of that processing.

    • Mosey processes that Personal Data strictly on behalf of and according to the documented instructions of the Business.

    • This relationship is governed by our Data Processing Addendum (DPA), which is incorporated by reference into our Terms and Conditions for Businesses. Businesses warrant that they have a lawful basis for processing any Personal Data they submit through our Platform.


1.1 When Mosey Acts as Data Controller

Mosey Limited acts as a Data Controller when we process your Personal Data for our own business purposes. This includes:

Individual Users:

  • Account creation and management (name, email, profile information)

  • Location based services

  • Purchases (vouchers, events, promotions, reservations)

  • Platform analytics and improvement

  • Marketing communications from Mosey

  • Safety and security monitoring

  • Customer support interactions


Business Users:

  • Business account setup and billing

  • Platform usage analytics

  • Marketing communications about Mosey services

  • Compliance and legal obligations

  • Customer support interactions


Legal Basis: We determine the purposes and means of this processing according to Section 4 below.

Additional Processing Activities:

Market Intelligence Reports:

  • Creating and selling anonymised, aggregated market intelligence reports to restaurants, property developers, investors, and other businesses

  • Revenue generation that keeps the Platform free for users

  • Business trend analysis and market insights


Global Operations:

  • Cross-border data processing for international service provision

  • Multi-jurisdiction compliance and reporting obligations

  • International customer support and service delivery


1.2 When Mosey Acts as Data Processor

Mosey acts as a Data Processor when Businesses use our Platform to process Personal Data of their own customers, employees, or contacts. This includes:

  • Customer reservation and booking systems

  • Delivery and collection order management

  • Customer notification and marketing services

  • Staff management tools

  • Multi-location customer relationship management

  • Customer relationship management (CRM) and chat related features

  • Event management for business customers

  • Hiring and interviewing

  • Voucher purchasing

  • Promotions

  • Customer feedback and review systems managed by businesses


Business Responsibility: The Business remains the Data Controller and is responsible for:

  • Having a lawful basis for processing

  • Providing appropriate privacy notices to their data subjects

  • Ensuring data subject rights can be exercised

  • Data protection compliance for their processing activities


Our Role: We process this data strictly according to the Business's documented instructions as set out in our Data Processing Addendum.

1.3 Specific Legal Basis Table

Legal Basis


2. DEFINITIONS

Capitalised terms used in this Privacy Policy, unless otherwise defined herein, have the meanings given to them in our Terms and Conditions or Data Processing Addendum, including:

  • "Personal Data": Any information relating to an identified or identifiable natural person.

  • "Data Subject": The identified or identifiable natural person to whom Personal Data relates.

  • "Controller": The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

  • "Processor": A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

  • "Platform": As defined in the introduction, referring to the entire Mosey app, websites, software, and related services.

  • "User": An individual accessing or using the Platform for personal purposes.

  • "Business": An entity using the Platform for commercial purposes.

  • "User Content": The content you create or publish through the Platform, such as photographs, videos, audio, captions, check-ins, feedback, reviews, Mosey Lists, and the associated metadata (such as when, where, and by whom the content was created).

  • "GDPR": The General Data Protection Regulation (Regulation (EU) 2016/679).
     

 
3. WHAT INFORMATION WE COLLECT

We collect your information in three ways: Information You Provide, Automatically Collected Information, and Information From Other Sources.

3.1. Information You Provide
 

  • ​Profile Information. We collect information that you provide when you set up an account, which may include your date of birth, username, email address and/or telephone number, and password (hashed and stored securely via AWS Cognito). You can add other information to your profile, such as a bio or a profile photo. This also includes public profile information such as your followers/following lists, and favourites lists.

  • For Businesses: Your business name, address, contact details (email, phone number), primary contact person's name and email, billing information, and details about your food service business, market, or event (e.g., opening hours, menu items, pricing, allergen information, event details). This may include secondary contact information. We also collect employee data through usage of sections such as Staff Management. In the case of multiple locations, we may have further information on each location and how they correspond to each other. This is to inform us of our platform usage and to enhance the platform, and to ensure accurate information for the business in the form of analytics and reporting.

  • User Content. We collect the content you create or publish through the Platform, such as photographs, ratings, captions, check-ins, feedback, reviews, Mosey Lists, and the associated metadata (such as when, where, and by whom the content was created). When you create or contribute to Mosey Lists, we also collect the names, usernames, or other identifying information of other users you include in the list. Even if you are not a user, information about you may appear in content created or published by users on the Platform. We collect User Content through pre-loading at the time of creation, import, or upload. We also collect content such as text and images from your device's clipboard if you choose to copy and paste content to the Platform, or share content between it and a third-party platform. In addition, we collect location information (such as the foodservice business you rate, event and other points of interest) if you choose to add the location information to your User Content.

  • Direct Messages. If you communicate with businesses or other users using direct messages or our chat functionality, we collect the associated metadata (such as the time the message was sent, received and/or read, as well as the participants in the communication). We do this to block spam, detect crime, and to safeguard our users.

  • Your Contacts. If you choose to sync your contacts, we will collect information from your device's phone book such as names, phone numbers, and email addresses, and match that information to users of the Platform. If you choose to find other users through your social network contacts, we will collect your public profile information as well as names and profiles of your social network contacts.

  • Purchase Information. When you make a reservation, or make a payment on or through the Platform for other purchases such as events, promotions and vouchers, we collect information about the purchase or payment transaction, such as payment card information (processed securely by our third-party payment processors, Stripe), billing, time and date, contact information, and associated information (i.e., the record of the transaction). This includes data related to your attendance or participation in events or reservations facilitated through the Platform for verification purposes. If you make a reservation, book an event, or purchase a voucher for other individuals, we also collect the names, contact details, or other necessary personal information of those individuals as provided by you to facilitate the service.

  • Surveys, Research, and Promotions. We collect information you provide if you choose to participate in a survey, research, promotion, contest, marketing campaign, or event conducted or sponsored by us, or sent to you by us and completed by you.

  • Information When You Contact Us. When you contact us, we collect the information you send us, such as proof of identity or age, feedback or inquiries about your use of the Platform, complaint or any reason you have contacted us. This includes information about possible violations of our Terms of Service (our "Terms"), Community Guidelines (our "Guidelines"), or other policies.

  • Information From Forms and Features You Use. We collect the information you provide when you fill in a form on the Platform and when you use features such as Discover, Search and Social etc. Mosey will sometimes automatically fill forms with your account info, like your payment info.

  • Delivery Information. When placing delivery or collection orders, we collect delivery addresses, contact information, special delivery instructions, and timing preferences necessary to fulfill your order.

  • Communication Preferences. We collect your explicit consent for receiving targeted in-app notifications from each individual Business, and maintain records of your consent preferences for each Business.
     

Additional Data Collection:
 

  • Age Verification Information: We may collect age verification information to confirm that users are 18 years of age or older, as required by our Terms of Service.

  • Jurisdiction-Specific Information: We may collect additional information required by local laws in your jurisdiction, including but not limited to marketing preferences, specific consent records, and locally-required identification information.
     

3.2. Automatically Collected Information
 

  • Technical Information. We collect certain device and network connection information when you access the Platform. This information includes your device model, operating system, keystroke patterns or rhythms, IP address, and system language. We also collect service-related, diagnostic, and performance information, including crash reports and performance logs. We automatically assign you a user ID. Where you log-in from multiple devices, we use information such as your device ID and user ID to identify your activity across devices to give you a seamless log-in experience and for security purposes.

  • Location Information. We automatically collect information about your approximate location (e.g. country, geographical area, or city) based on your Technical Information (such as IP address). When you enable location services and permissions for Mosey, we collect approximate location information from your device.

  • Usage Information. We collect information about how you engage with the Platform, including information about the content you view, the duration and frequency of your use, your engagement with other users, your search and purchase history, and your settings. This includes your interactions with user and business profiles, content engagement (likes, shares, favourites), and your activity related to Business created features or content. Additionally, we collect data related to your attendance or participation in events or reservations facilitated through the Service for verification purposes, and claiming of vouchers.

  • Content Characteristics and Features. We detect and collect characteristics and features about the images that are part of your User Content, for example, by identifying objects and scenery, the existence or location within an image of a face or other body parts; and the text of words in your User Content. We do this, for example, for content moderation.

  • Inferred Information. We infer your attributes or preferences and interests based on the information we have about you. We use inferences, for example, to keep the Platform safe, and, where permitted, to serve you sponsored posts or promotions based on your interests. We also do this to ensure that we can offer the best suggestions to you, for businesses, events or promotions you may be interested in.

  • Cookies. We use cookies and similar tracking technologies to operate and provide the Platform. For example, we use cookies to remember your language preferences and for security purposes. We also use these technologies for marketing purposes. We will obtain your consent to our use of cookies where required by law. To learn more about our use of cookies, please see our separate Cookie Policy.


3.3. Information From Other Sources
 

  • Foodservice Businesses, Payment and Transaction Fulfilment Providers. We receive information about you from merchants, and may from payment and transaction fulfilment providers, such as payment confirmation details, and information about your booking service.

  • Third Party Platforms and Partners. Third party platforms provide us with information (such as your email address, user ID, and public profile) when you choose to sign up for or log in to the Platform using sign-in features provided by those third parties. We may also receive contact information that you hold or is held about you when contact information is synced with our Platform by you or another user. When you interact with any third party service (such as third party apps, websites or products) that integrate with Mosey, we will receive the information necessary to provide you with features like cross-service authentication or cross-posting. For example, this will happen if you log in to Mosey with a third-party account or if you use Mosey's "share" button on a third-party platform to share content from there to the Platform. We may also receive information from third party providers which we use for safety purposes, including to protect users on the Platform and for content moderation.

  • Additional Sources. We may collect or receive information about you from organisations, businesses, people, and others, including, for example, users, publicly available sources, government authorities, professional organisations, and charity groups. We also collect information about you where you are included or mentioned in User Content, Messages, in a complaint, appeal, request or feedback submitted by a user or third party, or if your contact information is provided to us by a user.


4. Personalised Advertising on the Platform

To enhance your experience and connect you with relevant businesses, we display personalized advertising directly within the Mosey platform. These advertisements, presented as banner ads or sponsored posts, are only from businesses hosted on Mosey.

The personalization of these adverts is based exclusively on:
 

  • Geographical Location: Derived from your (e.g., device's location permission if granted, or your stated location/IP address).

  • Interaction Data within Mosey: This includes information about your activities and engagement solely within the Mosey platform, such as content you view, searches you make, businesses you interact with, and posts you engage with. We do not track your activity on third-party websites or apps for the purpose of this personalized advertising.
     

Legal Basis: We process your data for personalized advertising within the Mosey platform based on our legitimate interests in providing a more relevant and engaging user experience, and to effectively connect our users with the businesses hosted on our platform. We have balanced our interests against your data protection rights and freedoms, ensuring this processing is proportionate and does not unduly impact your privacy. We provide this advertising to businesses as a way to pay for the platform.

Your Choices: As Mosey is a free platform for users, we must keep advertising for businesses through the Mosey platform to generate revenue. As such, you cannot opt-out of business adverts as it is in our legitimate interest to keep banner ads and sponsored posts on the platform.

5. HOW WE SHARE YOUR INFORMATION

We share your information to operate, provide, develop, and improve the Platform. We may share your Personal Data with third parties under the following circumstances:

5.1. Service Providers

We engage service providers that help us provide, support, and develop the Platform and understand how it is used. They provide services such as: cloud hosting, content delivery, customer and technical support, content moderation, marketing, analytics, and online payments. We share Information You Provide, Automatically Collected Information, and Information From Other Sources, with these service providers as necessary to enable them to provide their services. When Mosey acts as a Data Processor, we engage sub-processors (as listed in Annex 2 of our Data Processing Addendum) to assist in providing the Service. These sub-processors are contractually bound to process Personal Data only on our documented instructions and in accordance with Data Protection Laws.

5.2. Partners
 

  • Third Party Platforms and Partners. We share limited information which may include Information You Provide, Technical Information, and Usage Information with third party platforms and partners whose platform or services are integrated with the Platform. We do this to give you a seamless experience, allow your content to be shared on other platforms, and/or enable third party platforms and partners to better authenticate users. Some examples include if you:

    • Sign-up or log-in to the Platform using your account details from a third-party platform (such as Facebook or Google), we will share certain Technical Information to facilitate this.

    • Share User Content on the Platform on other social media platforms (such as Instagram or Whatsapp), we will share your User Content and related information.

  • Advertisers. We provide Business advertisers with aggregate information about the performance of their ads and other content on the Platform in order to help them measure their effectiveness. We create this aggregate information using Information You Provide, Automatically Collected Information, and Information From Other Sources. We share your information directly with Businesses where you give us your permission.

  • Measurement and Data Partners. We also share Information You Provide, Technical Information and Usage Information with third-party measurement providers who help us measure usage on the Platform and help our Businesses profile performance (including, posts, business information, event reach to users, sponsored or promotional posts to users etc.).

  • Businesses, Payment and Transaction Fulfilment Providers, and Other Service Providers. When you make a purchase on our Platform, such as a deposit on a table booking, voucher purchase or ticket purchase, we share Purchase Information related to the transaction with the business, payment and transaction fulfilment providers, and other service providers. For example, we will share contact details so your booking can be processed. We may also share certain Technical Information about your device or connection with these parties to help ensure the security of the transaction.

  • Delivery Partners. We share delivery addresses and contact information with delivery drivers and courier services to enable order fulfillment. This information is shared only for the purpose of completing your delivery or collection order.

  • Multi-Location Business Coordination. For Businesses operating multiple locations, primary managers may access customer interaction history across their venues to enable coordinated operations and service, while maintaining separate customer records for each location. Location-specific managers can only access data for their designated venue.


5.3. Others
 

  • Users and the Public. Based on your privacy settings, your information, including your Profile Information, User Content, and Usage Information may be visible to other users and the public. For example, if you have a public account and have not restricted the visibility of your posts, your Profile Information and User Content can be viewed or shared by anyone on or off the Platform. Depending on your privacy settings, your Profile Information and User Content may also appear on search engines, content aggregators, and news sites. Information about your public profile, including your followers/following lists, and public Mosey lists, may be visible to other Users of the Platform.

  • Users interacting with Businesses: If you are a User making a booking, ordering, or interacting with a Business through the Service, relevant Personal Data (e.g., your name, contact details, booking requests, purchase history for that specific Business, confirmation of your attendance/participation for verification purposes, and the names/contact details of any other individuals included in your booking/event/voucher as provided by you) will be shared with that Business to facilitate the interaction. The Business will then act as a separate Data Controller for that data.

  • Users of Our Analytics Services. We provide aggregated statistics and insights to help people and businesses understand how people are engaging with the Platform. For example, creators and businesses can receive information about the number of views, likes, comments and shares of their videos, as well as aggregate demographic information about their followers and the viewers of their content. We create this aggregate information using Information You Provide and Automatically Collected Information.

  • Corporate Transactions. Your information may be disclosed to third parties in connection with a corporate transaction, such as a merger, sale of assets or shares, reorganisation, financing, change of control, or acquisition of all or a portion of our business. We may sell aggregated data reports of usage and interactions, but this data will never be personalised and always aggregated. 

  • Legal Obligations and Rights. We may access, preserve, and share the information described in "What Information We Collect" with law enforcement agencies, public authorities, researchers, copyright holders, or other third parties if we have good faith belief that it is necessary to:

    • comply with applicable law, legal process or government requests, as consistent with internationally recognised standards.

    • protect the rights, property, and safety of our users, copyright holders, and others, including to protect life or prevent imminent bodily harm. For example, we may provide information (such as your IP address) to law enforcement in the event of an emergency where someone's life or safety is at risk.

    • investigate potential violations of and enforce our Terms, Guidelines, or any other applicable terms, policies, or standards.

    • detect, investigate, prevent, or address misleading activity, copyright infringement, or other illegal activity.
       

Market Intelligence Reports

We create and sell anonymised, aggregated reports about food trends, search patterns, and market insights to restaurants, property developers, investors, and other businesses. These reports contain no personally identifiable information and combine data from multiple users to show broader market trends.

Example reports include:

  • "Top 10 Most Searched Cuisines by City/Region"

  • "Peak Dining Times and Booking Patterns by Area"

  • "Seasonal Food Trends and Event Popularity"

  • "Restaurant Density vs. Demand Analysis by Location"

  • "Price Point Preferences by Geographic Area"
     

Data Anonymisation Standards:

  • Minimum threshold: Reports only include data representing at least 50 users

  • Geographic aggregation: Data combined across neighbourhood-level areas minimum

  • Time period aggregation: Data combined across minimum quarterly periods

  • Statistical controls: Numbers rounded and small data cells suppressed

  • No re-identification: Aggregated data cannot be combined with other datasets to identify individuals
     

Legal Basis: We rely on legitimate interests for this processing - our interest in generating revenue to maintain a free Platform, and third parties' interest in understanding market trends for business planning.
 
6. OUR LEGAL BASES AND HOW WE PROCESS YOUR INFORMATION

We may only use your information when we have a "legal basis" to do so. We use different legal bases depending on why we use your information (in other words, the "purpose" of our processing). These legal bases are contractual necessity, legitimate interests (ours, yours or those of another party), consent, compliance with a legal obligation, performing a task in the public interest, and protection of vital interests. These legal bases apply specifically to when Mosey acts as a Data Controller and determines the purposes and means of processing your information. When Mosey processes data as a Data Processor, the legal basis for that processing is determined by the Business (Data Controller), not by Mosey.

Here we explain the legal bases we rely on when we process your information. This section also describes why we use your information, how this information is processed, the categories of information involved, and the associated rights (which always includes the right to access your information). For more information on how to exercise any of your rights, please check out the "Your Rights and Choices" section in this Privacy Policy.

6.1. PURPOSES AND LEGAL BASIS - Mosey as Controller

We use your information to operate, provide, develop, and improve the Platform. Where Mosey acts as a Data Controller, we use your Personal Data for the following purposes and rely on the following legal bases under GDPR:

6.1 Purposes (new).png


Processing Personal Data on Behalf of Businesses (Mosey as Processor): When Mosey acts as a Data Processor, we process Personal Data strictly on the documented instructions of the respective Business (Data Controller). We do not use this data for our own independent purposes (such as our own marketing or service improvement) unless explicitly agreed with the Business in the Data Processing Addendum or required by law.

Create and Sell Anonymised Market Intelligence Reports

Purpose: To generate revenue that keeps the Platform free for users, and to provide valuable market insights to businesses planning food service investments.

Legal Basis: Legitimate Interests - Our legitimate interest in generating revenue to maintain a free Platform, and third parties' legitimate interest in understanding market trends for business planning. Data is fully anonymised with no individual identification possible.

Information Used: Anonymised and aggregated search data, location data, cuisine preferences, and usage patterns.

Your Rights: You can object to this processing, though data anonymisation means your individual data cannot be identified in reports. You can opt-out of future anonymous data collection via Settings > Privacy > Analytics Preferences.

6.2. Contractual Necessity

If you have the legal capacity to enter into an enforceable contract, we use Information You Provide, Automatically Collected Information, and Information From Other Sources where it is necessary to perform the contract you enter into (our Terms) when you register for, access, or use the Platform. This means we use your information to:

  • Provide you with the Platform. We use your information to allow you to access and use the Platform, including allowing you to create and consume content, interact with Businesses, create bookings, find businesses and provide you with services you purchase. We also personalise certain features and content on the Platform, such as showing you your next plans, or suggestions that we think you would be interested in.

  • Product orders. We use your information to process things like bookings, vouchers, events  and communicate with you about those bookings. This includes sharing Purchase Information with Merchants, Payment and Transaction Fulfilment Providers, and Other Service Providers.

  • Enforce our Terms, Guidelines, or policies. We use your information to enforce our Terms, Guidelines, and policies (including through automated means and human moderation). This may include removing content or suspending or banning your account if we determine that you are violating our Terms or Guidelines.

  • Administer the Platform. We also use the information we have to administer the Platform, such as to communicate with you on service related matters, provide you with updates and support regarding any purchase you make on or through the Platform, and respond to and process your queries, claims or disputes (including when you tell us about a problem, or ask for a copy of your information).


Your Rights: Whenever we use your information on the basis that it is necessary for the contract we have with you, you have the right to port information you have provided to us.

6.3. Legitimate Interests

We use your information where this is necessary to achieve legitimate interests - whether belonging to us, you, or a third party - provided these interests are not outweighed by your interests or fundamental rights and freedoms. We use the information we collect to:
 

  • Enable users to create content with interactive features:

    • Legitimate Interest relied upon: To provide users with tools to inspire creativity, collaboration, and enjoyment, and to create opportunities for users to reach new audiences.

    • Information used: Information You Provide and Automatically Collected Information.

 

  • Suggest your account to other users. We may suggest your account to other users, including when a user chooses to sync their contacts with the Platform.

    • Legitimate Interest relied upon: To enable users to quickly and efficiently find and connect with other users.

    • Information used: Information You Provide, Automatically Collected Information, and Information From Other Sources.

 

  • Provide all users with non-personalised advertising. We show all users non-personalised advertising, including those who have chosen not to receive personalised ads.

    • Legitimate Interest relied upon: We show non-personalised ads such as sponsored posts to keep the Platform free of charge. We process limited categories of your information to make sure our advertising service is useful to our hosted Businesses.

    • Information used: Information You Provide and Automatically Collected Information.

 

  • Provide measurement and analytics services. We help advertisers measure the effectiveness and distribution of ads and other content viewed on the Platform.

    • Legitimate Interest relied upon: To enable creators and advertisers to view and understand how their ads or content performed and the audience that viewed or interacted with their ads or content. This is so that they can make informed decisions (such as what kinds of ad campaigns they may want to run, the type of audience they want to reach and the types of content that users enjoy the most). This helps keep the advertising and other content we show users relevant and entertaining, and keeps the Platform free for all users.

    • Information used: Information You Provide, Automatically Collected Information, and Information From Other Sources.

 

  • Ensure the safety and well-being of our community. We use your information to ensure the safety and well-being of our community, including by reviewing User Content (and if permitted under applicable law, Direct Messages and associated metadata) for breaches of our Terms, Guidelines, and other policies. We also infer your age range, and under certain circumstances, may ask you to provide additional information to confirm your age.

    • Legitimate Interest relied upon: To keep our community safe, review compliance with our Guidelines, and identify misuse of the Platform.

    • Information used: Information You Provide, Automatically Collected Information, and Information From Other Sources.

 

  • Ensure the security and stability of the Platform. We use your information to ensure the stability and security of the Platform, including by identifying and combating technical or security issues (such as technical bugs, spam accounts, and detecting abuse, fraud, and illegal activity).

    • Legitimate Interest relied upon: To ensure the ongoing stability and security of the Platform and to ensure it is continuously available and functioning.

    • Information used: Information You Provide, Automatically Collected Information, and Information From Other Sources.

 

  • Review, improve, promote, and develop the Platform. We use the information we have to understand how people are using the Platform and to develop, test, and make improvements to the Platform, including to develop and improve our technology, such as our machine learning models and algorithms. We also use this information to better understand and promote the Platform, popular topics, and emerging trends.

    • Legitimate Interest relied upon: To improve, promote, and develop the Platform in an informed way.

    • Information used: Information You Provide, Automatically Collected Information, and Information From Other Sources.

 

  • Facilitate independent research. We share your information with independent researchers to facilitate research that meets certain criteria, including where such researchers have demonstrable experience and expertise in their area.

    • Legitimate Interest relied upon: To facilitate independent research that aims to develop society’s collective knowledge, including in the areas of misinformation and disinformation, violence, cybercrime, and social trends.

    • Information used: Information You Provide, Automatically Collected Information.

 

  • Share your information with third parties. We share your information with third parties whose platforms or services are integrated with the Platform.

    • Legitimate Interest relied upon: To provide you with a seamless experience, allow your content to be shared on other platforms, enable third parties to authenticate users, and optimise user experience.

    • Information used: Information You Provide, Automatically Collected Information, and Information From Other Sources.

 

  • Marketing communications. We may send you direct marketing messages about features of the Platform and third-party services that we think will interest you. We may also send you promotions, contests, or marketing campaigns or event information. We will obtain your consent to send you messages where required by law.

    • Legitimate Interest relied upon: To promote the Platform or third party products and services.

    • Information used: Information You Provide, Automatically Collected Information, and Information From Other Sources.


Your Rights: Whenever we use your information on the basis that it is necessary for legitimate interests, you can object to, and request restriction of, such usage.

6.4. Your Consent

We ask for your consent to access or use your information for specific purposes. If we do, you’ll always be able to revoke your consent through your device permissions, in-app settings or by contacting us at gdpr@moseyfoodfinder.com.

Your rights: Whenever we use your information based on your consent, you can withdraw your consent at any time. However, your withdrawal of consent will not affect the lawfulness of processing your information based on your consent prior to your withdrawal of consent. You also have the right to port information you have provided to us that we use based on your consent.

6.5 Age Requirements

Minimum Age Requirements

The Platform is restricted to users who are 18 years of age or older in all jurisdictions where we operate.

Legal Basis: Compliance with our Terms of Service and to ensure appropriate use of our adult-oriented food and beverage marketplace.

Age Verification: We may request age verification information during account creation or at any time to confirm eligibility to use the Platform.

7. Enhanced Consent Mechanisms

7.1 How We Obtain Your Consent

When we require your consent, we will:

Marketing Communications before a purchase:

  • Present a clear, separate opt-in checkbox for marketing communications

  • Use plain language: "I agree to receive marketing emails about Mosey features and promotions"

  • Never use pre-ticked boxes or inactivity as consent

  • Provide immediate access to unsubscribe options
     

Marketing Communications after a purchase:

  • Use a soft opt-in option to send you marketing communications about similar purchases that may be of interest to you

  • Give clear opt-out options and immediate access to unsubscribe from these communications

  • Allow you to opt-out of this consent in settings on Mosey


Location Services:

  • Request device-level permissions through your operating system

  • Explain in-app what location data will be used for

  • Allow you to change permissions at any time in device settings


7.2 Withdrawing Consent

You can withdraw your consent at any time by:
 

  • Marketing: Clicking unsubscribe in any email or updating preferences in your account settings

  • Advertising: Visiting Settings > Privacy > Advertising Preferences in the app

  • Location: Disabling location permissions in your Settings. Also in device settings

  • General: Emailing gdpr@moseyfoodfinder.com
     

Important: Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.

7.3. Compliance with a Legal Obligation

We may use your information including your Profile Information or User Content where it is necessary to comply with a legal obligation. This includes situations where we have obligations to take measures to ensure the safety of our users, or comply with a valid legal request such as an order or disclosure request from regulators, law enforcement agencies or courts. We generally use Information You Provide and Automatically Collected Information, although it depends on the specific situation.

7.4. To Perform a Task in the Public Interest

We may use your information where it is necessary to perform a task in the public interest, including undertaking research, preventing and detecting crime, safeguarding children and promoting public safety, security, and integrity as laid down by applicable law. We generally use Information You Provide and Automatically Collected Information, although it depends on the specific situation.
Your rights: When we use your information on the basis that it is necessary for a task carried out in the public interest, you have the right to object to, and seek restriction of, our usage.

7.5. To Protect Someone's Vital Interests

We may use your information where it is necessary to protect your or someone else's life, physical integrity, or safety. This could include providing law enforcement agencies or emergency services with information in urgent situations to protect health or life. We generally provide Information You Provide and Automatically Collected Information, although it depends on the specific situation.

7.6 Jurisdiction Specific Rights

United States (California) - CCPA Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: You can request information about the personal information we collect, use, disclose, and sell about you.

Right to Delete: You can request deletion of personal information we have collected about you.

Right to Opt-Out: You can opt-out of the sale of your personal information. Note: Our anonymised market reports do not constitute "sale" under CCPA as data cannot identify individuals.

Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

Authorised Agent: You may designate an authorised agent to make requests on your behalf.

Exercise Rights: Email us at gdpr@moseyfoodfinder.com or use our online form.

Australia - Privacy Act Rights

Australian users have rights under the Privacy Act 1988:

Access and Correction: You can request access to your personal information and request corrections to inaccurate information.

Complaints: You can lodge complaints with the Office of the Australian Information Commissioner (OAIC).

Notifiable Data Breaches: We will notify you and the OAIC of eligible data breaches as required by law.

Direct Marketing: You can opt-out of direct marketing communications at any time.

United Kingdom - UK GDPR Rights

UK residents have the same rights as outlined in Section 8, enforced under UK GDPR:

Supervisory Authority: You can lodge complaints with the Information Commissioner's Office (ICO).

  • Website: ico.org.uk

  • Phone: 0303 123 1113

  • Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

 
8. YOUR DATA PROTECTION RIGHTS AND CHOICES

You have rights and choices when it comes to your information. Some of these rights apply generally, while others will only apply in certain circumstances. Depending on the scenario, these rights may be subject to some limitations. Mosey will be responsible for responding to your request within the relevant periods provided by law.

  • Access your information. You can ask us, free of charge, to confirm what information we process about you, to provide certain information about the processing, and for a copy of your information.

  • Delete your information. You can delete or ask us to delete some or all of your information. In-app controls enable you to:

    • delete the content posted on your profile, such as your User Content and your Profile Information.

    • delete your full account.

  • Rectify your information. You can change or ask us to change or correct your information where that information is not accurate. You can change or correct much of your information through the in-app controls and settings (such as your Profile Information).

  • Port your information. You have the right to data portability in circumstances where we rely on contractual necessity or consent as our legal basis. This means that you have the right to receive your information in a structured, commonly used, and machine-readable format and to share it with a third party.

  • Object to the processing of your information. You also have the right to object to the processing of your information in certain circumstances where you have a legal basis to do so. In submitting an objection request, please provide all relevant information, including the processing activity you are objecting to, why you want to object and how the processing activity affects you, and any additional information that you think will help us review your request. We will stop the particular processing if we don't have compelling legitimate grounds to continue that processing or don’t need it for legal claims.

  • Restrict the processing of your information. You have the right to request the restriction of the processing of your information where (a) you are challenging the accuracy of the information, (b) the information has been unlawfully processed, but you are opposing the deletion of that information, (c) where you need the information to be retained for the pursuit or defence of a legal claim, or (d) you have objected to processing and you are awaiting the outcome of that objection request.
     

Market Research Opt-Out

While our market intelligence reports contain no identifying information about you, you can opt-out of having your anonymised usage patterns included in commercial reports by:

  • Visiting Settings > Privacy > Analytics Preferences in the app

  • Emailing gdpr@moseyfoodfinder.com

  • Using our online opt-out form
     

Important: This opt-out applies to future data collection for reports. Previously collected anonymised data cannot be removed from existing reports as it cannot be identified as relating to you.

To exercise any of these rights, please contact us at gdpr@moseyfoodfinder.com. Before we can respond to a request to exercise one or more of the rights listed above, you may be required to verify your identity or your account details or provide additional information so that we can understand your request.

In certain circumstances, and in accordance with applicable law, we may charge a reasonable fee or refuse to act on a request if it is manifestly unfounded or excessive.

We encourage you to “Contact us” if you are not satisfied with how we have responded to any of your rights requests. You also have the right to lodge a complaint with the Irish Data Protection Commission (Mosey’s lead supervisory authority).

In addition to these rights, you can control privacy settings for your account.

9. Enhanced Rights Exercise Process

9.1 How to Exercise Your Rights

Online Portal (preferred method):

  1. Log into your Mosey account

  2. Visit Settings > Contact Us > GDPR

  3. Tell us the right you wish to exercise

  4. Submit your request
     

Email Requests:

  • Send requests to: gdpr@moseyfoodfinder.com

  • Include: Full name, account email, specific right being exercised, and verification information

  • We will respond within 30 days (may extend to 60 days for complex requests)


Postal Requests: Mosey Limited - Data Protection Officer, 77 Camden Street Lower, Dublin 2, D02 XE80, Ireland

9.2 Identity Verification Process

To protect your privacy, we may request:

  • Account password verification

  • Government-issued ID (for deletion requests)

  • Answers to account security questions

  • Recent account activity confirmation


9.3 Response Timeframes
 

  • Standard Requests: 30 days from receipt

  • Complex Requests: Up to 60 days (we will notify you of any extension)

  • Urgent Safety Requests: Within 72 hours where possible


9.4 Free Exercise of Rights

  • No Fees: Exercising your data protection rights is free of charge

  • Manifestly Unfounded Requests: We may charge a reasonable fee for clearly excessive or repetitive requests

  • Fee Explanation: We will always explain any fees before processing paid requests


9.5. Data Processed by Businesses

When Businesses process your data through our Platform (such as for delivery, notifications, or CRM), you have rights in relation to that data:

  1. Direct Contact: For data processed by Businesses (delivery information, marketing preferences, reservation details), contact the Business directly to exercise your rights.

  2. Business Responsibility: The Business, not Mosey, is responsible for responding to your data rights requests for data they control.

  3. Mosey Assistance: If you cannot reach a Business or they fail to respond within reasonable timeframes, contact us at gdpr@moseyfoodfinder.com and we will attempt to facilitate resolution.

  4. Technical Deletion: If you delete your Mosey account, we will notify relevant Businesses, but they may retain data according to their own retention policies and legal obligations.


10. Automated Decision-Making and Profiling

10.1 Automated Decisions We Make

We use automated systems for:

Content Moderation:

  • Automated detection of prohibited content (spam, harassment, inappropriate material) that violates its Content Guidelines and may be violent, graphic, political, nude, discriminatory, or hateful (for a full list of prohibited content, please view our content guidelines). The automated system will remove the post or content from the public view to be assessed by our Content Moderators. For a full explanation of our content moderation systems, please visit our content guidelines.

  • Account restrictions or content removal based on algorithm assessment

  • Human Review Available: You can request human review of any automated content decision


Personalised Content:

  • Algorithm-based recommendations for restaurants and content

  • Customized "Discover" feed based on your activity and preferences

  • Opt-Out Available: You can disable personalized recommendations in Settings > Content Preferences


Fraud Detection:

  • Automated assessment of payment and booking transactions for fraud risk

  • Account security monitoring for suspicious activity

  • Human Review: All fraud blocks are reviewed by human analysts within 24 hours


10.2 Your Rights Regarding Automated Decisions

You have the right to:

  • Not be subject to decisions based solely on automated processing that significantly affect you, such as post removal, account suspension or account termination

  • Request human intervention in any automated decision

  • Express your point of view regarding automated decisions

  • Contest automated decisions that affect you


Exercise These Rights: Contact gdpr@moseyfoodfinder.com or use the automated decision review form in your account settings.
 
 
11. DATA SECURITY AND RETENTION

Security of your information is important to us. We maintain appropriate technical, administrative, and physical security measures that are designed to protect your information from unauthorised access, theft, disclosure, modification, or loss. We regularly review our security measures to consider available new technology and methods but no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to protect your Personal Data, we cannot guarantee its absolute security.

We retain information for as long as necessary to provide the Platform and for the other purposes set out in this Privacy Policy. We also retain information when necessary to comply with contractual and legal obligations, when we have a legitimate business interest to do so (such as improving and developing the Platform, and enhancing its safety, security and stability), and for the exercise or defence of legal claims.

The retention periods will be different depending on the type of information and the purposes for which we use the information. For example, when we process your information to provide you with the Platform, we keep this information for as long as you have an account. This information includes your Profile Information, User Content, and Direct Messages. If you violate our Guidelines or Terms, we may remove your Profile Information and/or User Content from public view immediately but keep your information as is necessary to process the violation.

11.1 Retention Schedule

Deletion Process


11.2 Deletion Process

  • Automatic Deletion: Most data is automatically deleted according to the schedule above

  • Manual Review: Some data may require manual review for safety or legal reasons

  • Confirmation: We will confirm completion of deletion requests within 30 days


12. Enhanced Security Measures

12.1 Technical Safeguards

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)

  • Access Controls: Role-based access with multi-factor authentication for all staff

  • Network Security: Firewalls, intrusion detection, and regular security monitoring

  • Secure Development: Regular security testing and code reviews


12.2 Organizational Measures

  • Staff Training: Regular data protection training for all employees

  • Background Checks: Security screening for staff with data access

  • Incident Response: 24/7 security monitoring and incident response procedures


12.3 Data Breach Procedures

In the event of a data breach:

  • Internal Notification: Immediate notification to our team

  • Regulatory Notification: Irish Data Protection Commission notified within 72 hours if required

  • User Notification: Direct notification to affected users within 72 hours where high risk exists

  • Remediation: Immediate steps to contain and remedy any breach

 
13. International Data Transfers

13.1 Transfer Mechanisms

We transfer your Personal Data outside the European Economic Area (EEA) using the following safeguards:

Standard Contractual Clauses (SCCs):

  • We use the European Commission's Standard Contractual Clauses (2021/914/EU) with all non-EEA service providers

  • These clauses provide legally binding privacy protections equivalent to those in the EU


Adequacy Decisions:

  • We may transfer data to these countries deemed adequate by the European Commission, including:

    • United Kingdom (until adequacy decision expires)

    • Canada (commercial organizations)

    • New Zealand


13.2 Current Transfer Destinations

Your data may be transferred to service providers in:
 

  • United States: Cloud hosting (AWS, Google Cloud) - protected by SCCs

  • United Kingdom: Customer support services - covered by adequacy decision

  • Canada: Payment processing - covered by adequacy decision and SCCs
     

For more information about this and the safeguards in place relating to the transfer, please contact us by email at gdpr@moseyfoodfinder.com.

14. Irish Data Protection Commission Information

14.1 Lead Supervisory Authority

The Irish Data Protection Commission is our lead supervisory authority under GDPR.

Contact the DPC:


14.2 Right to Lodge Complaints

You have the right to lodge a complaint with the Irish Data Protection Commission if you believe:

  • We have violated your data protection rights

  • We have not responded adequately to your data protection requests

  • You are not satisfied with our data processing practices
     

Before Complaining: We encourage you to contact us first at gdpr@moseyfoodfinder.com so we can try to resolve your concerns directly.

14.3 Your Local Data Protection Authority

You have the right to lodge complaints with your local data protection authority.

Ireland (Our Lead Supervisory Authority):


For Other Jurisdictions:

  • European Union: Find your local authority at edpb.europa.eu/about-edpb/about-edpb/members_en

  • United Kingdom: Information Commissioner's Office (ICO) - ico.org.uk

  • United States: Contact your state's Attorney General or visit privacyrights.org for guidance

  • Australia: Office of the Australian Information Commissioner (OAIC) - oaic.gov.au

  • Other Countries: Search online for "[your country] data protection authority" or "privacy commissioner"


Before Filing a Complaint: We encourage you to contact us first at gdpr@moseyfoodfinder.com so we can try to resolve your concerns directly.
 
15. Age Requirements

You must be at least 18 years old to use the Platform in all jurisdictions where we operate.

Age Verification: We may request age verification information during account creation or at any time to confirm eligibility.

Enforcement: If we discover that a user is under 18 years of age, we will immediately terminate their account and delete their personal information.

If you believe that a user is under 18 years of age, please contact us immediately at gdpr@moseyfoodfinder.com.
 
16. PRIVACY POLICY UPDATES

We may amend or update this Privacy Policy from time to time. We will notify you of any material changes to this policy by a notice provided through the Platform or by other means such as email. The "Effective Date" at the top of this policy reflects the effective date of such policy changes.

Notification Methods

We will notify you of material changes to this Privacy Policy through:

  • In-app notifications (primary method)

  • Email notifications (to your registered email address)

  • Website banner (for 30 days following changes)

  • App store update notes (for significant changes)


Jurisdiction-Specific Requirements:

  • EU/UK: Material changes require renewed consent where applicable

  • California: CCPA changes require 30-day advance notice

  • Australia: Privacy Act changes require reasonable notice


Your Options:

  • Continue using: Acceptance of updated policy

  • Opt-out: Disable affected features or delete account

  • Contact us: Questions about changes at gdpr@moseyfoodfinder.com

 
17. CONTACT US

You can contact us or our Data Protection Officer about this Privacy Policy through the “Contact Us” section on our app or by email at gdpr@moseyfoodfinder.com. You can also contact us at the following postal address:

Mosey Limited 77 Camden Street Lower, Dublin 2, D02 XE80, Ireland

bottom of page