Privacy Policy
Effective Date: January 1, 2025
Last Updated: January 1, 2025
Applicability of This Privacy Policy
This Privacy Policy applies to the processing of personal data by Moccet LLC ("Moccet," "we," "us," or "our"), a Delaware limited liability company, in connection with our AI-powered software development platform, our websites including moccet.com and any subdomains, our mobile and desktop applications, our APIs and developer tools, communications between you and Moccet, and any other services we provide (collectively, the "Services").
This Privacy Policy does not apply to third-party websites, services, or applications that you may access through our Services, personal data that our customers process when using our Services for their own purposes, or employee data, which is governed by separate internal policies. We encourage you to review the privacy policies of any third-party services you interact with.
Important: By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services.
Information We Collect
Information You Provide Directly
We collect information that you voluntarily provide when using our Services. When you create an account, we collect your full name, email address, username, password, and optionally your company name, role, phone number, profile picture, and biographical information. This helps us personalize your experience and facilitate connections within our platform.
For payment processing, we collect payment card details (which are securely processed by our payment provider Stripe), billing addresses, tax identification numbers where required, and maintain records of your purchase history and invoices. This information is necessary to process transactions and comply with tax and accounting requirements.
When you use our platform for projects, we collect project briefs, technical specifications, code repository access tokens, information about your skills and experience, portfolio materials, and details about your availability and rates. This information enables our AI to generate accurate project briefs and match businesses with appropriate talent.
We also collect any information you provide when communicating through our platform, including messages between users, support tickets, feedback, testimonials, and survey responses. These communications help us provide support, improve our Services, and facilitate collaboration between users.
Information We Collect Automatically
When you access or use our Services, we automatically collect certain information about your device and how you interact with our platform. This includes technical information such as your IP address and approximate geographic location, browser type and version, operating system, device type and identifiers, screen resolution, and language settings. This technical data helps us ensure our Services work properly across different devices and configurations.
We also collect detailed usage and analytics data to understand how our Services are being used and where we can make improvements. This includes information about which pages and features you access, how much time you spend on different parts of our platform, your click patterns and navigation paths, search queries and filters you use, and any error logs or performance data. This behavioral data is essential for optimizing user experience and identifying technical issues.
Our Services use cookies and similar tracking technologies to enhance your experience. We employ session cookies to keep you authenticated, preference cookies to remember your settings, analytics cookies to understand usage patterns and improve our Services, and marketing cookies (only with your explicit consent) to measure the effectiveness of our outreach efforts. You can control these through your browser settings, though some features may not function properly without certain cookies.
Information from Third Parties
In addition to information you provide directly and data we collect automatically, we may receive information about you from various third-party sources. When you choose to sign in using identity providers like Google or GitHub through OAuth, we receive basic profile information they share with us according to your privacy settings on those platforms.
Our payment processor Stripe provides us with transaction confirmations and fraud prevention data to help secure our platform. We may also receive referral information from our business partners and affiliates when they recommend our Services to you. Additionally, we may collect publicly available information from professional networks and websites to help verify identities and qualifications. Other users of our platform may also provide information about you when they invite you to collaborate on projects or mention you in their communications.
How We Use Your Information
We use the information we collect for various purposes essential to providing and improving our Services. Primarily, we use your information to create and manage your account, facilitate our AI-powered project brief generation, match businesses with qualified talent, process payments and manage billing, provide customer support, and send necessary transactional communications about your account or projects.
To continuously improve our platform, we analyze usage patterns to enhance user experience, develop and train our AI models using anonymized data, test new features and functionalities, conduct research and analytics, and personalize your experience based on your preferences and behavior. This helps us ensure our Services remain cutting-edge and valuable to our users.
Security and legal compliance are paramount to our operations. We use your information to detect, investigate, and prevent fraudulent or illegal activities, enforce our Terms of Service and other policies, comply with legal obligations and respond to valid legal requests, protect the rights, property, and safety of Moccet and our users, and maintain the overall security and integrity of our Services.
With your consent, we may also use your information for marketing purposes, including sending promotional communications about our Services, informing you about new features and updates, providing tailored content and recommendations based on your interests, and measuring the effectiveness of our marketing campaigns to better serve our user community.
Note: You can opt out of promotional communications at any time through your account settings or by clicking the unsubscribe link in our emails.
Legal Basis for Processing (EEA, UK, and Switzerland)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data only when we have a valid legal basis. Most commonly, we process your data when necessary to perform our contract with you, such as providing our Services and fulfilling our obligations as outlined in our Terms of Service.
We also process data based on our legitimate business interests, which include improving and personalizing our Services, conducting analytics and research to understand user needs, preventing fraud and ensuring platform security, and marketing our Services where consent is not specifically required by law. We carefully balance these interests against your rights and freedoms to ensure they do not override your interests.
In certain situations, we rely on your explicit consent as our legal basis, particularly for sending marketing communications, placing non-essential cookies on your device, or processing any sensitive personal data. Additionally, we may process your data when necessary to comply with legal obligations, such as tax laws or court orders, or in rare cases to protect vital interests, such as when someone's life is at risk.
How We Share Your Information
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
Service Providers and Partners
We share information with carefully selected service providers who help us operate our business:
- Infrastructure Providers:
- Cloud hosting (AWS, Google Cloud Platform)
- Content delivery networks
- Database management services
- Payment Processing:
- Stripe for payment processing
- Tax calculation services
- Fraud prevention services
- Communication Services:
- Email delivery (SendGrid)
- SMS notifications (Twilio)
- Customer support tools
- Analytics and Monitoring:
- Google Analytics (anonymized)
- Error tracking and monitoring
- Performance monitoring tools
Within the Moccet Platform
- Between Users: Information necessary for collaboration (e.g., names, project details) is shared between businesses and talent working together
- Public Profiles: Information you choose to make public on your profile is visible to other users
- Testimonials: With your consent, we may display testimonials that include your name and company
Legal and Safety Reasons
We may disclose your information when required:
- To comply with legal obligations, subpoenas, or court orders
- To respond to lawful requests by public authorities
- To protect the rights, property, or safety of Moccet, our users, or others
- To investigate potential violations of our Terms of Service
- To detect, prevent, or address fraud, security, or technical issues
Business Transfers
If Moccet is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Services of any change in ownership and your choices regarding your information.
With Your Consent
We may share your information for other purposes when you give us explicit consent to do so.
How We Protect Your Information
We take the security of your personal information seriously and implement industry-standard safeguards to protect it.
Technical Safeguards
We implement comprehensive technical safeguards to protect your data. All data is encrypted in transit using TLS 1.3 protocols and at rest using AES-256 encryption standards. Access to our systems is strictly controlled through role-based permissions and multi-factor authentication requirements. Our infrastructure is hosted on secure cloud platforms that receive regular security updates and patches. We continuously monitor our systems for suspicious activities and potential threats, and conduct regular penetration testing and vulnerability assessments to identify and address any security gaps before they can be exploited.
Organizational Measures
Beyond technical measures, we maintain strict organizational protocols to protect your information. All employees with access to personal data undergo thorough background checks and receive regular security training to stay current with best practices. Every team member signs strict confidentiality agreements, and access to personal data is limited on a need-to-know basis. We have established comprehensive incident response procedures to ensure swift and appropriate action in the unlikely event of a security incident.
Your Security Responsibilities
Security is a shared responsibility, and you play a vital role in keeping your information safe. We strongly recommend using a strong, unique password for your Moccet account and enabling two-factor authentication for an extra layer of security. Please keep your login credentials confidential and never share them with others. Always log out of your account when using shared or public devices, and immediately report any suspicious activity or unauthorized access to our security team. These simple steps significantly enhance the security of your account and personal information.
Important: While we implement robust security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but commit to notifying you promptly of any breaches affecting your personal data.
How Long We Keep Your Information
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.
Retention Periods
| Data Type | Retention Period |
|---|---|
| Account Information | Duration of account + 30 days |
| Project Data | 3 years after project completion |
| Payment Records | 7 years (legal requirement) |
| Communications | 2 years |
| Marketing Preferences | Until consent withdrawn |
| Usage Analytics | 26 months |
Deletion Process
When retention periods expire or you request deletion:
- We securely delete personal information from active systems
- Backups are purged according to our backup rotation schedule (typically within 90 days)
- We may retain anonymized or aggregated data for analytics
- Some information may be retained to comply with legal obligations or resolve disputes
Note: You can request deletion of your personal data at any time (subject to legal requirements). See "Your Privacy Rights" section below.
Your Privacy Rights
You have certain rights regarding your personal information, regardless of where you are located. Additional rights may apply based on your jurisdiction.
Universal Rights
Regardless of where you are located, we believe you should have control over your personal information. You have the right to access and receive a copy of all personal information we hold about you. If any of your information is inaccurate or incomplete, you can request that we correct it. You may also request that we delete your personal information, though certain exceptions may apply, such as when we need to retain data for legal obligations or to establish or defend legal claims.
You have the right to data portability, meaning you can receive your personal information in a structured, commonly used format that you can transfer to another service provider. Where we process your data based on your consent, you can withdraw that consent at any time, though this won't affect the lawfulness of processing that occurred before withdrawal. Additionally, you have the right to object to certain processing of your personal information, particularly when we process data based on legitimate interests or for direct marketing purposes.
How to Exercise Your Rights
To exercise any of these rights:
- Contact us via email at privacy@moccet.com
- Provide sufficient information to verify your identity
- Clearly describe which right(s) you wish to exercise
- We will respond within 30 days (or as required by applicable law)
Verification Process
To protect your privacy and security, we may need to verify your identity before processing your request. We may ask for:
- Information to match against our records
- A signed declaration under penalty of perjury
- Power of attorney (if making a request on behalf of another person)
Important: We will never ask for your password or payment information to verify your identity for a privacy rights request.
Jurisdiction-Specific Privacy Rights
European Economic Area (EEA), United Kingdom, and Switzerland
Under the General Data Protection Regulation (GDPR) and similar laws, residents of these regions enjoy enhanced privacy protections. You have the right to request that we restrict processing of your personal data in certain circumstances, such as when you contest its accuracy or when processing is unlawful. You can object to any automated decision-making that produces legal or similarly significant effects on you. You also have the right to lodge a complaint with your local supervisory authority if you believe we haven't adequately addressed your privacy concerns.
We're required to inform you about the legal basis for processing your data, which we've outlined in the Legal Basis section above. If you wish to contact your local data protection authority, you can find a complete list at https://edpb.europa.eu. We're committed to cooperating with these authorities and resolving any privacy concerns through appropriate channels.
California Residents (CCPA/CPRA)
California residents enjoy comprehensive privacy rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). You have the right to know what personal information we collect, use, share, or sell, and can request specific details about our data practices over the past 12 months. You can request deletion of your personal information, subject to certain legal exceptions. While we do not sell your personal data, you have the right to opt out of any sale or sharing should our practices change. You can also limit our use of sensitive personal information, correct any inaccurate information we hold about you, and exercise these rights without facing discrimination or retaliation.
The categories of personal information we collect are detailed in the "Information We Collect" section above. We want to emphasize that Moccet does not sell or share your personal information for cross-context behavioral advertising purposes, and we have not done so in the past 12 months.
Notice: Moccet does not sell or share your personal information for cross-context behavioral advertising.
Other U.S. State Privacy Rights
Residents of Colorado, Connecticut, Utah, and Virginia have similar rights under their respective privacy laws, including:
- Right to access and portability
- Right to correction and deletion
- Right to opt-out of targeted advertising (we don't engage in this)
- Right to opt-out of profiling
Canada Residents
Under PIPEDA and provincial privacy laws, Canadian residents have rights to access, correct, and delete their personal information, and to withdraw consent for processing.
Australia Residents
Under the Australian Privacy Act, you have rights to access and correct your personal information, and to complain to the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the Australian Privacy Principles.
AI and Automated Processing
As an AI-powered platform, we use artificial intelligence and automated processing to enhance our Services.
How We Use AI
Artificial intelligence is at the core of our platform, enhancing every aspect of the development process. Our AI analyzes your project requirements to generate comprehensive project briefs that capture all technical specifications and business needs. Sophisticated algorithms match projects with qualified developers by analyzing skills, experience, and past performance to ensure the best fit. We use machine learning to predict project costs based on historical data and complexity factors, providing accurate estimates that help with budgeting and planning.
Our AI also powers quality assurance features, providing automated code review suggestions and testing recommendations to maintain high standards. Throughout your projects, AI-powered communication tools help clarify requirements and suggest improvements to ensure everyone stays aligned. These AI capabilities work together to deliver faster, more efficient, and higher-quality software development outcomes.
Your Rights Regarding AI Processing
We believe in transparent and fair AI systems. When our AI processing significantly affects you, such as in talent matching or cost estimation, you have the right to request human review of these decisions. You can opt out of certain AI-driven features through your account settings if you prefer human-only interactions. We're committed to explainable AI, so you can request information about the logic behind significant automated decisions that affect you. If you disagree with a decision made solely through automated processing, you have the right to contest it and request human intervention.
AI Training and Your Data
We may use aggregated and anonymized data to improve our AI models. Your personal information is never used directly for training without explicit consent. You can opt-out of contributing to model improvements in your privacy settings.
Transparency Commitment: We believe in explainable AI. If you have questions about how our AI makes decisions affecting you, please contact us at ai-ethics@moccet.com.
Children's Privacy
Moccet's Services are not directed to individuals under the age of 16 ("Children"). We do not knowingly collect personal information from Children.
Age Verification
By using our Services, you represent that you are at least 16 years old. If you are under 18, you must have your parent or guardian's permission to use our Services.
If We Discover Children's Information
If we learn that we have collected personal information from a Child:
- We will delete that information as quickly as possible
- We will terminate any accounts associated with the Child
- We will notify the parent or guardian if contact information is available
Parents/Guardians: If you believe your child has provided us with personal information, please contact us immediately at privacy@moccet.com.
International Data Transfers
Moccet operates globally. Your personal information may be transferred to, stored, and processed in countries other than the one in which you reside.
Data Processing Locations
Your data may be processed in various locations around the world to ensure optimal service delivery. Our primary servers are located in the United States, specifically in AWS US-East-1 and US-West-2 regions, where most data processing occurs. We maintain backup systems in the European Union through AWS eu-central-1 to ensure data resilience and faster access for European users. Our content delivery network spans globally with edge locations worldwide to provide fast, reliable access regardless of your location. Support operations are primarily based in the United States, though authorized support staff may access data from other locations when necessary to provide round-the-clock assistance.
Transfer Safeguards
When transferring data internationally, we implement robust safeguards to ensure your information remains protected regardless of where it's processed. For transfers from the EEA or UK to the United States, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by additional technical and organizational measures to enhance protection. We maintain comprehensive Data Processing Agreements with all our sub-processors to ensure they meet our strict privacy standards.
For other international transfers, we ensure appropriate contractual protections are in place, maintain compliance with local data protection laws in each jurisdiction where we operate, and apply consistent encryption and security measures regardless of data location. If you are in the EEA, UK, or Switzerland, you have the right to request information about the specific safeguards we use for international transfers, lodge a complaint with your local data protection authority if you have concerns, and withdraw consent for transfers where we rely on consent as our legal basis.
Privacy Shield Note: While we previously relied on Privacy Shield, we now use Standard Contractual Clauses and other appropriate safeguards for EU-US data transfers following the Schrems II decision.
Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or for other operational reasons.
How We Notify You
When we make changes:
- Material Changes: We'll notify you via email and/or prominent notice on our Services at least 30 days before the changes take effect
- Minor Changes: We'll update the "Last Updated" date at the top of this policy
- Legal Requirements: We may need to implement changes immediately to comply with law
Your Choices After Changes
By continuing to use our Services after changes become effective, you agree to the revised Privacy Policy. If you disagree with the changes, you may close your account by contacting us.
Previous Versions
We maintain an archive of previous versions of this Privacy Policy. To request a previous version, contact privacy@moccet.com.
Contact Us
We're committed to protecting your privacy and welcome your questions, comments, and concerns.
Privacy Inquiries
Email: privacy@moccet.com
Response Time: Within 48 hours for general inquiries
Privacy Rights Requests: Processed within 30 days
Data Protection Officer
For GDPR-related inquiries or to contact our Data Protection Officer:
Email: dpo@moccet.com
Mail: Data Protection Officer
Moccet LLC
548 Market Street, Suite 35410
San Francisco, CA 94104
United States