moccet is an AI-powered platform that matches AI agents with human experts to deliver software projects faster and more efficiently.

How does moccet use AI?

moccet leverages AI agents for project automation, expert matching, and development optimization, resulting in faster delivery and cost savings.

moccet is designed for startups, tech companies, and software development teams seeking to accelerate their projects with AI and expert collaboration.

Privacy Policy

moccet Inc. Data Privacy & Protection Policy

Last updated: June 30, 2025 | Version 3.0

Binding Agreement & Acceptance
Definitions & Interpretation
Information Collection Practices
Data Usage & Processing Activities
Legal Basis for Processing
Data Sharing & Third-Party Disclosure
International Data Transfers
Data Security & Protection Measures
Data Retention & Deletion Policies
User Rights & Control Mechanisms
Cookie Policy & Tracking Technologies
Artificial Intelligence & Automated Processing
Marketing & Communications
Children's Privacy Protection
California Privacy Rights
European Privacy Rights
Third-Party Services & Integrations
Data Breach Procedures
Liability Limitations & Disclaimers
Dispute Resolution & Arbitration
Policy Updates & Modifications
Severability & Entire Agreement

1. Binding Agreement & Acceptance

THIS PRIVACY POLICY ("POLICY") CONSTITUTES A LEGALLY BINDING AGREEMENT BETWEEN YOU AND MOCCET INC., A DELAWARE CORPORATION ("MOCCET," "WE," "US," OR "OUR").

By accessing, browsing, or using our platform, services, or any associated applications (collectively, the "Services"), you acknowledge that you have read, understood, and agree to be bound by this Policy and our Terms of Service. If you do not agree to this Policy, you must immediately cease all use of our Services.

This Policy is governed by the laws of Delaware, United States, without regard to conflict of law principles. Any disputes arising under this Policy shall be resolved in accordance with the dispute resolution procedures outlined in Section 20.

2. Definitions & Interpretation

For the purposes of this Policy, the following definitions apply:

"Personal Data" means any information relating to an identified or identifiable natural person
"Processing" means any operation performed on Personal Data, including collection, storage, use, disclosure, or deletion
"Data Controller" means moccet Inc., which determines the purposes and means of Processing Personal Data
"Data Processor" means any third party that Processes Personal Data on behalf of moccet
"User" means any individual who accesses or uses our Services
"Services" means all products, services, platforms, and applications provided by moccet
"Third Party" means any entity other than moccet or the User
"Sensitive Personal Data" means Personal Data revealing racial or ethnic origin, political opinions, religious beliefs, genetic data, biometric data, health data, or data concerning sex life or sexual orientation

3. Information Collection Practices

3.1 Information You Provide Directly

Account Information: Full name, email address, username, password, profile picture, business name, tax identification numbers
Payment Information: Credit/debit card details, billing address, transaction history, bank account information, PayPal or other payment processor details
Project Information: Project briefs, specifications, deliverables, communications, files, feedback, ratings, and reviews
Identity Verification: Government-issued ID, proof of address, business registration documents, tax forms
Communication Data: Messages, emails, support tickets, phone call recordings (with consent), video conference recordings
Professional Information: Resume, portfolio, skills, certifications, education history, work samples

3.2 Information Collected Automatically

Device Information: IP address, device type, operating system, browser type and version, device identifiers, mobile network information
Usage Data: Pages viewed, features used, click patterns, scroll depth, time spent, search queries, referral sources
Location Data: Approximate location based on IP address, GPS data (with permission), timezone
Cookie Data: Session cookies, persistent cookies, flash cookies, web beacons, pixel tags, and similar technologies
Log Data: Access logs, error logs, performance data, crash reports, diagnostic information
Behavioral Data: User preferences, interaction patterns, feature usage frequency, workflow patterns

3.3 Information from Third Parties

Social Media: Information from connected social accounts (Google, LinkedIn, GitHub)
Payment Processors: Transaction confirmations, fraud scores, payment verification data
Analytics Providers: Demographic data, interest categories, behavioral insights
Business Partners: Referral information, collaboration data, integration data
Public Sources: Publicly available information from websites, databases, or registries
Background Check Providers: Criminal history, credit reports (where permitted by law)

4. Data Usage & Processing Activities

4.1 Primary Purposes

We Process your Personal Data for the following primary purposes:

Providing, operating, and maintaining our Services
Creating and managing User accounts
Processing payments and financial transactions
Facilitating communication between Users
Matching clients with appropriate talent
Generating AI-powered project briefs and recommendations
Providing customer support and responding to inquiries
Ensuring platform security and preventing fraud

4.2 Secondary Purposes

Analyzing usage patterns to improve Services
Developing new features and functionalities
Conducting research and analytics
Personalizing User experience and content
Sending administrative and transactional communications
Marketing our Services (with consent where required)
Complying with legal obligations and responding to legal requests
Protecting our legal rights and interests
Training AI models (using anonymized/aggregated data only)

5. Legal Basis for Processing

We Process your Personal Data only when we have a valid legal basis:

Our Legal Bases Include:

Contract Performance: Processing necessary to perform our contract with you
Legitimate Interests: Processing necessary for our legitimate business interests that do not override your rights
Consent: Where you have given clear, informed consent
Legal Obligations: Processing necessary to comply with laws
Vital Interests: Processing necessary to protect someone's life
Public Task: Processing necessary for tasks in the public interest

6. Data Sharing & Third-Party Disclosure

6.1 We DO NOT Sell Personal Data

moccet does not and will never sell, rent, or lease your Personal Data to third parties for monetary consideration.

6.2 Authorized Sharing

We may share your Personal Data in the following limited circumstances:

Service Providers: With vendors who process data on our behalf under strict contractual obligations (e.g., cloud hosting, payment processing, email delivery)
Platform Users: With other Users as necessary for Service delivery (e.g., client-talent matching)
Legal Requirements: When required by law, subpoena, court order, or government request
Business Transfers: In connection with mergers, acquisitions, or asset sales
Consent: When you explicitly consent to specific sharing
Protection: To protect rights, property, or safety of moccet, Users, or the public
Aggregated Data: Non-identifiable aggregated data for analytics or research

6.3 Third-Party Obligations

All third parties with whom we share Personal Data are contractually obligated to:

Maintain confidentiality of Personal Data
Use Personal Data only for specified purposes
Implement appropriate security measures
Delete Personal Data when no longer needed
Comply with applicable privacy laws
Notify us of any data breaches immediately

7. International Data Transfers

Your Personal Data may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your country.

7.1 Transfer Safeguards

We implement appropriate safeguards for international transfers:

Standard Contractual Clauses approved by the European Commission
Adequacy decisions recognizing equivalent protection
Binding Corporate Rules for intra-group transfers
Privacy Shield certifications (where applicable)
Explicit consent for specific transfers
Contractual obligations ensuring adequate protection

7.2 Data Localization

Primary data storage locations:

United States: Primary servers in US-East and US-West regions
European Union: Secondary servers in Ireland and Germany
Asia-Pacific: Content delivery networks in Singapore and Japan
Backup Locations: Encrypted backups in multiple geographic regions

8. Data Security & Protection Measures

8.1 Technical Safeguards

Encryption: AES-256 encryption at rest, TLS 1.3 in transit
Access Controls: Role-based access, multi-factor authentication, session management
Infrastructure: SOC 2 Type II certified data centers, redundant systems
Monitoring: 24/7 security monitoring, intrusion detection, anomaly detection
Testing: Regular penetration testing, vulnerability assessments
Backup: Automated encrypted backups, disaster recovery procedures

8.2 Organizational Safeguards

Employee background checks and confidentiality agreements
Regular privacy and security training
Limited access on need-to-know basis
Data Protection Officer oversight
Vendor security assessments
Incident response procedures

8.3 Security Limitations Disclaimer

While we implement industry-standard security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your Personal Data. You transmit Personal Data at your own risk.

9. Data Retention & Deletion Policies

9.1 Retention Periods

Account Data: Duration of account plus 30 days after deletion
Transaction Data: 7 years for tax and legal compliance
Project Data: 3 years after project completion
Communication Data: 2 years for support and dispute resolution
Marketing Data: Until consent withdrawal or 3 years of inactivity
Log Data: 90 days for security and performance analysis
Cookie Data: As specified in our Cookie Policy
Legal Hold Data: As required by legal proceedings

9.2 Deletion Procedures

Upon expiration of retention periods or valid deletion requests:

Personal Data is permanently deleted or anonymized
Backups are purged within 90 days
Third parties are instructed to delete shared data
Deletion certificates are maintained for compliance

10. User Rights & Control Mechanisms

10.1 Universal Rights

Regardless of location, all Users have the right to:

Access: Request copies of your Personal Data
Correction: Update inaccurate or incomplete data
Deletion: Request erasure of your Personal Data
Portability: Receive data in machine-readable format
Objection: Object to certain Processing activities
Restriction: Limit how we Process your data
Withdraw Consent: Revoke previously given consent
Non-Discrimination: Not face retaliation for exercising rights

10.2 Exercising Rights

To exercise your rights:

Submit request through account settings or designated forms
Provide identity verification as required
Specify the right(s) you wish to exercise
Allow up to 30 days for response (45 days for complex requests)

10.3 Limitations on Rights

We may deny or limit requests when:

Required by law to retain data
Necessary for contract performance
Needed for legal claims or defense
Rights of others would be violated
Request is manifestly unfounded or excessive

11. Cookie Policy & Tracking Technologies

11.1 Types of Cookies Used

Essential Cookies: Required for Service functionality (authentication, security, load balancing)
Functional Cookies: Remember preferences and settings
Analytics Cookies: Understand usage patterns and improve Services
Marketing Cookies: Deliver relevant advertisements (with consent)
Third-Party Cookies: Set by integrated services (payment processors, analytics)

11.2 Cookie Control

You can control cookies through:

Browser settings to block or delete cookies
Our cookie preference center
Opt-out links in marketing communications
Do Not Track browser signals (honored where legally required)

Note: Disabling essential cookies may impair Service functionality.

12. Artificial Intelligence & Automated Processing

12.1 AI-Powered Features

We use AI and machine learning for:

Generating project briefs and recommendations
Matching clients with suitable talent
Pricing optimization and estimates
Content moderation and fraud detection
Personalization and user experience enhancement
Automated customer support responses

12.2 Automated Decision-Making

When we use automated decision-making that significantly affects you:

We will inform you of the automated nature
You have the right to human review
You can contest automated decisions
We will explain the logic involved (where possible)

12.3 AI Training Data

We may use anonymized and aggregated User data to train and improve our AI models. Personal Data is never used directly for AI training without explicit consent. You may opt out of contributing to AI training datasets through your account settings.

13. Marketing & Communications

13.1 Communication Types

Transactional: Service-related messages (always sent)
Marketing: Promotional content (requires consent)
Informational: Platform updates and announcements
Research: Surveys and feedback requests (optional)

13.2 Opt-Out Rights

You may opt out of marketing communications through:

Unsubscribe links in emails
Account communication preferences
Replying "STOP" to SMS messages
Contacting support

14. Children's Privacy Protection

Our Services are not directed to individuals under the age of 16 ("Children").

We do not knowingly collect Personal Data from Children. If we discover that a Child has provided us with Personal Data, we will:

Delete such Personal Data immediately
Terminate any associated accounts
Notify the parent or guardian if contact information is available

If you believe we have inadvertently collected Personal Data from a Child, please contact us immediately.

15. California Privacy Rights (CCPA/CPRA)

15.1 Additional Rights for California Residents

Right to know categories and specific pieces of Personal Data collected
Right to know purposes for collection and use
Right to know if Personal Data is sold or disclosed (we do not sell)
Right to opt out of sale (not applicable as we don't sell)
Right to limit use of Sensitive Personal Data
Right to correct inaccurate Personal Data
Right to non-discrimination for exercising rights

15.2 Categories of Personal Data Collected

Identifiers (name, email, IP address)
Commercial information (transaction history)
Internet activity (browsing history on our Services)
Geolocation data (approximate location)
Professional information (employment history)
Education information (degrees, certifications)
Inferences (preferences, characteristics)

15.3 "Shine the Light" Rights

California residents may request information about disclosure of Personal Data to third parties for direct marketing purposes. We do not disclose Personal Data for such purposes.

16. European Privacy Rights (GDPR)

16.1 Additional Rights for EEA/UK Residents

Right to lodge complaints with supervisory authorities
Right to withdraw consent at any time
Right to object to Processing based on legitimate interests
Right to object to direct marketing
Right not to be subject to solely automated decisions
Right to data portability in structured format

16.2 Legal Basis Disclosure

For EEA/UK residents, we will inform you of the legal basis for Processing upon request. Our primary legal bases are:

Contract performance (providing Services)
Legitimate interests (improving Services, security)
Legal obligations (tax, regulatory compliance)
Consent (marketing, cookies)

16.3 Data Protection Officer

Questions about GDPR compliance may be directed to our Data Protection Officer through the account support system.

17. Third-Party Services & Integrations

17.1 Integrated Services

Our Services integrate with third-party services including:

Payment processors (Stripe, PayPal)
Cloud infrastructure (AWS, Google Cloud)
Analytics providers (Google Analytics, Mixpanel)
Communication tools (SendGrid, Twilio)
Authentication services (Google OAuth, GitHub)
AI/ML services (OpenAI, Anthropic)

17.2 Third-Party Privacy Policies

We are not responsible for the privacy practices of third-party services. We encourage you to review their privacy policies before providing Personal Data directly to them.

17.3 External Links

Our Services may contain links to external websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of third-party sites.

18. Data Breach Procedures

18.1 Breach Response

In the event of a data breach, we will:

Investigate and contain the breach immediately
Assess the risk to affected individuals
Notify affected Users within 72 hours (where required by law)
Notify relevant supervisory authorities
Document the breach and our response
Implement measures to prevent recurrence

18.2 User Responsibilities

Users must:

Maintain strong, unique passwords
Enable two-factor authentication
Report suspected security incidents immediately
Keep account information current

19. Liability Limitations & Disclaimers

19.1 Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, MOCCET SHALL NOT BE LIABLE FOR:

ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES
LOSS OF DATA, PROFITS, REVENUES, OR BUSINESS OPPORTUNITIES
DAMAGES ARISING FROM UNAUTHORIZED ACCESS TO YOUR ACCOUNT
DAMAGES ARISING FROM THIRD-PARTY ACTIONS OR CONTENT
DAMAGES EXCEEDING THE FEES PAID IN THE PRECEDING 12 MONTHS

19.2 No Warranties

WE PROVIDE SERVICES "AS IS" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.

19.3 Indemnification

You agree to indemnify and hold harmless moccet from any claims, damages, or expenses arising from:

Your violation of this Policy
Your violation of any law or third-party rights
Your use or misuse of our Services
Your User content or activities

20. Dispute Resolution & Arbitration

20.1 Mandatory Arbitration

ANY DISPUTES ARISING FROM THIS POLICY SHALL BE RESOLVED THROUGH BINDING ARBITRATION, NOT IN COURT.

Arbitration will be conducted by the American Arbitration Association
Arbitration will occur in Delaware, United States
Delaware law governs this Policy
Each party bears their own costs

20.2 Class Action Waiver

YOU WAIVE ANY RIGHT TO BRING CLAIMS ON A CLASS, CONSOLIDATED, REPRESENTATIVE, COLLECTIVE, OR PRIVATE ATTORNEY GENERAL BASIS.

20.3 Time Limitation

Any claim arising from this Policy must be brought within ONE (1) YEAR after the cause of action arises.

21. Policy Updates & Modifications

21.1 Right to Modify

moccet reserves the right to modify this Policy at any time. Changes become effective upon posting unless otherwise stated.

21.2 Notification of Changes

For material changes, we will:

Notify you via email or platform notification
Provide at least 30 days' notice before changes take effect
Obtain consent where legally required

21.3 Continued Use

Continued use of Services after Policy changes constitutes acceptance of the modified Policy.

22. Severability & Entire Agreement

22.1 Severability

If any provision of this Policy is found unenforceable, the remaining provisions continue in full force and effect.

22.2 Entire Agreement

This Policy, together with our Terms of Service, constitutes the entire agreement regarding privacy between you and moccet.

22.3 No Waiver

Our failure to enforce any provision does not constitute a waiver of that provision.

22.4 Assignment

We may assign this Policy in connection with a merger, acquisition, or sale of assets. You may not assign this Policy.

22.5 Survival

Provisions regarding liability limitations, indemnification, and dispute resolution survive termination of this Policy.

BY USING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS PRIVACY POLICY.

If you do not agree to this Policy, you must not use our Services.

Version History

Version 3.0 - June 30, 2025 - Comprehensive update with enhanced protections
Version 2.0 - January 1, 2025 - CPRA compliance update
Version 1.0 - January 1, 2024 - Initial policy

moccet connect