Mobifi Privacy Policy


Privacy Policy and processing of Personal Data at Mobifi Messaging Ltd

This website www.mobifi.com and the services described on it are operated and provided by Mobifi Messaging Ltd, a company registered in the United Kingdom with registration number 06961335 and whose registered address is: Woodlands, 415 Limpsfield Road, Warlingham, Surrey, CR6 9HA.

For the purpose of the Data Protection Act 1998, Mobifi Messaging Ltd is registered with the ICO (Information Commissioner’s Office) for Data Protection under reference Z2629277.

Mobifi Messaging Ltd (Mobifi, We/Us) is responsible for storing and processing Personal Data on behalf of businesses and organisations. Mobifi shall process Personal Data within applicable laws and regulations and this Privacy Policy provides information about Mobifi’s processing of Personal Data.

In this Privacy Policy, references to “You” are to any person who submits data to Mobifi or the Website about him/herself or about any living individual in relation to use of the Website or the services that are available through the Website (the “Services”). When You use the Website or aspects of it, Mobifi may ask You to provide information about You. This Privacy Policy sets out how Mobifi might use that information.

This Privacy Policy sets out the basis on which any personal data that is collected from You, or that You provide, will be processed by Mobifi. Please read this Privacy Policy carefully to understand our views and practices regarding Your personal data and how it will be treated.

Your personal data will only be used in the manner set out in this Privacy Policy. We will only use Your personal data in a way that is fair to You and for what it is intended for. We will only collect personal data where it is necessary for Us to do so and where it is relevant to our dealings with You. We will only keep Your personal data for as long as it is relevant to the purpose for which it was collected or for as long as We are required to keep it by law.

By accessing the Website or Contacting Us, We may collect and process certain information about You, including but not limited to:

  • Your title, name, job title, organisation name, address, email address, telephone numbers and such other details as We require You to provide to Mobifi when You fill in forms on the Website. This includes information provided at the time of submitting information or enquiries to the Website (including, but not limited to, in respect of services We provide or career opportunities that We may have available from time to time), or subscribing for any newsletter available through the Website. We may also ask You for information when You report a problem with the Website.
  • If You contact us, We may keep a record of that correspondence.
  • Details of Your visits to the Website, including, but not limited to, traffic data, weblogs and other communication data, and the resources that You access.

The Website uses cookies which are tiny text files that identify Your computer to our server as a unique user when You visit certain pages on the Website and they are stored by Your Internet browser on Your computer’s hard drive. Cookies can be used to recognise Your Internet Protocol address, saving You time while You are on the Website.

We only use cookies for Your convenience in using the Website and not for obtaining or using any other information about You (for example targeted advertising). Your browser can be set to not accept cookies, but this would restrict Your use of the Website.

Please accept our assurance that our use of cookies does not contain any personal or private details and are free from viruses.  If You want to find out more information about cookies, go to http://www.allaboutcookies.org or to find out about removing them from Your browser, go to http://www.allaboutcookies.org/manage-cookies/index.html.

With the introduction of GDPR (General Data Protection Regulation) on 25th May 2018, We have been preparing for the regulation to ensure We are compliant and it is important to our customers that they have read and understood this Privacy Policy.

By using our services, customers have understood and agreed to our Privacy Policy or, where applicable, a Data Processing Agreement (DPA) between Mobifi and the customer.

Terminology:

  • Data Subject is an identifiable natural person.
  • Data Controller is the organisation that defines the purpose(s) for the processing of Personal data and has an agreement with the registered Data Subject.
  • Data Processor processes Personal Data on behalf of a Data Controller. The processing is regulated by a Data Processing Agreement (DPA) between the Data Controller and the Data Processor.
  • Personal Data is any data that directly or indirectly is linked to an individual (Data Subject).
  • Traffic Data is data generated through the use of a network. As an example, when an individual is using the mobile network, information about who is sending and receiving a message, the delivery time or status, and the content of the message is generated. If traffic data directly or indirectly can be linked to an individual, these are classified as Personal Data. Traffic Data can for example be used for tracking and billing purposes.
  • Anonymous Data is data where all identifying items have been removed making it impossible to associate the data with an individual.
  • The Processing of Personal Data is any use of Personal Data, including collecting, storing, modifying, transferring or deleting.

Mobifi as a Data Processor

Mobifi processes Personal Data as a Data Processor and the way We do that can be defined and described in an agreement between Mobifi and our customer, the Data Controller, and in the description of the services they subscribe to or use. The data about an individual (Data Subject) that We may process as a Data Processor depends on which of our services are used by the Data Controller.

Mobifi’s will only process Personal Data to provide our services to the customer, in accordance with any Data Processing Agreement and only on the customer’s instructions. Upon termination of the agreement or instructions from the customer, We will delete or return the Personal Data processed under the agreement, unless otherwise required by law.

Examples of processing activities:

  • Send messages like SMS or email from our customer (Data Controller) to the end user (Data Subject).
  • Produce message logs, statistics and reports.
  • Monitor traffic to ensure message delivery and system performance.
  • Manage Data Subject consents.

Depending on the customer’s use of our services or any specific applications that We have developed, We may as Data Processor process Personal Data within the following categories:

  • Basic Personal Data (such as name), contact details (such as email, phone number etc), gender or postcode.
  • Special categories of Personal Data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or health data.
  • Location Data derived from a Processor’s network (that is not traffic data as defined below).
  • Traffic Data: Personal Data processed in relation to the conveyance of communication on an electronic communications network or billing thereof.
  • Data related to content of communication, such as e-mails, SMS/MMS, browsing data etc.

Mobifi as a Data Controller

How Mobifi process Personal Data as a Data Controller is defined and described in the general terms and conditions between Mobifi and our end user (Data Subject). The data about the end user that We process as a Data Controller depends on which of our services that are used.

Examples of processing activities:

  • Manage end user profile.
  • Manage end user consents.
  • Manage end user administration rights and permissions.
  • Notify end user of changes to services, status alerts, terms and conditions or this privacy notice.
  • Respond to enquiries or questions related to services, terms and conditions or this privacy notice.

Depending on the customer’s use of our services or any specific applications that We have developed, We may as Data Processor process Personal Data within the following categories:

  • Basic Personal Data (such as name), contact details (such as email, phone number etc), gender or postcode.
  • Location Data derived from a Processor’s network (that is not traffic data as defined below).
  • Traffic Data: Personal Data processed in relation to the conveyance of communication on an electronic communications network or billing thereof.
  • Data related to content of communication, such as e-mails, SMS/MMS, browsing data etc.

Legal Bases

Under GDPR Data Processors must specify what the Legal Bases are for processing.

Mobifi’s Legal Bases are:

  • Contract – to fulfil the agreement and our contractual obligation for using a service provided by Mobifi to the end user, e.g. in relation to management of the user profile, consents, administration rights and permissions, notifications of changes to services, or respond to enquiries related to services, terms and conditions or this privacy notice.
  • Legitimate Interest – to pursue Mobifi’s legitimate interests e.g. in providing more efficient and improved services or to enhance the user experience, to establish, exercise or defend a legal claim, to prevent loss or damages to Mobifi or any third parties or to prevent any actions that may compromise Mobifi or a third party’s property or the personal data of the other users of the services.
  • Consent – whereby a customer has provided consent to receive marketing communication from Mobifi.
  • Legal Obligation – to comply with a legal obligation to which Mobifi is subject, e.g. continued storage due to statutory rules of storage for accounting, regulatory or compliance purposes.

Under GDPR the end user can at any time:

  • Withdraw consent to processing activities based on consent.
  • Access Personal Data.
  • Correct Personal Data.
  • Request deletion of Personal Data.
  • Request restriction of, or object to, processing.
  • Request export or portability of Personal Data.

Personal Data may be retained by Mobifi for as long as it is necessary to fulfil the purposes for processing and will as a main rule retain Personal Data until cancellation of the agreement or until end users request deletion. Due to certain legal obligations, e.g. statutory rules related to storage for accounting, regulatory or compliance purposes, it may be necessary to store Personal Data after cancellation of the agreement. Continued storage may also occur where such storage is necessary for the purposes of Mobifi’s legitimate interests including, but not limited to, the establishment, exercise or defence of legal claims.

We may share data with 3rd parties

Mobifi may disclose personal data to third party vendors, hosting partners and other network providers who perform services for Mobifi, in order to be able to deliver the services. These third parties will only use the Personal Data for the purposes they were collected, and in order to perform their services towards Mobifi. The relationship to such third party in accordance with any Data Processing Agreement.

The disclosure of Personal Data to public bodies, such as the Phone-paid Services Authority (PSA), formerly PhonePayPlus, may occur if and to the extent required by law and current regulations.

Contracts

GDPR states that whenever a Data Controller uses a data processor there must be a written contract in place to ensure both parties understand their responsibilities. As a Data Processor We can only act on the written instructions of the Data Controller. GDPR gives Processors responsibilities and liabilities in their own right, and Processors as well as Controllers may now be liable to pay damages or be subject to fines or other penalties.

Contact Us

Should you have any questions relating to our Privacy Policy you can contact us by:

  • email to dpo@mobifi.com
  • post to Mobifi Messaging Ltd, 10 Greycoat Place, London SW1P 1SB
  • by telephoning 020 7960 6045 between the hours of 09:00 and 17:00

Tell us about your needs