Read our
Privacy Notice_

We collect and use people’s personal information to run our business and deliver the best possible service. This notice explains what we collect, when and why.

6min reading time

Read our
Privacy Notice

We collect and use people’s personal information to run our business and deliver the best possible service. This notice explains what we collect, when and why.

6min reading time

Why and how
we process information

We keep all data processing as simple and limited as possible

We practice purpose specification and data minimisation

We only process data to deliver a service to you

We keep all data processing as simple
and limited as possible

We practice purpose specification
and data minimisation

We only process data to deliver a
service to you

We keep all data processing as simple and limited as possible

We practice purpose specification and data minimisation

We only process data to deliver a service to you

MENU NAVIGATION

MENU NAVIGATION

When you visit and explore our website

We have done our best to collect no personal data. Aligning to the principle of data minimisation. We use a privacy-preserving web analytics provider, Plausible. There are no cookies or tracking pixels used and no personal data is collected or used.

View Plausible's Data Policy

02 CONTACT US

When you contact us

We have no contact for and have chosen to just use an email you can reach us on. This means you have more control over the information you choose to share.

Our email provider is ProtonMail, based in Switzerland. When you email us data goes through this companies servers. The message content is encrypted but there is some metadata they process.

View ProtonMail’s Privacy Policy

Metadata;
→ Sender and recipient email addresses
→ The IP address incoming messages originated from
→ Message subject line
→ Message sent and received times

03_3RD PARTY TOOLS

When you decide to work with us

To run our business and help you create more trustworthy product experiences we use a range of 3rd party tools.This section outlines these tools and the data we collect and process:

Google Workspace

We use G Suite by Google Cloud to manage internal and external communications. We also use; Google Docs, Google Slides, Google Sheets, Google Calendar. The personal information you choose to share with us is stored and accessed in Gmail, Google Hangouts and Google Calendar. Your Email, Name, Phone number, Work address and Email contents will be stored within Gmail. We use this information to contact you directly - if you have asked us to. We do not use this information in any other way. We currently review this information at the end of every financial year and delete all meeting records that are no longer active or relevant to our work.

Xero

We manage the commercial function of our business via Xero. Almost all data that is accessible or stored within Xero relates to our business. However, to produce and send an invoice, some personal data is required. This includes; An email address, and the name of a recipient or project contact and commercial information, like: An organisation's tax number, The legal name of the entity and the registered office address are also available to us as a result of this workflow. Like our other practices, this information is secured with strict role-based access rights.

Harvest

Harvest helps us manage how we prioritise and invest our time across multiple client projects. We’re pretty strict about how we use it. We only use it internally, meaning the information Harvest processes on our behalf relates to our team and our clients. Data we collect and the process is limited to: Name of organisation, Name of the organisation representative, Email of the representative We don’t store documents. We don’t input any strategically sensitive information. We use the product to; Manage tasks in progress (within their ‘projects’ module), Schedule our time for multiple projects in advance (within their ‘scheduling’ module), and track time against each task to ensure 'what we say we do' is accurately represented.

Loom

We use Loom to record videos for our clients. This helps us deliver effective and easy to consume project updates. So far our clients really value this. We know this because they are saying lots of nice things. It’s helping us help them. If we send you a Loom video update and you view it, we see the following information; A notification with your profile/default name, and the time/date you viewed the video. If we send you a Loom video update and you comment on it, we see the following information; Content of the comment, and time/date of the comment. We do not use the information we have access to via Loom for any other purpose. You can learn more about Loom’s data processing activities in their Privacy Policy.

Figma

We collaborate with clients across multiple geographies. Often we do this in real time. Figma helps us visually collaborate, regardless of where we or clients are located. If you collaborate with us via Figma, we see the following information: Your assigned avatar name, and any content, comments and material you contribute. We do not use the information we have access to via Figma for any other purpose. You can learn more about Figma’s data processing activities in their Privacy Policy.

Slack

We use Slack to communicate internally and run our business more effectively. If you also use Slack we may create a shared channel to help with collaboration. If we do set up a shared channel we see the following information: Your display name, your role/title if you add it, a profile image if you add it, the organisation you represent, any content, comments and material you contribute, the date and time of your activities. We do not use the information we have access to for any other purpose. You can learn more about Slack’s data processing activities in their Privacy Policy.

Formspree

When you choose to make contact with us via our website we use the information you share with us via our contact form to contact you back. We deliberately limit the information you can provide us via this form to; An email address and a free text message. When you submit a message by pressing “Send now”, this information is sent to hello@muteo.co.

As it stands these are the products and services we’re using that store, process or analyse data. When this changes, we’ll update this policy.

04 DATA PRACTICES

How we collect data

The information above specifies the data we collect and how we collect it. We do not stray from these practices.

How do we process your data?

Our legal grounds for processing your “non-sensitive” personal data are contract. This is because we only process personal data: To fulfil a contractual obligation to you (e.g. process a payment and deliver you the product you've paid for via email); or Because you have asked us to do something with the intent of entering into a contract (e.g. discuss a speaking engagement, request a workshop, ask us to meet you regarding a business challenge you have etc.)

Do we use automated data profiling?

No, we do not. → We do not use your personal data to automatically evaluate or make inferences about who you are, what you think, and how you act. We do not use your personal data to make automated decisions about you. It might seem odd, but we would rather speak to you, engage in a conversation and figure out if there’s any mutual value in continuing our conversations and our relationship

Is the personal data we hold accurate?

Our workflows help us keep the data we process in good shape. You can contact us on hello@muteo.co at any time to; View the data we have on you, correct it if it’s not accurate, and request we delete it if you no longer want us to use it in any way

Do we share personal data?

We don’t and will never engage in the direct exchange of your data. That’s not our business. The services we use act as data processors for our business. Because of this, they do have access to your personal data. As an example, when you choose to contact us via email, our email provider processes this data on our behalf. The message is sent to our email address managed by ProtonMail. In the context of the European General Data Protection Regulation, this means we are a controller ("A controller determines the purposes and means of processing personal data") and ProtonMail is a processor ("A processor is responsible for processing personal data on behalf of a controller). The exact services and data we/they have access to is detailed in the second clause of this policy above

Is your personal data secure?

The limited personal data we process is secured via role-based access rights. Executing risk-based workflows helps to decrease the likelihood of breaches. However, if we believe a data breach may have occurred, we execute an operational process aligned to the recommendations made by the OAIC as part of the Notifiable Data Breaches Scheme. We; Assess the incident, Mitigate the impact, Communicate with relevant stakeholders, and Ensure any preventable weaknesses are improved as quickly as possible Putting it simply, if we make a mistake we will own it and ensure we don't make it again.

05 DATA RIGHTS

Your rights

Let’s keep this simple.
Your data is yours.
You should control it.
You should benefit from sharing it - if you choose to do so.

If you’ve shared your data with us directly and want to;
→ View what we have
→ Receive a copy of what we have
→ Edit what we have, or
→ Delete what we have

Then you are more than welcome to do it. To make this, or anything else you’d like to discuss about your data with us happen, email hello@muteo.co

To protect your privacy and the privacy of others, we will need evidence of your identity before we can grant you access to information about you.

06 OBLIGATIONS

Our obligations

We’re bound by specific jurisdictional regulations. But don’t think we’re limited to that. We want to do whatever we can to make our use of data as person-centric as possible. We focus first and foremost on doing the right thing by you. Regulations and requirements are simpler to get right when that’s the approach you rely on.

01 WEBSITE