Mosio Privacy Policy

Terms and Conditions

We, being Mosio, Inc., a corporation registered in the State of California, and our affiliates (hereinafter collectively referred to as “we” or “us” or “Owner”), and acting as the owner and operator of our website located at www.mosio.com, while operating the text messaging and communication services therein, as well as any other services (the “Service(s)” or “service(s)”), and providing access to other mobile, tablet, or other device based applications via the website or associated with the website (all such applications and Services are included in the definition of the “Website” hereunder), hereby provide you, the user accessing this Website (hereinafter “you” or “User(s)”) with our present privacy policy (“Privacy Policy”) and the specific terms of data collection, processing, and protection in place for any data you upload or provide to us through this Website or any Services.

  1. Information Collection
    a. Personal information or Personal Data means any information that may be used to identify an individual, including, but not limited to, a first and last name, email address, a home, postal or other physical address, other contact information, title, occupation, industry, personal interests, and other information when needed to provide a service or product or carry out a requested transaction. Furthermore, Personal Information may also be defined under applicable data protection laws and regulations applicable to us.b. When using our website or software, you do so anonymously, unless you have previously registered with us and have logged into an account. Mosio does not automatically collect personal information, including your email address except in a transactional format such as the sending of a text message to the platform. Mosio logs IP addresses (the Internet address of a computer) to give us an idea of which parts of our website are visited and for how long. But we do not link IP addresses to any personal information unless you have registered or provided us with that information. Like many other commercial websites, the Mosio website may use standard technologies, such as “cookies” and other HTML tools, to collect information and automatic data about how the site is used, to record an opened email or clicked link. We attempt to anonymize such information, however, to the extent that IP addresses or similar identifiers are considered Personal Data by applicable law, we also treat these identifiers as Personal Data. We collect cookies and other automatic data based on your consent which was granted to us by you when you accessed this Website, or when you registered as a User, and thereby accepted this Privacy Policy. If you do not want us to collect this information, do not use the Website or delete your account on the Website. Please note: If you restrict, disable or block any or all cookies from your web browser or mobile or other device, our services may not operate properly, and you may not have access to certain services or parts of the Website. We shall not be liable for any interruption in, or inability to use, our services or degraded functioning thereof, where such are caused by your settings and choices regarding cookies.c. Mosio collects personal information when users register with Mosio for a Mosio Member login or account, for certain Mosio products or services or when asked by users to be included in an email or other mailing list. From time to time, Mosio receives personal information from business partners and vendors who may have been provided information by end users as part of two-way communications. Mosio only uses such information if it has been collected in accordance with acceptable privacy practices consistent with this Privacy Statement and applicable laws.d. Access to certain Mosio web pages and the Mosio software requires a login and a password. Unless users request deactivation of personal information as specified below, personal information may be retained by Mosio to verify compliance with the agreement, log software licenses granted, track software downloaded from those pages, or track usage of other applications available on those pages.
  2. Notice and Consenta. When Personal Information is collected, we inform users at the point of collection the purpose for the collection. Mosio will not transfer personal information to third parties without consent. We request various types of Personal Data from you, and can only receive such data if you provide it willingly and consent to its provision to us, when opening an account on this Website or procuring any product, service or content through this Website. Any use or transmittal of your data will only be completed once you are made completely aware of its use and transmittal, and then only with your consent. If you wish to know of any specific use of your data that may be undertaken by the Owner, please email us at support((at))mosio((.))comb. Data transfer abroad is based on consent, in that we shall only transfer your data outside your home jurisdiction for the purpose of providing access to this Website and any products or services offered to you through this Website. Such data transfer will be to third parties who maintain confidentiality requirements and data protection capabilities sufficient to protect and secure your data, if this is at all required. By registering an account with us, you hereby agree to allow your data to be transferred outside your home jurisdiction for the reasons described in this paragraph, and subject to the terms described herein.c. In most cases we provide users with the opportunity to “opt in” prior to receiving direct marketing, email newsletter or market research information. This means we will require affirmative action by users to indicate consent before we use information for purposes other than the purpose for which it was submitted. At the very minimum, we always give the opportunity to “opt out” of receiving such materials. This means we assume consent has been given to collect and use information in accordance with this Privacy Statement unless affirmative action has been taken against consent, for instance by clicking or checking the appropriate option or box at the point of collection.d. If you want to specifically know how and to whom your data may be transferred to, please get in touch with us at support((at))mosio((.))com.
  3. GDPR

The Mosio Privacy Policy complies with Chapter 3 Articles 12-23 in as much as Mosio collects data from individuals for marketing and day to day business operations. Mosio’s primary role in relation to GDPR is that of a Data Processor for Data Controllers that reside within the European Union or Data Controllers that have data subjects that live in the European Union. The Data Controllers provide a GDPR compliant Data Processing Agreement with Mosio for requested services and Mosio acts under the authority of the Data Controller to process data based on their instructions. For Article 27 inquiries (data subject information requests) Mosio’s Data Representative in the EU and UK is DataRep. Please address any inquiries to DataRep using the appropriate address on our Data Protection Contacts List (click here for list).

  1. CCPA

In addition to privacy and security information contained within our Privacy Policy that complies with the CCPA, Mosio does not sell your information to a third parties.  Mosio will also review this Privacy Policy at least once a year.

NOTE – HIPAA and PHI: The requirements of the CCPA do not apply to “medical information” subject to the California Confidentiality of Medical Information Act (CMIA) or to “protected health information” (PHI) collected by covered entities and business associates under the HIPAA Privacy, Security and Breach Notification Rules. All data collected by the Mosio platform (PHI or non-PHI) receives the same safeguards for security, privacy and breach notification applied to our clients covered under HIPAA rules and stipulated by a client BAA.

  1. Cookies and Other Tracking Technologies

A cookie is a small data file that certain websites write to a computer’s hard drive when visited. A cookie file can contain information such as a user ID that the site uses to track the pages visited, but the only personal information a cookie can contain is information supplied by the user. A cookie cannot read data off of a hard disk or read cookie files created by other sites. Some parts of Mosio’s website use cookies to track user traffic patterns. We do this in order to determine the usefulness of our website information to our users and to see how effective our navigational structure is in helping users reach that information.

a. Some Mosio websites and HTML-formatted email newsletters may use web beacons in conjunction with cookies to understand user behavior. A web beacon is an electronic image, called a single-pixel (1×1) or clear GIF. Web beacons can recognize certain types of information on a visitor’s computer, such as a visitor’s cookie number, time and date of a page view, and a description of the page where the web beacon is placed. Some Web beacons may be unusable if users elect to reject their associated cookies. Mosio may also use customized links or other similar technologies to track email links clicked. We may associate that information with Personal Information in order to provide more focused email communications or purchase information. Each email communication includes an unsubscribe link ending the delivery of that type of communication.

b. If users prefer not to receive cookies while browsing our website or via HTML-formatted emails, they can set their browser to warn them before accepting cookies and refuse the cookie when their browser alerts them to its presence. Users can also refuse all cookies by turning them off in browsers, although users may not be able to take full advantage of Mosio’s website after having done so. In particular, users may be required to accept cookies in order to complete certain actions on our website. Users do not need to have cookies turned on, however, to use/navigate through many parts of our website, except access to certain of Mosio’s web pages may require a login and password.

c. For additional information about cookies and other tracking technologies, including instructions for blocking their use, see .

6. How Information Collected Is Used

Mosio uses information for several general purposes: to fulfil user requests for certain products and services, to personalize the experience on our Website, to keep users up to date on the latest product announcements, software updates, special offers or other information we think they would like to hear about, to optimize and provide Services requested, and to better understand user needs and provide better service.

  1. Information Sharing and Disclosure
    a. Because Mosio is a global company, personal information may be shared with other Mosio offices, subsidiaries or technology partners around the world for the purposes of completing mobile messaging transactions. All such entities are governed by this Privacy Statement or are bound by appropriate confidentiality and data transfer agreements.b. Personal information is never shared outside Mosio without permission, except under conditions explained below. Inside Mosio, data is stored in security-controlled, HIPAA-compliant servers with limited access. Information may be stored and processed in the United States or any other country where Mosio, its subsidiaries, affiliates or agents are located.c. Mosio may send personal information to other companies or people under any of the following circumstances:
  • (i) When we have consent to share the information;
  • (ii) If sharing information is necessary to provide a product or requested service (If information is shared with third parties we only provide the information they need to deliver the service. Also, such companies are prohibited from using information for any other purpose);
  • (iii) To keep users up to date on the latest product announcements, software updates, special offers or other information we think users would like to hear about (unless users have opted out of these types of communications).d. We will also disclose personal information if required to do so by law, to enforce our Terms of Use, or in urgent circumstances, to protect personal safety, the public, or our websites.8. Ability to Access, Update or Deactivate Information

Registered users can review personal information and make change requests by accessing https://www.mosio.com. Users may also request deactivation of a Mosio account or any personal information held by us by sending an email to support((at))mosio((.))com. If users choose to deactivate their account, we will retain in our files some personal information requested to remove to prevent fraud, resolve disputes, troubleshoot problems, enforce our Terms of Use, respect opt-out preferences, and comply with legal requirements as permitted by law.

  1. Data Security
    a. Mosio account information is password-protected for privacy and security. Mosio safeguards the security of the data provided to us with physical, electronic, and managerial procedures. Mosio uses industry-standard TLS-encryption to enhance the security of sensitive data transmissions. While we strive and make excellent efforts to protect personal information, we cannot ensure all elements of security, so we urge users to take every precaution to protect personal data while on the Internet. We encourage users to change passwords often, use a combination of letters and numbers, password protect devices, and use a secure browser.b. You will be notified of any breach of Personal Data stored on this Website or provided to us by you within 72 hours of the occurrence of such a breach. At the time we notify you of the breach, we shall also inform you as to all rectification steps we have taken to rectify and mitigate the breach. For information related to our data security and the security of any Personal Data you provide us via this Website, please get in touch with us at the contact address specified under section 13 of this Privacy Policy.
  2. Children and Privacy 

Our websites do not target and are not intended to attract children under the age of 13. Mosio does not knowingly solicit personal information from children under the age of 13 or send them requests for personal information.

  1. Third Party Sites
    a. Mosio’s website contains links to other sites. Mosio does not share personal information with those websites and is not responsible for their privacy practices. We encourage users to learn about the privacy policies of those companies.
    b. Our website may contain links to websites operated by other companies. Some of these third-party sites may be co-branded with a Mosio logo, even though they are not operated or maintained by Mosio. Although we choose our business partners carefully, Mosio is not responsible for the privacy practices of web sites operated by third parties that are linked to our site. Once users have left our website, they should check the applicable privacy statement of the third-party website to determine how they will handle any information they collect.
  2. Clinical Research and Healthcare Clients: HIPAA and Participant Privacy

While the mobile text messaging channel is not HIPAA compliant in certain scenarios, Mosio makes continuous efforts to maintain the privacy and data security of sensitive client and patient information, including:

   a. Informed Consent: Covered Entities and Business Associates who use the platform should warn the participant that the risk of unauthorized disclosure exists (encouraging the participant to properly secure their device is also good practice) and the participant´s consent should be obtained to communicate by text. Both the warning and the consent must be documented.

   b. Unique Users and Identification:Each user identity is assigned a unique name and/or number for identification, logging and tracking.

   c. Encryption and Authentication: The Mosio system uses cryptographic module types that are FIPS 140-2 validated for Data at Rest, Transmission, Remote Access, Authentication, and Digital Signatures/Hash, and would describe an alternative implementation if applicable. All accounts require a unique username and password with specific password security rules including expiration.  SSO integration with client systems is available by client request.

   d. Automatic Logging Out: The Mosio system will log out users after a short time of inactivity (configurable by the account administrator). While the system enables account administrator to choose “Keep Users Signed In” to allow users to stay logged in, it allows for remote locking out by our support staff should the need arise.

   e. Transmission Security: TLS cryptographic module types are used for protecting data in transit.  Our data hosting providers are located in the USA, Production and Backup systems are in geo-diverse locations for added protection and redundancy.

f) Only Developers employed by Mosio have direct access to the Mosio platform code base and databases.

   g) Multiple Organizations: ePHI is not accessible by Mosio partners or subcontractors unless otherwise authorized for the sole purpose of efficient communication transmissions.

   h) Response and Reporting Procedures: The company maintains a step-by-step reporting procedure to identify, document, respond, and prevent security incidents.

   i) Contingency Plans: ePHI and other sensitive data are backed up in a geo-diverse location from our Production systems using AWS HIPAA Eligible Services.  Mosio tests Business Continuity and Disaster Recovery Plans at least once per year.

   j) Privacy and Security Officers: Mosio has a Compliance Officer on staff to handle all privacy and security related questions.

   k) Risk Management Evaluations: Annual privacy and security training, activity logging, risk management procedures for code implementation, data and account management are reviewed once a year by Mosio’s chief officers to ensure maximum risk reduction.  Mosio’s change control process is governed by our SDLC and includes a risk assessment for any change to the system and all changes are code reviewed and tested in an engineering environment before release to Production systems.

    13. Contact

Contact us at support((at))mosio((.))com, for our detailed Privacy and Data Security Management statement and if you need assistance in responding to requests from IRBs or patient privacy officers at your organization, we’re happy to be of assistance.

  1. Rights under other Privacy Laws

To the extent that you have rights under any current or future privacy laws, you may contact us at (insert address) to exercise any applicable rights you may have under such laws. To the extent that such laws apply to you and to us, we will respect your rights in accordance with such laws.

This Privacy Policy was last updated on March 10, 2023