Privacy Policy

This Privacy Policy is incorporated by reference into the Mosaic Terms of Use (the “Terms”). The terms “Mosaic,” “we,” and “us” include Mosaic, MosaicApp Inc, our affiliates and subsidiaries. The Privacy Policy explains how Mosaic may: collect, use, and disclose information we obtain through our website and mobile app, and the Mosaic Services (collectively, the “Services”). All other terms not defined herein will have the meanings set forth in the Terms.

2.1 Information Collected

2.1.1 Registration. We collect personal information, such as your name, company name, and email address when you register for an Account. You may also provide us with optional information for your profile, such as a photograph, your username, and any optional profile information (“Profile Information”).

2.1.2 Using the Services. We collect information you post through the Mosaic Services. For example, when you interact with other users by posting Project Content, the Mosaic Services will collect the information you provide in such submissions, including any personal information.

2.1.3 Payment Processor. If you have a Paid Account, you may need to provide personal information to our third party credit card payment processing company.

2.1.4 Customer Support. We may collect personal information through your communications with our customer-support team.

2.1.5 Communications. Even if you are not a registered user of the Mosaic Services, if you email us we may retain a record of such email communication, including your email address, the content of your email, and our response.

2.1.6 Inviting Friends and Coworkers. If you choose to invite someone to the Mosaic Services, we will ask you for that person’s contact information, which may include their email address and automatically send an invitation. Mosaic stores the information you provide to send the invitation, to track the invitation, and to register them if your invitation is accepted.

2.1.7 Cookies, Automatic Data Collection, and Related Technologies. We and our third-party service providers collect and store information that is generated automatically as you use the Services, including your preferences and anonymous usage statistics. When you visit the Services, we and our third-party service providers receive and record information on our server logs from your browser, and from cookies and similar technology. Cookies are small text files placed in visitors’ computer browsers to store their preferences. Most browsers allow you to block and delete cookies. However, if you do that, the Services may not work properly. For more information, see our policy on Cookies.

2.2 Use of Information Collected

2.2.1 Internal and Service-Related Usage. We use information, including personal information, for internal and Service-related purposes only and may provide it to third parties to allow us to facilitate the Services. We may use and retain any data we collect to provide and improve our Services.

2.2.2 Communications. We may send email to the email address you provide to us to verify your account and for informational and operational purposes, such as account management, customer service, or system maintenance.

2.2.3 Marketing. We may use information, including personal information, to facilitate transmittal of information that may be useful, relevant, valuable or otherwise of interest to you. You may opt out of marketing communications by following the opt-out or unsubscribe instructions at the bottom of the email. You may continue to receive Service-related and other non-marketing emails.

2.2.4 As Required By Law and Similar Disclosures. We may use your personal information, other account information, and content if we believe doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order or subpoena; respond to your requests; enforce the terms and conditions that govern the Services; protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity; or protect yours’, ours’ or others’ rights, property, or safety.

2.2.5 Aggregate Data. We may anonymize, aggregate or de-identify data collected through the Services by removing information that makes the data personally identifiable to you, and use it for our legitimate business purposes.

2.3 Sharing of Information Collected

2.3.1 We will display your Profile Information on your profile page and elsewhere on the Mosaic Services in accordance with the preferences you set in your Account. You can review and revise your Profile Information at any time by logging into your Account. We will display your Project Content within the Mosaic Services as directed by you.

2.3.2 Displaying to Other Users. The content you post to the Mosaic Services may be displayed on the Mosaic Services. Other members invited to your Mosaic organization may be able to see some information about you, such as the Project Content you post to a particular Project, Profile, or other space in Mosaic. We are not responsible for the privacy practices of your Mosaic organization users who will view and use the posted information.

2.3.3 Service Providers. We may utilize third-party service providers to assist us in delivering the Services. For example, we may use third parties to help host the Services, send out email updates, or process payments. These service providers may have access to your information for the limited purpose of providing the service we have contracted with them to provide. For a detailed list of authorized third parties please visit

2.3.4 As Required By Law and Similar Disclosures. We may share your personal information, other account information, and content if we believe doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order or subpoena; respond to your requests; enforce the terms and conditions that govern the Services; protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity; or protect yours’, ours’ or others’ rights, property, or safety.

2.3.5 Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction as permitted by law and/or contract. The use of your personal information following any of the foregoing events should be governed by the provisions of this Privacy Policy in effect at the time such personal information was collected.

We may also disclose your personal information with your permission.

2.4 Data Protection Rights

2.4.1 General Rights. Mosaic operates as a B2B platform, engaging primarily with client companies. As such, Mosaic acts as a data processor, handling personal data of individuals within these organizations as per the directives of our client companies, who are the data controllers. Under the GDPR and other relevant data protection regulations, individuals have rights regarding the protection of their personal data. These rights include the ability to access, correct, delete, and restrict the processing of personal data under certain conditions, as well as the rights to object to processing and to data portability. Individuals wishing to exercise these rights should make their requests directly to their employer, who will coordinate with Mosaic as necessary. If you are employed by one of our client companies and wish to understand more about these processes, please contact your employer’s data protection officer or relevant department.

2.4.2 Consent Withdrawal and Use of Platform. Mosaic processes data based on contractual obligations with client companies, not based on individual consent directly. However, in circumstances where consent is relevant, individuals have the right to withdraw consent at any time. This withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. If you believe that your data has been processed based on your consent and wish to withdraw it, please contact your employer, who will follow up with us at

2.4.3 Data Portability. Under GDPR, individuals have the right to data portability, which allows them to obtain and reuse their personal data across different services for their own purposes. This right applies where the processing is based on consent or on a contract, and the processing is carried out by automated means. If you, as an individual of a client company, wish to exercise this right, please initiate your request through your employer. Mosaic facilitates this right by providing data in a structured, commonly used, and machine-readable format via tools such as CSV exports and APIs, ensuring secure data transfer. For assistance with these tools, client companies should contact Mosaic directly at

2.5 Ex-US Visitors

We are headquartered in the United States and have service providers in other countries, and your personal information may be transferred to the United States or other locations outside of your state, province or country where privacy laws may not be as protective as those in your state, province or country. Our Services are governed only by US laws and not by foreign laws.

2.6 Other Sites, Mobile Applications and Services

The Services may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.

2.7 Security; Communications

We take steps to ensure that your information is treated securely and in accordance with this Privacy Policy. Unfortunately, the Internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us. We do not accept liability for unintentional disclosure.

2.8 Changes to Our Privacy Policy

2.8.1 Posting of Revised Privacy Policy. We will post any adjustments to the Privacy Policy on this web page, and the revised version will be effective when it is posted. If you are concerned about how your information is used, bookmark this page and read this Privacy Policy periodically.

2.8.2 New Uses of personal information. From time to time, we may desire to use personal information for uses not previously disclosed in our Privacy Policy. If our practices change regarding previously collected personal information in a way that would be materially less restrictive than stated in the version of this Privacy Policy in effect at the time we collected the information, we will make reasonable efforts to provide notice and obtain consent to any such uses as may be required by law.

2.9 Submitting a Privacy Complaint

We take privacy matters seriously and are committed to addressing and resolving any concerns promptly. If you believe that your privacy rights have been violated or if you have concerns regarding the handling of your personal information by Mosaic, we encourage you to submit a privacy complaint.

2.9.1 How to Submit a Privacy Complaint: Send an email to with the subject line "Privacy Complaint - [Your Full Name]."

2.9.2 Information to include in your privacy complaint: To help us investigate and address your privacy complaint effectively, please include the following information in your submission:

  • Your full name and contact information.
  • A detailed description of the privacy concern or violation.
  • Any supporting documentation or evidence related to your complaint.

Last Updated Date: 05/16/2024