Reason Labs Privacy Policy
This Privacy Policy describes how Reason Labs Inc. and/or Reason Labs Ltd. and its affiliates (“we”, “our” and “us”) handle your information, including how we collect, process, protect and share it when you use our website and/or any of the services we offer (collectively, the “Services”). This Privacy Policy also provides information about your rights as a data subject, if and to the extent applicable.
This Privacy Policy is incorporated into and is subject to the following end user license agreement ("EULA"): https://getmozo.com/policies
By using our website and/or using or downloading our Services, you consent to our use of your information in accordance with this Privacy Policy. You are not legally required to provide us with any personal data and may do so at your own discretion. If you wish not to accept these terms and conditions or any update thereto, or you do not wish to provide us with your personal data, or to have it processed by us or any of our Third-Party Service Providers as described below, your sole option is to not use the Services.
Please note that this Privacy Policy does not cover any third-party content, software, or services that may be made available through our Services.
1. What kind of information do we use and collect?
When you use our Services, we may collect certain data, including Personal Information.
For the purposes of this Privacy Policy, “Personal Information” refers to any information that relates to an identified or identifiable individual.
We collect your information in three main ways:
- Information you provide to us directly.
- Information we collect when you use our Services.
- Information we collect from third-party sources.
The specific Personal Information we collect depends on the Services you use, how you use them, and the applicable legal requirements.
Categories of Personal Information
When we process your Personal Information, we categorize it as follows: User Information and Product Information.
User Information includes the data we collect when you use our website, data that is needed to create your user account, provide you with the Services, and, where applicable, to verify your identity. The creation of an account is required to use some of our Services.
| User Information | How we use it |
|---|---|
| Name | Purpose: To provide our Services. Explanation: To customize our communications by addressing you by your name and for account identification purposes. |
| Email address and phone number | Purpose: To provide our Services. Explanation: To send you communications regarding your subscription, support and offers and promotions. Essential for account recovery and security notifications. |
| Username | Purpose: To provide our Services. Explanation: To manage your account and facilitate your login into the service. Serves as your unique identifier within our platform. |
| IP Address | Purpose: To provide our Services and to detect and prevent fraud. Explanation: We are using your IP to extract your geo location for content localization and security purposes. |
| User Agent | Purpose: To provide our Services and to detect and prevent fraud. Explanation: To optimize our service delivery based on your device and browser capabilities, and to detect potentially fraudulent or automated access. |
| Browser | Purpose: To provide our Services. Explanation: To ensure compatibility and optimize user experience across different web browsers and versions. |
| Your Operating System | Purpose: To provide our Services. Explanation: To provide platform-specific features and ensure optimal performance and compatibility with your device. |
| Subscription Events | Purpose: To provide our Services. Explanation: So we know when your subscription renews, or if you are on trial, so we do not charge you during your trial period. Essential for billing accuracy. |
| Activity Log | Purpose: To provide and improve our Services. Explanation: To understand your use of the Services, improve functionality, provide customer support, and ensure service security. |
| Cookies and pixel tags | Purpose: To provide and improve our Services. Explanation: For example, cookies help us understand how you are interacting with our website and improve it. You can set your browser to not accept cookies, but this may limit your ability to use the website. |
| Device location | Purpose: To provide our Services, to comply with applicable laws and to detect and prevent fraud. Explanation: To provide location-based Services, comply with regional regulations, and enhance security by detecting unusual access patterns. |
| Information related to Surveys | Purpose: To improve our Services. Explanation: To improve our Services based on user feedback and preferences, and to develop new features that meet user needs. |
Product Information includes the data you provide or that we collect to deliver the applicable Services, as well as details about your usage of those Services. The information we collect includes data related to your use of the Services, including any data you provide us or that we collect as part of the specific Services you use.
Please note that the data we collect may differ for each Service, as further detailed below.
Mozo
| Product Information | How we use it |
|---|---|
| Information you provide for monitoring | Purpose: To provide our Services. Explanation: To monitor the information and alert you. |
Digital Footprint Cleanup
| Product Information | How we use it |
|---|---|
| The information needed to submit to the data broker sites for the cleanup. | Purpose: To provide our Services. Explanation: To submit a deletion request to the data brokers. |
DarkWeb Monitoring
| Product Information | How we use it |
|---|---|
| Email address |
Purpose: To provide our Services. Explanation: To monitor and alert you in case your information was leaked. |
| Phone number | |
| Credit card number | |
| Bank number | |
| SSN | |
| National ID number | |
| Driver's license number |
The results of the dark web monitoring scans may include sensitive information related to the information you provide, for which you take full responsibility. The scans results are delivered directly to your email address and/or the software’s interface by our Third-Party Service Provider. We do not store any data related to these results on our servers.
To receive full and unmasked scan results, you must enter your email address and create a user account for the software.
Web Protection
| Product Information | How we use it |
|---|---|
| Domains | Purpose: To provide our Services. Explanation: To detect and block malicious domains. |
Safer Web
| Product Information | How we use it |
|---|---|
| URLs | Purpose: To provide our Services. Explanation: To detect and block malicious URLs. |
AI Scam Scanner
| Product Information | How we use it |
|---|---|
| Any information you submit | Purpose: To provide our Services. Explanation: We scan the content you provide to inform you whether it is a scam or safe. |
| IP | Purpose: To provide our Services. Explanation: We use this information to troubleshoot and resolve any issues you may experience. Purpose: To improve our Services. Explanation: We analyze threat patterns to better understand and combat new threats. |
Anti Scam SMS Protection
| Product Information | How we use it |
|---|---|
| The content of the text messages you received | Purpose: To provide our Services. Explanation: We scan incoming SMS messages to alert you against potential scams. |
| Information about the sender | |
| The message timestamp |
Our use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.
Email Protection
| Product Information | How we use it |
|---|---|
|
New incoming emails to your Gmail inbox, including- Email Headers: Sender and recipient information, Subject line, Date and time sent, Message ID and routing information, Server details and delivery path. Message Content: The actual email body text, any inline images or embedded content, MIME type. Attachments: File attachments, metadata like filenames and file types. |
Purpose: To provide our Services. Explanation: We scan incoming emails to alert you against potential scams. Purpose: To improve our Services. Explanation: We analyze scan results to verify the accuracy of our detection algorithms and make our Service more effective. |
| Technical Metadata: Email client information, Encryption/security headers, threading information for email conversations |
The emails are processed in real time. Once we have determined whether an email is suspicious or safe, the information is immediately deleted. The entire process is automated by a machine and does not involve human review.
If you use our Email Protection Services with your Gmail account, we will connect to your account using Google API. Any information we received from your email through the API will comply with the Google User Data Policy, including the Limited Use Requirements.
Online Security
| Product Information | How we use it |
|---|---|
| Files you download | Purpose: To provide our Services. Explanation: To protect you and alert you against malicious files. |
| Usage data such as information related to your installed extensions, trackers & cookies data, notifications. | Purpose: To provide our Services. Explanation: To help you manage your extensions, trackers, cookies and notifications, and alert you of any suspicious activity. |
| URLs and their content | Purpose: To provide our Services. Explanation: To detect and block malicious URLs. |
| GEO | Purpose: To improve our Services. Explanation: To develop and improve our product performances. |
EPP
| Product Information | How we use it |
|---|---|
| Files and URLs* and their content | Purpose: To provide our Services. Explanation: To protect you and alert you against malicious files. |
| Information of technical nature, such as IP, your account information, online activity, machine activity, operating system, browser type and version, and meta data on unknown files. | Purpose: To provide our Services. Explanation: To protect you and alert you against malicious files. Purpose: To improve our Services. Explanation: To develop and improve our Anti-virus. |
*We will send the URLs to our servers but only store their domains to operate and provide the Services.
The Software includes Endpoint Detection Response (EDR) tool which allows us to detect malicious activity early for prevention purposes and includes dynamic analysis of device data.
VPN
| Product Information | How we use it |
|---|---|
| When activating the 'Auto Connect' feature and approving the location permission, you allow us to access your device’s location. | Purpose: To provide our Services. Explanation: Solely for the purposes related to the 'Auto Connect' feature and therefore this data is not being sent to our servers. |
RAV VPN is a zero-logs VPN service provider, which means that we do not monitor, collect, or log your browsing activity when you are connected to our VPN services.
Help and Recovery Assistant
| Product Information | How we use it |
|---|---|
| Email address or phone number |
Purpose: To provide our Services. Explanation: To communicate with you and to solve the security issues you’ve encountered. |
| Additional information you provide |
We may also collect and process aggregated anonymous data, such as your language preference, device model and brand, country, operating system, lengths of sessions, server usage, crash reports, UI interactions, app build version and API requests. We will only use such aggregated anonymous data to optimize and improve our Services, identify bugs and diagnose app crashes.
2. How we use the collected information
We use the Personal Information for the following purposes and on the following legal bases:
- To provide, support and operate the Services as well as to further develop, enhance and improve them and your user experience.
Legal basis: Fulfilling our contractual obligations, and our legitimate interest. - To communicate with you, including for support purposes, and for sending you Services-related information such as invoices, updates, security alerts.
Legal basis: Fulfilling our contractual obligations. - To provide you with promotions and offers from Reason Labs. You may opt-out from receiving promotions and offers at any time.
Legal basis: Our legitimate interest when sending you offers via email and your consent when sending them via SMS. - To comply with applicable legal obligations and to protect our rights as well as the rights of our users.
Legal basis: Compliance with legal obligations, and our legitimate interest. - To detect and prevent fraud, security and other issues of technical nature.
Legal basis: Compliance with legal obligations, and our legitimate interest. - To operate our business, including for debugging, support, security, billing and auditing, business analysis and improving the Services (as more fully described in Section 3(c) below).
Legal basis: Fulfilling our contractual obligations, and our legitimate interest.
3. How we share the information?
We may share your Personal Information in the following ways:
- Legal and Regulatory Disclosures
We may disclose your Personal Information if we have a good faith belief that it is reasonably necessary to: (i) comply with a legal obligation, such as a law, regulation, subpoena or court order; (ii) protect our rights, property, and safety, as well as the rights, property, and safety of our users or the public; or (iii) enforce this Privacy Policy or any agreement between you and us.
- Business Transactions
In the event of a merger, acquisition, reorganization, bankruptcy or sale of assets, your information may be transferred or sold as part of that transaction.
- Third Parties
We use a number of selected third-party service providers and contractors to process your Personal Information on our behalf for the purposes described in this Privacy Policy. These providers assist us in a variety of functions, including: Hosting and server co-location services, communications and content delivery networks (CDNs), data and cyber security services, domain name registrars, fraud detection and prevention services, web analytics, audit services, maintenance services, development services, e-mail distribution and monitoring services, session recording and remote access services, performance measurement, data optimization and marketing services, content providers.
These service providers, together with the “Payment Processors” listed under subsection (d) below, are our “Third-Party Service Provider(s)”. Such Third-Party Service Providers may have access to your Personal Information to the extent necessary to perform their specific roles in enhancing and facilitating the Services. We only share information with them for limited purposes as determined in our agreements with them. The Third-Party Service Providers process your Personal Information in accordance with their own privacy policies, which are linked below.
We currently engage the following Third-Party Service Providers:
| Service Provider | Purpose | Privacy Policy |
|---|---|---|
| Google Analytics | For monitoring and analyzing our performance. | http://www.google.com/intl/en/policies/privacy/ |
| Amazon Web Services, Inc. | Servers, for processing your information. | https://aws.amazon.com/security/ |
| Zendesk | Providing you with support services. | https://www.zendesk.com/company/customers-partners/privacy-policy/ |
| SpyCloud | Providing you the dark web monitoring Service. | https://spycloud.com/legal-and-privacy-center/privacy-policy/ |
| For monitoring and analyzing our performance. | https://www.facebook.com/about/basics/ | |
| MixPanel | For monitoring and analyzing our performance. | https://mixpanel.com/legal/privacy-policy |
| Tableau | To help us organize our data. | https://www.salesforce.com/company/privacy/ |
| Iterable | To provide you with updates and information. | https://iterable.com/trust/privacy-policy/ |
| SendGrid | For providing us email and marketing services. | https://www.twilio.com/legal/privacy |
| TeamViewer | Solely for providing remote support access services. | https://www.teamviewer.com/en/privacy-notice/ |
| Appsflyer | To help us manage and track our campaigns. | https://www.appsflyer.com/legal/privacy-policy/ |
| Hotjar | To analyze and monitor our performance. | https://www.hotjar.com/legal/policies/privacy/ |
| TikTok | For monitoring and analyzing our performance. | https://www.tiktok.com/legal/page/row/privacy-policy/en |
| Vercel | To provide hosting services. | https://vercel.com/legal/privacy-policy |
| Coralogix | To monitor our servers. | https://coralogix.com/privacy-policy/ |
| Sentry.io | To monitor our frontend. | https://sentry.io/privacy/ |
| Got Your Back | To provide you with support services. | https://gotyourbacksupport.com/privacy-policy/ |
| Array | To provide you with Services. | https://array.com/legal/#privacy |
| Complyt | To help us ensure compliance with tax regulations. | https://complyt.io/privacy-policy/ |
| Frontegg | To help us manage our users. | https://frontegg.com/privacy-policy |
| Redis | Cloud services, for processing your information. | https://redis.io/legal/privacy-policy/ |
| OpenAI | To provide you with the AI Scam Scanner Services. | https://openai.com/policies/privacy-policy/ |
| Mudhook | For providing the VPN Service. | https://www.ipvanish.com/privacy-policy/ |
| NextDNS | As the DNS resolver providing the DNS services. | https://nextdns.io/privacy Note: By default, NextDNS stores statistical usage data for the last three (3) months. You can customize this value via the statistics tab included in Safer Web. |
Please note that we may share the following categories of Personal Information with Third Party Service Provider for a business purpose: online identifier, internet protocol address, country, state and city, external ID, Zip Code, Facebook Click ID or other similar identifiers; commercial information, for example information regarding products or services purchased, obtained, or considered.
- Payment Processors
We use third-party payment processors (the “Payment Processor(s)”) to collect your payment. These Payment Processors are authorized and regulated to handle your payment details and may not use your Personal Information for any purposes other than providing you with these services. Please note that the Payment Processors are independent controllers of your data and will process your payment information in accordance with the applicable Payment Processor’s privacy policy. For recurring transactions, the Payment Processor may save and reuse your payment details for subsequent payments, as applicable.
We currently engage with the following Payment Processors:
| Payment Processor/Provider | Privacy Policy |
|---|---|
| Cleverbridge | https://store.reasonsecurity.com/1679/?scope=opprivacy |
| Stripe | https://stripe.com/privacy |
| Paypal | https://www.paypal.com/us/legalhub/privacy-full |
- Our corporate affiliates
We may share your Personal Information with our corporate affiliates for the purpose of providing us with services, such as IT, security, storage, and other internal operations.
4. Information about children
Our Services are not intended for, or designed to attract, children. We do not knowingly collect Personal Information from minors, as defined by applicable laws. If you are a parent or legal guardian and you believe that we have collected Personal Information from your child, please contact us at helpcenter@getmozo.com. If we learn that we have collected Personal Information from a minor without verifiable parental consent, we will promptly take steps to delete that information and terminate the child's account.
5. Tracking Technologies & Cookies
We use cookies and similar technologies to enhance your experience with our Services, analyze our performance, and provide you with personalized advertisements.
5.1 Website Functionality & Analytics
We use cookies and other technologies to provide our website's basic functionality and to analyze its performance. These technologies allow you to save your account credentials to your browser and provide us with aggregated, anonymized data on website usage. For these purposes, we use third-party service providers like Google Analytics to collect, analyze, and generate reports for us. We do not provide these third parties with Personal Information about any specific user.
5.2 Advertising & Marketing
We use cookies and similar technologies to enhance your experience, analyze our performance, and provide you with personalized advertisements. These technologies collect and send information to our third-party advertising partners, including Facebook and Google. Our advertising partners use this information to serve you with ads based on your visit to our website and your activity on other sites across the internet.
You can manage your preferences and opt out of interest-based advertising by using our cookie preference tool. You may opt out of the use of the DoubleClick cookies for interest-based advertising by visiting the ads preference manager. You may also visit aboutads.info to opt out of a third-party vendor's use of cookies for interest-based advertising.
Please note that we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application, however, most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser.
5.3 Opt-Out for All Website Cookies
Many web browsers accept cookies automatically. There are many resources that advise you on adjusting cookie settings, such as About Cookies. You can block cookies any time by adjusting your browser settings, visiting the Network Advertising Initiative opt-out page, or by disabling specific third-party pixels (see below). Please note that some of the features on our website depend on cookies to properly function.
Opt-Out from Third-Party Pixels
| Source | Listing | About | Opt-out |
|---|---|---|---|
| Google Ads | googleadservices.com gstatic.com fonts.gstatic.com | Learn More | Disable |
| Google Analytics | google-analytics.com ssl-googleanalytics.com | Learn More | Disable |
6. Security Measures we Have in Place
We use industry-standard security measures to protect your Personal Information from loss, theft, misuse, or unauthorized access. We aim to collect only the Personal Information necessary for the purposes outlined in this Privacy Policy. We restrict employee and data processor access to Personal Information to only those who require it to perform their job functions. When we use Third-Party Service Providers, we disclose only the information necessary for them to provide their services. Where appropriate, we use encryption, access controls, passwords, and physical security measures to protect the information we collect and maintain about you against unauthorized access and disclosure.
7. Data Subject Rights
Data protection laws around the world grant you certain rights over your Personal Information. This section explains those rights and how you can exercise them.
If you wish to exercise your privacy rights under any applicable law, including the EU or UK General Data Protection Regulation (collectively, the “GDPR”), the Swiss Federal Act on Data Protection (the “FDPA”), the California Consumer Privacy Act (the “CCPA”), the California Privacy Rights Act (the “CPRA”), the Virginia Consumer Data Protection Act (the “VCDPA”), the Utah Consumer Privacy Act, Utah Code Ann. §13-61 ("UCPA"), the Connecticut Personal Data Privacy and Online Monitoring Act § 42-518 ("CTDPA"), or the Colorado Privacy Act Code § 6-1-1301 (2022) ("CPA"), please send us an email to: helpcenter@getmozo.com. We will respond to your request in accordance with applicable privacy laws.
Please note that in the event that you ask us to exercise any of your rights under this Privacy Policy or any applicable law, we may need to (i) verify your identity to ensure you are the person you claim to be; and (ii) ask for further information so we can understand the nature and scope of the information you request to access, and avoid the disclosure of Personal Information related to others. We may retain such additional information solely for legal purposes (e.g., as proof of the identity of the person submitting the request).
You may have different privacy rights, depending on your country or state of residence. Please see the details below as applicable to you:
a. European Economic Area (“EEA”), United Kingdom (“UK”) and Switzerland:
If you are located in the EEA, UK or Switzerland, the GDPR or FDPA (as applicable) applies to you. We act as data controllers and process your Personal Information as necessary to fulfill our agreement with you.
Under the GDPR or FDPA you may be entitled to the following rights (each, to the extent available under the law which applies to you):
-
Right to Access: You have the right to request access to the Personal Information that we hold about you.
-
Right to be Informed: You have the right to receive information concerning the processing of your Personal Information.
-
Right to Restrict Processing: You have the right to request to block or restrict the processing of your Personal Information.
-
Right to rectification: You have the right to request to correct your Personal Information if you believe that we have inaccurate information about you.
-
Right to Erasure (the “right to be forgotten”): You have the right to ask that we erase your Personal Information (that we process as controllers).
-
Right to Object: You have the right to object to processing which is based on our legitimate interests.
-
Right to Withdraw Your Consent: You have the right to withdraw your consent for the processing of your Personal Information.
If we have not addressed your concerns, you have the right to file a complaint with the applicable supervisory authority (e.g., the authority in your domicile or country).
b. United States of America:
If you are a resident of California/Virginia/Utah/Connecticut/Colorado, the CCPA, CPRA, VCDPA, UCPA, CTDPA or CPA (and/or similar state laws, as applicable) apply to you. This section explains your rights under these privacy laws.
For the purposes hereof, we collect Personal Information as a business (as defined under applicable privacy state laws). Such information is used and disclosed for “business purposes”.
Under the CCPA, CPRA, VCDPA, UCPA, CTDPA or CPA (and/or similar state laws, as applicable) you may be entitled to the following rights (each, to the extent available under the law which applies to you):
-
Right to Know: You have the right to know the categories and specific pieces of Personal Information that are being collected about you.
-
Right to Disclose: You have the right to ask that we disclose certain information about our collection and/or use of your Personal Information during the past 12 months.
-
Right to Delete: You have the right to ask that we delete the Personal Information we have collected from you and retained.
-
Right to Opt-Out: You have the right to opt out of the 'sell' of your Personal Information by a business.
-
Right to Equal Service and Price: You have the right not to receive discriminatory treatment for exercising the mentioned rights.
If you disagree with our decision, you might have a right to appeal. To do so, please submit your appeal using the same method you user for your original request.
You may also appoint an authorized agent to exercise these privacy rights on your behalf, subject to certain limitations such as identity verification process and the submission of written approval to act on your behalf.
8. Storage and Cross-Border Transfers of Personal Information
The global nature of our Services requires us and the Third-Party Service Providers to store and process your data across various countries, including the U.S., European countries, Israel, and others. As a result, your information may be transferred to countries outside of the European Economic Area (EEA).
Regardless of where your data is processed, we and our Third-Party Service Providers are committed to protecting it according to the standards outlined in this Privacy Policy. We implement appropriate safeguards, such as the standard contractual clauses approved by the European Commission, to ensure that your Personal Information remains secure.
Cross-border transfers outside of the EEA occur for limited purposes, including but are not limited to: providing the products, processing transactions and payments and offering support services. In the event of a merger, acquisition, or similar business transaction, your data may also be transferred to a party located outside the EEA.
9. Retention
We will store information collected from you for as long as you are using the Services. If you decide to cease using our Services, your data may be retained for no longer than an additional period of twelve (12) months, following which, it will be deidentified. Please note that we may retain your Personal Information for a longer period if it is necessary for us to comply with applicable law.
10. How can we modify this Privacy Policy?
We may revise this Privacy Policy from time to time and will post the most current version on our website. Accordingly, please visit this Privacy Policy regularly to check for any changes. Your use of the Services indicates that such updated terms and conditions are accepted and agreed by you.
11. How can you contact us?
If you have any questions, comments or concerns regarding this Privacy Policy and/or our practices, please send an e-mail to helpcenter@getmozo.com.
12. Representative for Data Subjects
We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:
- United Kingdom (UK)
- European Union (EU)
- Switzerland
Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase Personal Information). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://prighter.com/q/12015696620.