Privacy Policy
Last Updated 17th April 2026
MOLO App Ltd is committed to protecting your privacy. This Privacy Policy explains what personal data we collect when you use the MOLO service, how we use it, and what rights you have. Please read it carefully.
MOLO App Ltd is committed to protecting your privacy. This Privacy Policy explains what personal data we collect when you use the MOLO service, how we use it, and what rights you have. Please read it carefully.
1. Who We Are
MOLO App Ltd is a company incorporated in England and Wales (company number 15959344) with its registered office at 71-75 Shelton Street, Covent Garden, London WC2H 9JQ.For the purposes of UK data protection law, MOLO App Ltd is the data controller in respect of the personal data it processes about you.If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:
Email: support@wearemolo.com
Post: MOLO App Ltd, 71-75 Shelton Street, Covent Garden, London WC2H 9JQ
2. The Service We Provide
MOLO is a family organisation application, accessible via a website portal (wearemolo.com) and a mobile app available from the Apple App Store and Google Play. The Service helps families manage their shared calendar, events, tasks and reminders. Our current launch feature allows you to upload PDF or image files (for example, screenshots of emails or WhatsApp messages containing school letters, sports fixtures or activity information) into the MOLO app. We then extract the relevant information and convert it into calendar events in your MOLO family calendar. This avoids you having to manually enter dates and details. This Privacy Policy applies to the Service as it currently exists. We will update it before introducing new features that affect how we process your data.
3. What Personal Data We Collect
3.1 Information you give us
When you register and use the Service, you provide us with:
- Your name, email address, phone number and location (all stored in encrypted form)
- Family Group details, including the names and email addresses of adults you invite to your Family Group as well as all data related to your children which is encrypted.
- Content you upload to extract calendar events- this may include PDF files or images of letters, schedules, or messages
- Calendar events, tasks and reminders you create or edit within the Service
- Payment information if you subscribe to a Paid Plan- this is handled directly by Apple App Store or Google Play; we do not store your card details
3.2 Information about children
The Service is designed to help families organise activities that may involve children. You may choose to add details about your children's activities (for example, a school sports fixture), but we do not require or ask you to create separate accounts for children. Any information about your children that appears in content you upload is processed solely for the purpose of extracting and creating the relevant calendar event.You must be at least 18 years old to create an account. The Service is not directed at children and we do not knowingly collect personal data directly from children.
3.3 Information we collect automatically
When you use the Service, we collect certain technical information automatically, including:
- Your IP address
- Device information (device type, operating system version)
- Browser type and version (for the web portal)
- App usage logs, including timestamps and interactions within the app
- Crash reports and diagnostic data to help us fix technical issues
4. How We Use Your Personal Data
We use your personal data for the following purposes:
- Creating and managing your account- same, email, phone number, location (Contract)
- Providing the Service, including extracting calendar events- uploaded files, account data, children’s names, date of birth, setting name, setting location, year group and class name. (Contract)
- Processing subscription payments- Subscription tier; payment processed by Apple App Store and Google Play (Contract)
- Sending service communications- email address (Contract / Legitimate interests)
- Sending marketing emails if you opt in- email address, name (Consent)
- Improving and maintaining the Service - usage logs, analytics, crash reports, diagnostic data (Legitimate interests)
- Preventing fraud and ensuring security-IP address, device data, usage logs (Legitimate interests)
- Complying with legal obligations- as required by law (Legal obligation)
4.1 Processing your uploaded files
MOLO App Ltd is a company incorporated in England and Wales (company number 15959344) with its registered office at 71-75 Shelton Street, Covent Garden, London WC2H 9JQ.For the purposes of UK data protection law, MOLO App Ltd is the data controller in respect of the personal data it processes about you.If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:
Email: support@wearemolo.com
Post: MOLO App Ltd, 71-75 Shelton Street, Covent Garden, London WC2H 9JQ
2. The Service We Provide
MOLO is a family organisation application, accessible via a website portal (wearemolo.com) and a mobile app available from the Apple App Store and Google Play. The Service helps families manage their shared calendar, events, tasks and reminders. Our current launch feature allows you to upload PDF or image files (for example, screenshots of emails or WhatsApp messages containing school letters, sports fixtures or activity information) into the MOLO app. We then extract the relevant information and convert it into calendar events in your MOLO family calendar. This avoids you having to manually enter dates and details. This Privacy Policy applies to the Service as it currently exists. We will update it before introducing new features that affect how we process your data.
3. What Personal Data We Collect
3.1 Information you give us
When you register and use the Service, you provide us with:
- Your name, email address, phone number and location (all stored in encrypted form)
- Family Group details, including the names and email addresses of adults you invite to your Family Group as well as all data related to your children which is encrypted.
- Content you upload to extract calendar events- this may include PDF files or images of letters, schedules, or messages
- Calendar events, tasks and reminders you create or edit within the Service
- Payment information if you subscribe to a Paid Plan- this is handled directly by Apple App Store or Google Play; we do not store your card details
3.2 Information about children
The Service is designed to help families organise activities that may involve children. You may choose to add details about your children's activities (for example, a school sports fixture), but we do not require or ask you to create separate accounts for children. Any information about your children that appears in content you upload is processed solely for the purpose of extracting and creating the relevant calendar event.You must be at least 18 years old to create an account. The Service is not directed at children and we do not knowingly collect personal data directly from children.
3.3 Information we collect automatically
When you use the Service, we collect certain technical information automatically, including:
- Your IP address
- Device information (device type, operating system version)
- Browser type and version (for the web portal)
- App usage logs, including timestamps and interactions within the app
- Crash reports and diagnostic data to help us fix technical issues
4. How We Use Your Personal Data
We use your personal data for the following purposes:
- Creating and managing your account- same, email, phone number, location (Contract)
- Providing the Service, including extracting calendar events- uploaded files, account data, children’s names, date of birth, setting name, setting location, year group and class name. (Contract)
- Processing subscription payments- Subscription tier; payment processed by Apple App Store and Google Play (Contract)
- Sending service communications- email address (Contract / Legitimate interests)
- Sending marketing emails if you opt in- email address, name (Consent)
- Improving and maintaining the Service - usage logs, analytics, crash reports, diagnostic data (Legitimate interests)
- Preventing fraud and ensuring security-IP address, device data, usage logs (Legitimate interests)
- Complying with legal obligations- as required by law (Legal obligation)
4.1 Processing your uploaded files
When you upload a PDF or image file to extract calendar events, we process the content of that file to identify and extract date, time, and event information. This processing takes place automatically. We do not use the content of your uploaded files for any purpose other than extracting calendar events for you, and we do not use it to train artificial intelligence or machine learning models.
Where Uploaded files are not attached to an event, they are deleted from our systems within 30 days of upload, or sooner once extraction is complete. Where they are required to exist as source documents for events, they will remain in our systems for as long as the event is “active”.
5. How We Share Your Data
We do not sell your personal data. We do not share it with third parties for their own marketing purposes.We may share your data with the following categories of third parties, in each case only to the extent necessary:
Cloud hosting and storage: Technology and infrastructure providers. We use Google Cloud Platform (GCP) and Supabase, both hosted in the EU, to run the Service and store your data. These providers act as data processors on our behalf and are contractually bound to process your data only on our instructions and in accordance with UK GDPR requirements.
Account security: Authentication services. Supabase keeps a record of sign-in IP addresses for 7 days, and stores account information until the user requests deletion.
Crash reporting and diagnostics: We use Sentry (hosted in the EU) to identify and fix technical issues. Crash data, including device identifiers, is kept for up to 90 days.
Payment processing: Payments for Paid Plans are handled directly by the Apple App Store or Google Play, depending on the device you use, under their own terms. We do not receive, process, or store your card or payment details.
Email delivery: We use a third-party email service provider (Sendgrid) to send you account and service communications. Your name, email address, external event invitees, and event details are shared with them for this purpose only.
Product analytics: We use PostHog (hosted in the EU) to understand how the app is used and improve it over time. This includes information like which screens are visited, which features are used, and basic device details such as device type and operating system. We do not store IP addresses. Session recordings are kept for 30 days, after which they are automatically deleted. Other analytics data is kept for as long as your account is active, or until you request deletion.
Generative AI features: We use Google Cloud's Vertex AI (Model Garden) to power certain features within the app. Prompts, contextual information, and model outputs are processed solely to deliver these features and are not shared with any other third parties. Google does not use this data to train or improve its models. We take a data minimisation approach: only limited information is shared with the model, such as event details (for example, locations and class names) and MOLO-generated user identifiers. We do not share children's personal information with these services.In some cases, we use globally available models, which means processing may take place in any Google Cloud region. As soon as EU-hosted versions of these models become available to us, we will migrate with our best endeavours.
Legal and regulatory authorities: We may disclose your data where required by law, in response to a court order, or where we reasonably believe disclosure is necessary to protect the safety of our users or the public.
Business transfers: If MOLO App Ltd is subject to a merger, acquisition, or sale of assets, your personal data may transfer to the acquiring entity. We will notify you before this happens and the commitments in this Privacy Policy will continue to apply.
6. International Transfers
Some of our third-party service providers may process your data outside the United Kingdom. Where this occurs, we ensure that appropriate safeguards are in place, including UK-approved Standard Contractual Clauses or an adequacy decision by the UK Secretary of State, to ensure your data receives the same level of protection as it does under UK law.
7. How Long We Keep Your Data
Account data is retained for as long as you have an account with us, and for up to 30 days after account closure to allow you to export your data. After this period it is deleted, unless we are required by law to retain it longer.
Uploaded files used for calendar event extraction are deleted within 30 days of upload. Where they are required to exist as source documents for events, they will remain in our systems for as long as the event is “active”.
Calendar events, tasks and reminders you have created are deleted when you close your account (subject to the 30-day export window above).
Payment records may be retained for up to 7 years for tax and legal compliance purposes.
Technical and diagnostic data (logs, crash reports) is retained for up to 90 days.
If you opt in to marketing emails, we retain your details for that purpose until you unsubscribe or ask us to remove you.
8. Your Rights
Under the UK General Data Protection Regulation (UK GDPR), you have the following rights in relation to your personal data:
Access. Right of access.
You can request a copy of the personal data we hold about you.
Rectification. Right to rectification.
You can ask us to correct inaccurate or incomplete data.
Erasure. Right to erasure.
You can ask us to delete your personal data. You can also close your account directly in the app, which will trigger deletion in accordance with clause 7.
Restriction. Right to restrict processing.
You can ask us to limit how we use your data in certain circumstances.
Portability. Right to data portability.
You can ask us to provide your data in a structured, machine-readable format.
Object. Right to object.
You can object to processing based on our legitimate interests.
Withdraw consent. Right to withdraw consent.
Where we rely on your consent (for example, for marketing emails), you can withdraw it at any time by clicking the unsubscribe link in any marketing email or by contacting us.
To exercise any of these rights, please contact us at support@wearemolo.com. We will respond within one month of receiving your request, as required by law.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at any time:
Website: www.ico.org.uk
Helpline: 0303 123 1113
Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
9. Cookies and Tracking
We use cookies and similar technologies on the MOLO web portal to enable essential site functionality and to understand how users navigate the portal so we can improve it. Our full Cookie Policy is available at wearemolo.com/cookies.You can manage your cookie preferences through your browser settings or via our cookie consent tool on the portal. Disabling non-essential cookies will not affect your ability to use the core Service. The MOLO mobile app does not use browser cookies. We use device identifiers and usage logs as described in section 3 above.
10. Security
We take the security of your personal data seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. These include:
Encryption of data in transit (TLS) and at rest
Access controls limiting who can access personal data within our organisation
Regular security reviews of our systems and third-party providers
No system is completely secure. If you have concerns about the security of your account, please contact us immediately at support@wearemolo.com. In the event of a personal data breach that is likely to risk your rights and freedoms, we will notify you and the ICO as required by law.
11. Children
The Service is intended for adults aged 18 and over. We do not knowingly collect personal data directly from children. If you believe a child has provided us with personal data without parental consent, please contact us at support@wearemolo.com and we will take steps to delete that data.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable law. When we make material changes, we will notify you by email or prominent in-app notification at least 30 days before the changes take effect, consistent with our Terms and Conditions. The "last updated" date at the top of this policy will always reflect the most recent version.
Your continued use of the Service after any update constitutes your acceptance of the revised Privacy Policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please contact us:
MOLO App Ltd
71-75 Shelton Street, Covent Garden, London WC2H 9JQ
General support: support@wearemolo.com
Website: wearemolo.com
Where Uploaded files are not attached to an event, they are deleted from our systems within 30 days of upload, or sooner once extraction is complete. Where they are required to exist as source documents for events, they will remain in our systems for as long as the event is “active”.
5. How We Share Your Data
We do not sell your personal data. We do not share it with third parties for their own marketing purposes.We may share your data with the following categories of third parties, in each case only to the extent necessary:
Cloud hosting and storage: Technology and infrastructure providers. We use Google Cloud Platform (GCP) and Supabase, both hosted in the EU, to run the Service and store your data. These providers act as data processors on our behalf and are contractually bound to process your data only on our instructions and in accordance with UK GDPR requirements.
Account security: Authentication services. Supabase keeps a record of sign-in IP addresses for 7 days, and stores account information until the user requests deletion.
Crash reporting and diagnostics: We use Sentry (hosted in the EU) to identify and fix technical issues. Crash data, including device identifiers, is kept for up to 90 days.
Payment processing: Payments for Paid Plans are handled directly by the Apple App Store or Google Play, depending on the device you use, under their own terms. We do not receive, process, or store your card or payment details.
Email delivery: We use a third-party email service provider (Sendgrid) to send you account and service communications. Your name, email address, external event invitees, and event details are shared with them for this purpose only.
Product analytics: We use PostHog (hosted in the EU) to understand how the app is used and improve it over time. This includes information like which screens are visited, which features are used, and basic device details such as device type and operating system. We do not store IP addresses. Session recordings are kept for 30 days, after which they are automatically deleted. Other analytics data is kept for as long as your account is active, or until you request deletion.
Generative AI features: We use Google Cloud's Vertex AI (Model Garden) to power certain features within the app. Prompts, contextual information, and model outputs are processed solely to deliver these features and are not shared with any other third parties. Google does not use this data to train or improve its models. We take a data minimisation approach: only limited information is shared with the model, such as event details (for example, locations and class names) and MOLO-generated user identifiers. We do not share children's personal information with these services.In some cases, we use globally available models, which means processing may take place in any Google Cloud region. As soon as EU-hosted versions of these models become available to us, we will migrate with our best endeavours.
Legal and regulatory authorities: We may disclose your data where required by law, in response to a court order, or where we reasonably believe disclosure is necessary to protect the safety of our users or the public.
Business transfers: If MOLO App Ltd is subject to a merger, acquisition, or sale of assets, your personal data may transfer to the acquiring entity. We will notify you before this happens and the commitments in this Privacy Policy will continue to apply.
6. International Transfers
Some of our third-party service providers may process your data outside the United Kingdom. Where this occurs, we ensure that appropriate safeguards are in place, including UK-approved Standard Contractual Clauses or an adequacy decision by the UK Secretary of State, to ensure your data receives the same level of protection as it does under UK law.
7. How Long We Keep Your Data
Account data is retained for as long as you have an account with us, and for up to 30 days after account closure to allow you to export your data. After this period it is deleted, unless we are required by law to retain it longer.
Uploaded files used for calendar event extraction are deleted within 30 days of upload. Where they are required to exist as source documents for events, they will remain in our systems for as long as the event is “active”.
Calendar events, tasks and reminders you have created are deleted when you close your account (subject to the 30-day export window above).
Payment records may be retained for up to 7 years for tax and legal compliance purposes.
Technical and diagnostic data (logs, crash reports) is retained for up to 90 days.
If you opt in to marketing emails, we retain your details for that purpose until you unsubscribe or ask us to remove you.
8. Your Rights
Under the UK General Data Protection Regulation (UK GDPR), you have the following rights in relation to your personal data:
Access. Right of access.
You can request a copy of the personal data we hold about you.
Rectification. Right to rectification.
You can ask us to correct inaccurate or incomplete data.
Erasure. Right to erasure.
You can ask us to delete your personal data. You can also close your account directly in the app, which will trigger deletion in accordance with clause 7.
Restriction. Right to restrict processing.
You can ask us to limit how we use your data in certain circumstances.
Portability. Right to data portability.
You can ask us to provide your data in a structured, machine-readable format.
Object. Right to object.
You can object to processing based on our legitimate interests.
Withdraw consent. Right to withdraw consent.
Where we rely on your consent (for example, for marketing emails), you can withdraw it at any time by clicking the unsubscribe link in any marketing email or by contacting us.
To exercise any of these rights, please contact us at support@wearemolo.com. We will respond within one month of receiving your request, as required by law.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at any time:
Website: www.ico.org.uk
Helpline: 0303 123 1113
Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
9. Cookies and Tracking
We use cookies and similar technologies on the MOLO web portal to enable essential site functionality and to understand how users navigate the portal so we can improve it. Our full Cookie Policy is available at wearemolo.com/cookies.You can manage your cookie preferences through your browser settings or via our cookie consent tool on the portal. Disabling non-essential cookies will not affect your ability to use the core Service. The MOLO mobile app does not use browser cookies. We use device identifiers and usage logs as described in section 3 above.
10. Security
We take the security of your personal data seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. These include:
Encryption of data in transit (TLS) and at rest
Access controls limiting who can access personal data within our organisation
Regular security reviews of our systems and third-party providers
No system is completely secure. If you have concerns about the security of your account, please contact us immediately at support@wearemolo.com. In the event of a personal data breach that is likely to risk your rights and freedoms, we will notify you and the ICO as required by law.
11. Children
The Service is intended for adults aged 18 and over. We do not knowingly collect personal data directly from children. If you believe a child has provided us with personal data without parental consent, please contact us at support@wearemolo.com and we will take steps to delete that data.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable law. When we make material changes, we will notify you by email or prominent in-app notification at least 30 days before the changes take effect, consistent with our Terms and Conditions. The "last updated" date at the top of this policy will always reflect the most recent version.
Your continued use of the Service after any update constitutes your acceptance of the revised Privacy Policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please contact us:
MOLO App Ltd
71-75 Shelton Street, Covent Garden, London WC2H 9JQ
General support: support@wearemolo.com
Website: wearemolo.com
The support system
for your family’s modern load™
for your family’s modern load™
.png)
Copyright © 2026. MOLO App Ltd