Privacy policy

Last updated: 2 May 2025

This Privacy Policy (“Policy”) describes the processing and protection of your personal data and related information (“Personal Data”) by us where related to your use of our Site or Services. This Policy together with our Terms of Use shall constitute one document (collectively, “Agreement”).

The controller is Molfar Limited, a company located at 20 Wenlock Road, London, England, N1 7GU (“we”, “us”, or “our”) operates this website molfar.com (“Site”). Any capitalized term used in this Policy without description designated to it shall have the meaning ascribed to it in our Terms of Use or related applicable Law(s) where this Policy refers.

Using the Site or Services, you accept and agree to this Policy entirely and consent to the collection, use, disclosure, transfer, storage, and protection of Personal Data as described in this Policy. You should check this Policy periodically to keep updated with the latest changes, as we reserve the right to alter or replace this Policy at any time at our discretion and without any notice or warning. The latest version is effective as of the last updated date indicated above. If there are any terms in this Policy that you do not agree with, you shall not use of our Site and/or Services.

1. Definitions and interpretations

“Data Laws” – means the laws applicable to you regarding your use of the Site or the Services: (i) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”), or (ii) UK’s Data Protection Act 2018 and the UK’s Retained GDPR, or (iii) California Consumer Privacy Act, or (iv) Virginia Consumer Data Protection Act.

“US Data Laws” – means the laws applicable to you as for resident of Virginia, USA, or California, USA.

2. Lawful Basis for Personal Data Processing

Our lawful basis for processing Personal Data is “contract”, meaning for the purposes of performing a contract to provide the Services to you, or for taking steps prior to entering into a contract. Where this is not appropriate, we obtain the relevant consents from you and consent is the lawful basis. Where neither contract nor consent is appropriate, legitimate interests is the lawful basis.

3. Collecting data

We collect information about you directly from you and automatically through your use of our Site or Services. When you are asked to provide information, you can refuse. If you refuse to provide Personal Data or any parts of them, and/or disable cookies on the Site, you may face a significant reduction in the quality of Services, including your inability to obtain some or all of our Services.
Please note that our Site and Services are not intended for persons under 18 years of age. We do not knowingly collect any information relating to children under 18 years of age. If we discover that a child under 18 has provided us with his/her personal data, or we have otherwise come into possession of the personal information of a child, we will promptly delete such information related to such person from our system.

We collect data when you communicate with us:
‍- your full name, phone number, and email address directly from you when you complete contact form on the Site;
‍- your email address when you sign up to receive news or updates from us;
‍- any other information you provide to us including records of correspondence, and you should be aware that we monitor and may record telephone calls and written correspondence for training and security purposes.
If you provide feedback or testimonials to us, or take part in any customer survey, or participate in events, promotions, product, feature or service launches, or competitions, we will collect any information you provide.

We collect data when you use our Site or Services

If you are browsing our Site we will collect different data on your behavior and devices, some of which may be considered Personal Data:
- Any information you provide to us or upload to our Site at any time;
-Your IP address assigned to your computer/device by your Internet Service Provider;
- Anonymized data (analytics) about how you use our Site, which we collect using cookies and related technologies.

Information we collect automatically through the Site

We automatically collect information about you through your use of our Site, including but not limited to listed below:
- Log information which may include your IP address, the type of browser you are using, information about the device you are using, domain name, the website that led you to our Site, the website to which you go after leaving our Site, your location (such as city or country), and the dates and times you access our Site.
-Usage information, such as patterns of user behavior, number of pages viewed, search histories or any communication logs if applicable.
‍
Please see our Cookies section below for more information.

4. Retaining and storing your data

We will only keep your Personal Data for as long as it is necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law. When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymize it, or if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible. Notwithstanding anything to the contrary, we shall have the right to retain some of the data to the extent such retention is necessary to enforce our terms or policies, and comply with technical and legal requirements and constraints related to the security, integrity and operation of our Site or Services and international law enforcement, regulatory requests, or matters of dispute.

We are storing your Personal Data on our servers in the European Union and/or USA. If you are a resident of the European Economic Area (“EEA”), please be informed that we may transfer your data outside of the EEA to other countries. By submitting your Personal Data to us as a resident of EEA, you agree to any such transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.

5. Using your data

We use the information we collect about you:
- to provide and maintain our Site and Services and to fulfil your requests for our products and Services;
- to improve our Site and Services;
- to develop new features, programs, products, or services and to offer these to you from us, our affiliates that we believe may be of interest to you;
- to perform technical operations, such as updating our Site and systems;
- to communicate with you and respond to your enquiries;
- to provide you with news and newsletters, special offers, promotions, and other information from ourselves and our affiliates, which we think may interest you;
- for other informational, marketing, or promotional purposes. Our communications with you may include communications via email.
- to notify you when we make changes to our terms or policies if necessary;
- to otherwise enforce or exercise any rights in our terms and policies;
- to analyze how you interact with our Site;
- to monitor and analyze usage and activity trends;
- for other research, analytical, and statistical purposes;
- to protect our safety, rights, property, or security, the Services, or any third party;
- to detect, prevent, or otherwise address fraud, security, or technical issues;
- to prevent or stop an activity which we, in our sole discretion, may consider to be illegal, unethical, or unlawful (or which we are informed about from any other source, including law enforcement, or third parties);
- to use as evidence in litigation or any other civil dispute or criminal matter;
- to enforce this Policy or our Terms of Use or other policies which apply to your use of the Site and/or Services, which you have agreed to comply with; and- to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority.

We use non-personal (aggregate) information we collect about you:
- to improve the design, functionality, and content of our Site;
- to provide, maintain, personalize, protect, improve, and develop our products, programs, and services and to operate our business; and
- to analyze usage and performance of our Site and for other research, analytical, and statistical purposes.

6. Sharing your data

We may disclose your information as described in this Policy or where it is required or permitted by applicable Data Laws.

Sharing to third party service providers

We share your personal information with our vendors, service providers, agents, or others who perform functions on our behalf in order to provide the Site to you, including third parties who assist us with information processing, managing and hosting data.

Sharing for corporate activity purposes

Sharing for corporate activity purposesAs we continue to develop our business, we may sell or buy assets. In such transactions, the information we have collected about you will generally be one of the transferred business assets. In the event that any of our companies or assets are purchased, your information will also be one of the transferred assets. We may share information about you with:
- other companies in the same corporate group as us;
- a buyer or prospective buyer of our business;
- our professional advisers, such as our lawyers, where it is necessary for them to advice;
- other persons if we are under a duty to disclose or share your information in order to comply with any legal obligation.

Sharing for protection of rights and interests

We may disclose your information to protect the safety, rights, property, or security of our business, the Services, any third party, or the general public; to detect, prevent, or otherwise address fraud, security, or technical issues, or loss, or risk to life, or threat of serious harm; to prevent or stop activity which we, in our sole discretion, may consider to be, or to pose a risk of being, an illegal, unlawful, or unethical; to use as evidence in litigation; and to enforce this Policy or our Terms of Use.

Sharing for legal or regulatory compliance

We may be required by law, e.g. through potential or actual litigation, court order, public or governmental authorities, or rules and regulations within or outside your country of residence to disclose all or part of your information to third parties. We may also determine it necessary to make such a disclosure in the event of an issue of national security, law enforcement or other such similar situations as we deem necessary including, for example, allegations of alleged infringement of copyright, trademarks or other third-party rights, or investigating any fraudulent or other activity which is in potential violation of any laws or regulations anywhere in the world.

Sharing of aggregate and anonymized information

We may disclose aggregate, anonymous, or deidentified information about you for marketing, advertising, research, compliance, or other purposes.

7. Marketing and Communications

We may use your information with our affiliates to develop and deliver advertising to you of our products, services, news, and offers including by contacting you through your email address that you have provided. Any email communication received from us, as consented to by you, will clearly state that it is being sent by us. You have the option to opt-out of our marketing communications at any time.
If you have changed your mind about the marketing consent you have granted to us, you can follow the opt out procedures contained in any marketing email, or you can opt out by emailing us at info@molfar.com. Please be aware that it may take up to ten (10) business days for us to process opt-out requests.
If you request to opt out of our marketing or communication emails, please be aware that opting out of marketing emails will not impact upon email communications you may continue to receive which are relevant to any other Services you have requested to receive from us, or which are required in order to communicate with you regarding any support, response, regulatory, legal or other permitted use as described in this Policy.

8. Safeguarding and security

Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Site and any transmission is at your own risk. We take reasonable administrative, physical, and electronic measures designed to safeguard and protect your information from unauthorized access or disclosure. Although we use commercially reasonable efforts to safeguard the privacy of your information, transmissions on the Internet cannot be made absolutely secure. In addition, some information is required to be disclosed to third party service providers to ensure the provision of Services to you. We assume no responsibility or liability for disclosure of any of your information due to errors in transmission, unauthorized third-party access, or other causes beyond our reasonable control.
Our Site/Services may contain links to third-party websites and applications. Any access to and use of such linked websites and applications is not governed by this Policy but instead is governed by the privacy policies of those third parties. We are not responsible for the information practices of such third-party websites or applications and you should use caution and closely review any privacy policies applicable to any third-party websites or applications that may be linked to through our Site or Services.

9. Your rights

Data Laws give you a number of rights that you are free to exercise at any time regarding any Personal Data you have provided to us, and we generally apply the rights afforded by the GDPR, even if you are not resident in Europe. We will respond to requests to access or delete your Personal Data promptly and in any case within the time limits set by applicable Data Laws (if applicable to us in your case).
We may require you to provide identification that you are truly the person to whom the Personal Data relates, as we need to be certain before making any changes to someone’s Personal Data that it is your information. If identification documents are requested as part of the process, that document will only be collected, stored, and processed by us for the sole purpose of confirming your identity in response to your request, and upon completing your request we will delete it.
Where any rights exercised by you result in you seeking to object to us processing your Personal Data or otherwise deleting your Personal Data, then in order to ensure we do not process any personal information of yours in the future, we will retain your email address in our opt-out list and delete or anonymize all other information held.
Sometimes we need to keep a record of some data for security purposes (for example, to assist law enforcement agencies with any criminal investigations or other regulatory authorities or dispute matters), even if you have requested the removal of your data. Any such data retained will only be used for these limited purposes.

Right to access Personal Data:

You have the right to request a copy of the Personal Data that we hold about you. To obtain a copy of your Personal Data, please email info@molfar.com. You have to include in such a request your name, email address and any relevant information to help us locate your information. Upon receipt of your request and following verification of your identity if required by us to process your request, we will endeavor to provide the information that we are permitted to share (which may be redacted if it includes personal data of another person) to you within 30 days (or sooner if required by Data Laws). If you seek to make multiple requests within a short time period, we shall have the right to charge an appropriate fee to cover the cost of our response to such multiple access requests.

Right to amend/correct Personal Data:

You have the right to make sure our records are up to date and accurate, and in some countries Data Laws require us to allow you to correct or amend your personal data. To request a correction or amendment to your Personal Data, please email info@molfar.com. You have to include in such a request your name, email address and any relevant information to help us locate your information. Upon receipt of your request and following verification of your identity if required by us to process your request, we will review the changes you wish to make, and within a reasonable time period (or earlier if required by Data Laws) we will ensure that your personal information held is corrected/updated/amended in line with your request, and then may inform you of this upon completion.

Objecting to processing of Personal Data:

You have the right and can freely contact us at any time stating that you request us to stop processing your Personal Data if you want to revoke any prior consent to Personal Data processing. Please email info@molfar.com with your name, email and any information about how your Personal Data is being processed by us and details of your request to object to the processing of that information. Upon receiving a notice from you, we will promptly stop processing your Personal Data (subject to retention explained in this Section 9). In order to ensure we do not process any personal information of yours in the future, we will retain your email address in our opt-out list and delete or anonymize all other information held.

Right to delete your Personal Data:

You can request that we remove and delete your Personal Data. We treat any request to destroy Personal Data as a request to delete all such Personal Data in full. Unless you expressly specify otherwise, we will assume that you wish to remove your Personal Data entirely, subject to the data retention explained in this Section 9. Please email info@molfar.com with your name, email and any information about how your Personal Data is being processed by us and details of your request to object to the processing of that information. Upon receipt of your request and following verification of your identity, if required by us to process your request, we will take all reasonable and practical steps to remove your Personal Data from our possession.

Additional rights (for residents of UK or EU only)Right to “be forgotten”

This right is for the erasure of your personal data, and is for residents of the UK and EU only. Please email info@molfar.com with your name, email and any relevant additional information to enable us to process your request.Right to data portability. This right allows you to receive personal information in a structured, commonly used, and machine-readable format and is for residents of the UK and EU only. Please email info@molfar.com with your name, email and any relevant additional information to enable us to process your request.

10. Cookies

We, or third-party service providers acting on our behalf, may collect information about your computer or mobile device by using Cookies. Cookies are small text files that are placed on your computer by websites that you visit and provide statistical data to us, that does not identify you personally but tell us about your browsing behaviors to tailor your user experience to suit your needs. We use cookies to enhance our security, help us gather information to understand our web traffic trends. When you visit the Site, a session ID cookie is placed on your computer that only lasts while you’re visiting.
Using cookies enables us to: estimate our audience size and usage pattern; store information about your preferences, and so allow us to customize our Site and Services according to your individual interests; speed up your user experience; recognize you when you return to our Site; help improve the services we provide to you; provide anonymized statistical information. Non-personal data may be gathered on our behalf using cookies, log file data, and code that is embedded on our Site by specific third-party partners (e.g., Google, Microsoft, Hotjar, Cloudflare, Facebook, TikTok, or LinkedIn).
You have the right to choose whether or not to accept cookies. However, if you choose to refuse cookies, you may not be able to use the full functionality of our Site or Services. Please note that even when you reject all or just ignore cookies setting request, we will be steel use strictly necessary cookies – sea our cookie banner for more detail. You can also amend your cookie settings by following your device instructions and preference settings, or your browser settings. Further information about cookies, including how to see what cookies have been set on your device/browser and how to manage and delete them, you can find visitin www.aboutcookies.org and www.youronlinechoices.eu.

Detailed cookie usage. We may use the following cookies with the functions and purposes explained below:

Analytics and research.
To improve your experience on our Site, we keep track of what pages and links are popular and which ones do not get used so much to help us keep our Site relevant and up to date. It’s also very useful to be able to identify trends of how people navigate (find their way through) our Site and if they get error messages from web pages. This group of cookies, often called “analytics cookies,” is used to gather this information. These cookies do not collect information that identifies you. We use the information collected by Google Analytics, Hotjar, and Microsoft Clarity to compile reports and to help us improve the Site. The information collected is anonymous and is grouped with the information from everyone else’s cookies (e.g., the number of visitors to the Site, where visitors have come to the Site from and the pages they visited). We can then see the overall patterns of usage rather than any one person’s activity. We use these tools to help us understand use of, and to improve, our Site, Services, performance, and user experiences.
You can opt-out of Google Analytics here https://tools.google.com/dlpage/gaoptout. Please note, if you have disabled cookies on the browser, Microsoft Clarity doesn’t set cookies.
You can also opt-out of Hotjar here: https://help.hotjar.com/hc/en-us/articles/115011789248-Cookies-on-hotjar-com. If you have cookies disabled, you won’t be tracked by any website using Hotjar.
Security and Site integrity.
We may use cookies and other devices, such as CSRF, CAPTCHAs, to help keep the Site safe and secure by protecting it from fraud and spam attacks to keep your data safe.
Site features and Services.
These cookies allow our Site to remember choices you make, such as your language or region and they provide improved features. These cookies will help to remember your preferences and settings, including marketing preferences, remembering if you’ve filled in certain forms, so you’re not asked to do it again, remembering if you’ve been to the Site before, etc. The third party who places cookies on your device is responsible for how they process their data you should always read their privacy policies including Facebook, LinkedIn and TikTok whose own privacy policies apply.
Performance.
We need to use certain cookies and local storage devices to ensure the best possible experience, such assisting with your navigation of our Site, ensuring pages load up quickly and respond faster to your requests.

Do Not Track Signals

‍Our Site do not respond to Do Not Track signals. You may, however, disable certain tracking as discussed in the Cookies and Other Tracking Mechanisms section above (e.g., by disabling cookies).

11. Our information

Company name: Molfar Limited
Registered office address: 20 Wenlock Road, London, England, N1 7GU
Our email: info@molfar.com

Notice to residents of California, USA and Virginia, USA (“Notice”)

This Notice applies only to individuals who are residents of California or people who live in Virginia. This Policy sets out above the types of personal information we collect, store, and process, as well as the purposes for which we perform this (Sections 3 to 6).

Personal Information collected.

In addition to the information provided in this Policy at Section 3, this Notice further details important information related to categories of personal information collected, what personal information is collected, and the sources of that personal information.

Categories of Personal Information Collected.

We collect identifiers (“Identifier Data”), internet or other electronic network activity information (“E-Data”), geolocation data (“Location Data”) and Employment-related information (“Employment Data”). Please note that under Virginia state laws, personal data does not include information that is publicly available. We do not collect sensitive personal information as defined by US Data Laws. In addition to any information stated in Section 3 of this Policy, we can provide the following details:

Identifier Data may include full names, email addresses, IP addresses, device identifiers, business emails, job titles and company or employer information, business mailing addresses.
E-Data may include data related to how you interact with our Site or Services (as defined in our Policy) over the internet and across your devices.
Location Data may be physical location data derived from IP addresses or business location addresses.Employment Data may include business email addresses, job titles and employer names or business names.
‍

Sources of the personal information collected.

In addition to anything else stated within this Policy, the sources of personal information collected are:

Identifier Data may be sourced directly or indirectly from (i) you, or (ii) your activity on our Site.
E-Data may be sourced directly and indirectly from your activity on our Site.
Location Data may be sourced directly or indirectly from (i) you, or (ii) your activity on our Site.
Employment Data may be sourced from you.

Purpose of personal information collection.

Section 5 of our Policy sets out the purposes of collection, and we will not collect personal information for any purpose other than those disclosed to you within this Policy.Sharing your personal information. How we share your personal information is set out in Section 6 of this Policy. For purposes of US Data Laws, we do not sell your personal information.

Sharing your personal information.

How we share your personal information is set out in Section 6 of this Policy. For purposes of US Data Laws, we do not sell your personal information.

Retaining your data.

US Data Laws require us to share information with you about our data retention periods, ensuring that we are minimizing the amount of time we are holding your personal information and limiting this to as long as is necessary. We fully describe our data retention policy in Sections 4 and 10 of this Policy.

‍Automated decision making/profiling/targeted advertising. We do not use automated decision making or profiling or targeted advertising.

You have the right to obtain from us access to the information we hold on you, and you are entitled to know if we have shared that information with any third parties. You are entitled to request us to correct your personal information and/or provide you with a copy of it in a machine-readable format. If you would like to request this information, please submit your request by emailing info@molfar.com. It is important for us to ensure that the person making the request is really you, and we will contact you to let you know what else we need from you before we send you a copy of your personal information, which currently involves providing us with photographic identification (which is used for the purpose of verifying your identity and is not otherwise used or stored by us). You are entitled to receive a response from us within 45 days. Any disclosures made by us will only cover a period of 12 months prior to the date of the request and you may only make a request for access to, or for data portability, twice within any 12-month period – any additional requests will be at our discretion to process.
You have the right to ask us to delete all the personal information we hold on you. If you would like to request the deletion of your information, please submit your request by emailing info@molfar.com. It is important for us to ensure that the person making the request is really you, and we will contact you to let you know what else we need from you before we send you a copy of your personal information, which currently involves providing us with photographic identification (which is used for the purpose of verifying your identity and is not otherwise used or stored by us). You are entitled to receive a response from us within 45 days.
Please note that your right to access and right to deletion are not absolute and are subject to certain exceptions. For instance, we cannot disclose specific pieces of personal information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of the personal information, or the security of our systems or networks. Further, we may be entitled to retain certain information in order for us to provide Services contemplated at the time your information was collected and which can be reasonably anticipated, to assess and detect and prevent any security incidents or malicious, fraudulent or otherwise illegal or unlawful activity, to comply with any additional laws, for scientific or analytical research if so permitted, to comply with obligation placed upon us by any court, government or regulatory authority, to assist law enforcement, or to make any other internal uses of the information what remain compatible with the purposes for which it was initially collected.
You have the right to understand how we share/sell your personal information (as described in this Policy), and importantly, you have the right to opt out of having your personal information sold or shared as defined by the US Data Laws. Please follow the instructions on our dedicated opt out page here «Limit/Do Not Sell/Share My Personal Information». We must act upon your opt-out request within 15 days, and we must inform any third parties that you have opted out. Your right to opt-out of the sale of information is not retroactive, and we will not undo, reverse, or otherwise attempt to alter any sharing previously done.
All our sharing activities are detailed in this Policy, however, there are some specific legalities of note for Virginia and California residents. (a) Virginia residents: We do not sell your personal information per the definition of “sell” under Virginia state law. Virginia state law provides exceptions for sharing personal information meaning that, if you opt-out of data sharing, we do not need to honor that opt out, if we require to disclose your information in the following permitted ways (i) to a third party acting as a data processor for us e.g. hosting or data analytics service providers (ii) to a third party for purposes of providing a product or service that you have requested we/they provide to you, (iii) to our affiliate companies, (iv) if the information is information you have intentionally made available to the general public via a mass media channel and did not restrict such information to a specific audience e.g. information which is publicly available through such platforms, and (v) as part of a merger, acquisition or such similar corporate transaction.(b) California residents. We do not sell your personal information; however, we do share it as disclosed in this Policy.
You have the right to appoint an authorized agent to submit a request to opt-out of the sale of personal information on your behalf if you provide the authorized agent’s written permission to do so. If you use an authorized agent to submit a request, he or she must provide their name, email address, phone number, and written permission from you that includes your contact information. We will contact you using the information provided and verify your identity directly with us. We cannot respond to your request to provide additional disclosures or delete any personal information if we cannot verify your identity and the authorized agent’s authority to make the request on your behalf. Written permission is not required if the agent provides proof of power of attorney pursuant or you are submitting the request on behalf of your minor child.
You have the right to not be discriminated against by us for exercising your rights, and we do not discriminate against any person, although you understand that it may not be possible for us to provide the Services if we don’t have access to certain information that is required to ensure the Services can be properly provided to you.
Appealing a decision we’ve made (Virginia residents only). You may have the right to appeal our refusal of any data request you make through an appeal process. To appeal our refusal to provide the information (if this ever occurs), please write to us at info@molfar.com. We are legally obligated to respond within 60 days to you. If we do not accept your appeal, you will then be entitled to escalate the matter by the submitting a complaint to the Virginia Attorney General’s office by mailing mailoag@oag.state.va.us or writing to 202 North Ninth Street, Richmond, VA 23219. We cannot guarantee these details are accurate and if you require to contact the AG Office, please double check all contact information.

US Data Laws give you certain rights if you live in California or Virginia which may include the following rights (depending on whether you live in California, USA or Virginia, USA):