MUMlY GDPR Privacy Policy

Last updated: 8 December 2025

MUMly GDPR PRIVACY POLICY
Last Updated: January 2026

Registered office: 124 City Road, London EC1V 2NX
Company No: 15322962

INTRODUCTION

This Privacy Policy describes how Mumly Careers Ltd (“Mumly”, “We”, “Us”) collects, uses, stores, shares, and protects your personal data when you use the Mumly Platform.

Mumly operates:

– Mumly Careers

– Mumly Marketplace

– Mumly Health & Wellness

– Mumly Beauty

– Mumly Parties

– Mumly Cleaners

– Mumly Deals

We are committed to safeguarding personal information and complying with:

– UK GDPR

– Data Protection Act 2018

– PECR (Privacy and Electronic Communications Regulations)

DATA CONTROLLER

Mumly Careers Ltd 

124 City Road, London, EC1V 2NX 

Email: support@mumly.co.uk

 

OUR DATA PROTECTION PRINCIPLES

We ensure that personal data is:

– processed lawfully, fairly, transparently 

– collected for specific, legitimate purposes 

– limited to what is necessary 

– accurate and kept up to date 

– stored securely 

– retained only as long as needed

DATA WE COLLECT

We collect the following types of data:

  1. Identity Data

Includes username, email address, year of birth, gender (optional), and account information.

  1. Contact Data

Email address, postcode (optional), business contact details for vendors/employers.

 

  1. Technical Data

IP address, device identifiers, browser information, cookies, login logs.

  1. Usage Data

Pages visited, clicks, searches, time on site, interactions with tools.

  1. Profile Data

Preferences, interests, saved jobs, saved listings, Vendor or Employer profile information.

  1. Communications Data

Messages sent via the platform, email interactions, customer support messages.

  1. Vendor or Employer Business Data

Business name, company number, DBS/insurance confirmations (where applicable).

  1. Special Category Data

We do NOT request special category data. 

If users include such information voluntarily (e.g., in posts), it is processed under explicit consent.

HOW WE COLLECT DATA

We collect personal information through:

– direct user interactions 

– account creation 

– job or vendor applications 

– browsing behaviour and cookies 

– messages sent on the Platform 

– employer or vendor onboarding 

 

LAWFUL BASIS FOR PROCESSING

We rely on:

– Consent 

– Contract 

– Legitimate Interest 

– Legal Obligation 

– Vital Interests (in safeguarding cases)

HOW WE USE YOUR DATA

We use personal data for the following purposes:

  1. Account Creation & Management

– To register accounts for Candidates, Employers, and Vendors

– To provide login access, security checks, and support

  1. Service Delivery

– To enable job applications

– To enable vendor listings and bookings

– To process employer and vendor onboarding

– To allow communication between users

  1. Personalisation

– To recommend jobs, listings, services, or vendors based on interests

– To tailor content shown on the Platform

  1. Communication

– Service emails (account notices, password resets, updates)

– Customer support

– Optional marketing communications (only with consent)

  1. Platform Safety & Integrity

– Fraud prevention

– Misconduct investigations

– Safeguarding of children and vulnerable adults

– Escalation to Mumly Impact CIC safeguarding team where necessary

  1. Analytics & Improvements

– Monitoring platform performance

– Measuring engagement and user experience

– Developing new features

  1. Legal Compliance

– HMRC obligations

– Safety disclosures

– Responding to law enforcement requests where legally required

COOKIES & TRACKING TECHNOLOGY

Mumly uses cookies and similar technologies for:

– authentication

– analytics

– personalisation

– security

– performance optimisation

Users may adjust cookie preferences at any time through browser settings.

SHARING YOUR DATA

We share user data only when necessary:

  1. Employers

Candidate data is shared with Employers when Candidates apply for roles.

  1. Vendors

Customer details are shared with Vendors for confirmed bookings.

  1. Service Providers (Processors)

Examples include:

– hosting providers

– payment processors

– messaging tools

– analytics platforms

  1. Safeguarding Agencies

When there is a credible risk of harm, Mumly may share limited data with:

– safeguarding authorities

– Mumly Impact CIC

– law enforcement (where required)

  1. Legal Obligations

We may disclose information to meet:

– regulatory requirements

– court orders

– fraud investigations

DATA RETENTION

We keep data only as long as necessary:

– Candidate accounts: active duration + 24 months inactivity

– Employer and Vendor data: active duration + 6 years (for compliance)

– Messages: stored for service delivery, removed when accounts close

– Backups: retained temporarily for security

Users may request deletion at any time.

YOUR RIGHTS (UK GDPR)

You have the right to:

– access your data

– correct inaccuracies

– request deletion (right to be forgotten)

– restrict processing

– object to processing

– data portability

– withdraw consent at any time

To exercise any rights, contact: support@mumly.co.uk

CHILDREN’S DATA

Mumly is designed for adults (18+). 

We do not knowingly collect or process data from minors.

If accidental data is received, it will be deleted promptly.

Part 3 will complete the document.

INTERNATIONAL TRANSFERS OF DATA

Mumly stores data primarily in the UK and the EEA. 

However, some service providers operate internationally.

Where data is transferred outside the UK/EEA, we ensure:

– adequacy regulations apply, OR

– Standard Contractual Clauses (SCCs) are in place, OR

– equivalent safeguards approved by the ICO are implemented.

We never transfer data without a lawful basis and appropriate protections.

DATA SECURITY

We use multiple safeguards to protect personal data:

– encryption in transit and at rest

– secure servers with restricted access

– multi‑factor authentication for administrative systems

– regular security audits and monitoring

– incident response procedures

 

Despite these measures, no system is 100% secure. 

Users should take care when sharing personal information online.

 

If a data breach occurs:

– we will notify affected users promptly

– we will report to the ICO where legally required

– we will cooperate with investigations

THIRD PARTY LINKS

The Platform may contain links to websites we do not control. 

We are not responsible for:

– their privacy practices

– their content

– their data handling

Users should review external privacy notices before providing personal data.

AUTOMATED DECISION MAKING & PROFILING

Mumly may use automated tools to:

– recommend jobs or listings

– personalise platform content

– detect fraud or suspicious activity

We do NOT make legally significant decisions about users solely through automation.

Users may request human review of automated decisions where applicable.

CHANGES TO THIS POLICY

Mumly may update this Privacy Policy from time to time. 

Significant changes will be announced on the Platform.

Continued use of the Platform after updates constitutes acceptance.

CONTACT DETAILS

For all privacy‑related enquiries, data requests, or complaints:

Email: support@mumly.co.uk 

Address: Mumly Careers Ltd 

124 City Road 

London 

EC1V 2NX 

 

To escalate a complaint, users may contact: 

Information Commissioner’s Office (ICO) 

www.ico.org.uk 

0303 123 1113

Who We Are

Mumly Group (“Mumly”, “we”, “us”, “our”) is a family-focused online marketplace connecting parents to trusted vendors, flexible work, childcare services, clubs, travel providers, wellness professionals, and learning opportunities.
We operate through Mumly Careers Ltd and Mumly Impact CIC. We are the data controller for all personal data collected on our platforms. Contact: support@mumly.co.uk. We are registered (or will register) with the ICO under UK GDPR.

  1. What Data We Collect
    • General users: name, email, device info, IP, cookies, preferences.
    • Parents: name, postcode, children’s ages, bookings, payment details (via processors).
    • Vendors: contact, business, billing, listings, communications, reviews.
    • Jobseekers: CV, history, skills, right-to-work (if provided), interview notes.
    • Employers: company info, job posting details, communications.
    • Children (Kidonomy/clubs): first name, age, emergency contact, special requirements (optional).
    We never require special category data unless voluntarily provided.
  2. How We Use Data (Legal Bases)
    • Operate marketplace and bookings (Contract)
    • Payments (Contract)
    • Recruitment matching (Legitimate Interests + Contract)
    • Safety & compliance (Legal Obligation)
    • Marketing & personalisation (Consent)
    • Cookies & analytics (Consent)
  3. Sharing Your Data
    Vendors, employers, payment processors, email/CRM tools, analytics partners, legal/safeguarding agencies when required. We do not sell personal data.
  4. Children’s Privacy
    We follow the ICO Age Appropriate Design Code. Parental consent required. No ads to children. Children’s data deleted after purpose ends.
  5. Your Rights
    Access, rectification, deletion, restriction, objection, portability, withdraw consent, complain to the ICO. Contact: support@mumly.co.uk.
  6. Retention
    See our Data Retention Schedule.
  7. International Transfers
    SCCs/adequacy used with non-UK providers.
  8. Cookies
    See our Cookie Policy. Non-essential cookies require consent.
  9. Contact
    support@mumly.co.uk

Contact: support@mumly.co.uk | www.mumly.co.uk

© 2025 Mumly Careers Ltd | Registered office: 124 City Road, London EC1V 2NX | support@mumly.co.uk