Privacy Policy
Last updated 25 May 2026
1. Who we are
Miramoot is operated by TEVA Services Limited, a company incorporated in England and Wales under company number 15618106, with registered office at 167-169 Great Portland Street, Fifth Floor, London, W1W 5PF, United Kingdom. For the purposes of UK GDPR and the Data Protection Act 2018, TEVA Services Limited is the data controller of your personal data when you use Miramoot.
If you have questions about this policy or about how we handle your data, contact us at hello@miramoot.com.
2. What data we collect
When you use Miramoot, we collect the following types of personal data:
- Identity data: your name and email address, provided when you are invited or registered by an administrator.
- Account data: your assigned organisation, role (e.g. learner, mentor, administrator), and the courses you are enrolled in.
- Course activity: your progress through course materials, any files you upload as assignment submissions, your submission grades, and feedback from mentors.
- Country: the country attributed to your profile, used to provide you with jurisdiction-specific learning resources.
- Technical data: your IP address, browser type, device type, and timestamps of your sessions, collected through standard server logs and authentication systems.
We do not knowingly collect data from anyone under the age of 16. Miramoot is a platform for adult professional learning.
3. How we use your data
We use your personal data only for the following purposes:
- To provide you with access to your organisation's training portal.
- To track your progress through learning material and your assignment submissions.
- To enable mentors and administrators in your organisation to review your work and issue certificates.
- To send you transactional emails (e.g. magic-link sign-in, course completion notifications). We do not send marketing emails without your explicit consent.
- To improve the platform and diagnose technical issues.
- To comply with our legal obligations.
Our lawful basis for processing your data is contractual necessity (Article 6(1)(b) of UK GDPR) — your data is required for us to provide the service your organisation has engaged us to deliver.
4. Sharing your data
We share your personal data only with:
- Your organisation's administrators and mentors, as required for the operation of your training portal.
- Our infrastructure providers: Supabase (database and authentication, hosted in the EU), Vercel (web hosting), Resend (transactional email), and Anthropic (for AI-assisted grading of submissions — only the content you submit is processed; your identity is not shared).
- Legal authorities where we are required to do so by law.
We do not sell your personal data to third parties.
5. AI grading
When you upload an assignment, Miramoot uses an AI model (Claude Haiku, provided by Anthropic) to suggest a provisional grade and rationale, which is then reviewed by a human mentor in your organisation. The content of your submission is transmitted to Anthropic for grading. Your identity is not transmitted alongside the content. Anthropic does not train its models on this data and does not retain it after processing.
A human mentor always has the final decision on your grade.
6. Data retention
We retain your account data for as long as you have an active account with an organisation using Miramoot. If your account is deleted (by you, by your administrator, or due to extended inactivity), we delete your personal data within 30 days, except where we are required to retain certain records for legal or accounting purposes.
Assignment submissions and certificates may be retained by your organisation for their own record-keeping requirements.
7. Your rights
Under UK GDPR you have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate data.
- Request deletion of your data (“right to be forgotten”), subject to legitimate business reasons we may need to retain it.
- Object to or restrict processing.
- Request portability of your data.
- Withdraw consent at any time where we rely on consent as the lawful basis.
- Lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection regulator, at ico.org.uk.
To exercise any of these rights, contact us at hello@miramoot.com. We will respond within one calendar month.
8. International transfers
Our infrastructure is primarily hosted in the EU and UK. Where data is transferred outside the UK or EEA (for example, to AI service providers based in the United States), we rely on standard contractual clauses approved by the UK Information Commissioner or equivalent safeguards.
9. Cookies
Miramoot uses only strictly necessary cookies required for authentication and core platform functionality. We do not use tracking, analytics, or marketing cookies. As these cookies are essential to the service you have requested, no cookie consent banner is required under UK PECR regulations.
10. Changes to this policy
We may update this Privacy Policy from time to time. The “last updated” date at the top of this page will reflect the most recent change. Material changes will be notified to you via email or on-screen notice.
11. Contact
TEVA Services Limited
167-169 Great Portland Street, Fifth Floor, London, W1W 5PF, United Kingdom
Company number 15618106
Email: hello@miramoot.com