Mulentuhub Business Activity Analysis Advisory
Legal information

Privacy Policy

This Privacy Policy explains how Mulentuhub collects, uses, shares, and protects personal data when you visit our website, contact us, or request advisory information. It also explains your rights and how to exercise them.

Last Updated: January 15, 2026

Mulentuhub provides analytical and advisory services related to business operations. Outcomes vary depending on organizational structure and external conditions.

1) Who we are (Data Controller)

Mulentuhub is responsible for the processing of personal data described in this policy when we determine the purposes and means of processing (GDPR “controller”).

Controller: Mulentuhub Advisory Ltd
Registered/Business address: 350 Fifth Avenue, New York, NY 10118, United States
Email: [email protected]
Privacy contact (DPO function): [email protected]

If you have questions about this policy, want to exercise your rights, or want to request deletion of information you submitted, contact us using the privacy email above. If you contact us from within the European Economic Area (EEA) or the United Kingdom, we will respond in line with applicable GDPR/UK GDPR requirements, including response timeframes and identity verification measures.

2) Personal data we collect

We collect information you provide directly, information collected automatically through your use of the website, and limited technical information from server logs.

Data you provide

When you submit an inquiry through our contact form or contact us by email, we may collect the following categories of personal data:

  • Full name (to address you and keep accurate correspondence)
  • Email address (to respond to your inquiry)
  • Phone number (only if you choose to provide it via email; our website form does not require it)
  • Organization name (optional; helps us understand context)
  • Message content (your description of the inquiry and operational context)

Please do not submit sensitive personal data through our website forms (for example, health data, government ID numbers, payment card data, or information revealing political opinions). If such data is received unintentionally, we will limit access and may delete it when appropriate and lawful.

Data collected automatically

When you visit our website, we may collect technical and usage information. Depending on your cookie choices, this may include:

  • IP address (often truncated or otherwise minimized by tools where available)
  • Device and browser data (browser type, version, operating system, language settings)
  • Usage data (pages viewed, clicks, scroll depth, referrer, session duration)
  • Cookie identifiers (if analytics or marketing cookies are accepted)
  • Approximate location derived from IP (country/region level)

We use this information to understand website performance, maintain security, and improve clarity of content. We do not use this data to infer sensitive characteristics about visitors.

3) How we collect personal data

We collect data through direct interactions, cookies and similar technologies, analytics tools, and server logs generated as part of normal website operation.

Web forms and email

If you submit an inquiry form, your data is transmitted to us to handle the request. If you email us directly, we collect the data you include in your message and attachments. We use this information to communicate with you and maintain a record of correspondence for professional and compliance reasons.

Cookies and local storage

We use cookies and local storage to remember preferences such as cookie consent, and (if enabled) to support analytics and marketing measurement. You can accept or reject optional cookies through our cookie banner. Your choice is stored locally in your browser.

Analytics and advertising tools

We may use Google Analytics 4 (GA4) to understand how visitors use our site. If we run advertising campaigns, we may use the Meta Pixel to measure ad attribution and to build audiences. These tools are enabled only when you consent to the relevant cookie categories in the cookie banner.

4) Legal bases for processing (GDPR Art. 6)

Where GDPR applies, we process personal data only when we have a valid legal basis. The legal basis depends on the context and purpose.

Legal bases by purpose and data type

  • Responding to inquiries (name, email, message content): Contract necessity (Art. 6(1)(b)) where you request information about services, and legitimate interests (Art. 6(1)(f)) to manage communications and provide support.
  • Optional phone number (if provided): Legitimate interests (Art. 6(1)(f)) to facilitate communication, or consent (Art. 6(1)(a)) where required by local law based on your channel and context.
  • Website security, fraud prevention, and logs (IP address, timestamps, user agent): Legitimate interests (Art. 6(1)(f)) to protect the website and detect malicious activity.
  • Analytics (cookie identifiers, usage data): Consent (Art. 6(1)(a)) where required for non-essential cookies.
  • Marketing measurement/retargeting (e.g., Meta Pixel identifiers): Consent (Art. 6(1)(a)) where required, and you can reject marketing cookies without losing access to the site.
  • Legal compliance requests: Legal obligation (Art. 6(1)(c)) where we must retain or disclose information to comply with law.

Where we rely on legitimate interests (Art. 6(1)(f)), we consider and balance our interests against your rights and expectations. You may object to such processing as described in the “Your rights” section.

5) Purposes of processing

We use personal data for specific, limited purposes consistent with an advisory and informational website.

Service communication and support

We process your contact details and inquiry content to respond to your message, schedule a call if requested, clarify the scope of an operational review, and provide informational materials that are directly related to your request. We may also keep internal notes to ensure continuity of communication.

We do not request sensitive personal data via our web forms. If you provide sensitive information in error, we may remove it from our records where lawful and feasible.

Website operations and improvement

We use technical and usage data to maintain site security, diagnose errors, and improve usability and clarity of content. When analytics cookies are accepted, aggregated usage insights help us understand which pages are most useful and where visitors encounter navigation issues.

We do not use analytics data to make decisions with legal or similarly significant effects about individuals.

6) Retention periods

We retain personal data only as long as necessary for the purposes described above, unless a longer retention period is required by law.

  • Inquiry form submissions and email correspondence: retained for up to 2 years from the last interaction, then deleted or anonymized unless needed for legal claims or compliance.
  • Operational engagement communications (if an advisory engagement proceeds): retained for the duration of the engagement and up to 6 years thereafter where necessary for professional recordkeeping and legal compliance (e.g., contract documentation), subject to applicable law.
  • Analytics data (e.g., GA4): retained for up to 14 months (tool setting), then automatically deleted or aggregated according to provider controls.
  • Cookie consent choice (stored in local storage): stored until you clear your browser storage or update your choice; we also refresh the consent prompt if settings change or if required by law.
  • Security logs: retained for up to 90 days unless a longer period is required to investigate security incidents.
  • Marketing audiences (if enabled through consent): retained according to the advertising provider’s settings and your consent choice; you can withdraw consent at any time by rejecting marketing cookies.

When retention periods expire, we delete data, de-identify it, or securely archive it only where lawful and necessary. If you request deletion, we will evaluate the request against legal obligations and legitimate interests such as security and legal defense.

7) Sharing and disclosures

We share personal data with service providers that help us operate the website and manage communications. We do not sell personal data.

Hosting and infrastructure

Website hosting providers and infrastructure vendors may process IP addresses, server logs, and limited technical data to deliver website content and maintain reliability and security. These providers act as processors under contractual terms where applicable.

Email and communication tools

Email service providers process messages you send to us and our replies to you. Access to inboxes is restricted to authorized personnel who need it to respond to inquiries and manage advisory communications.

Analytics and advertising processors

If you consent to analytics or marketing cookies, providers such as Google (GA4) and Meta (Pixel) may receive cookie identifiers and usage events to provide measurement services. These providers may process data as independent controllers for their own purposes under their policies. You can reject marketing cookies at any time.

No sale of personal data

Mulentuhub does not sell personal data and does not share personal data for monetary consideration. If we use advertising tools, they are used for measurement and audience building only when you have provided consent, and you can withdraw consent through the cookie settings on your device (reject cookies) or by clearing browser storage.

8) International transfers

Because we are based in the United States and may use service providers that process data globally, your data may be transferred outside the EEA, the UK, or Switzerland.

If you access the website from the EEA/UK, personal data may be transferred to the United States or other countries that may not provide the same level of data protection as your home jurisdiction. When transfers are subject to GDPR/UK GDPR restrictions, we use appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission for transfers to third countries, where applicable.
  • UK International Data Transfer Addendum or other approved UK transfer mechanisms where applicable.
  • Adequacy decisions where the destination country is recognized as providing adequate protection.
  • Supplementary measures where appropriate, such as data minimization and access controls.

You may request more information about transfer safeguards by contacting [email protected].

9) Your rights (GDPR/UK GDPR)

If GDPR or UK GDPR applies to you, you have rights regarding your personal data. We honor these rights subject to legal limitations.

  • Right of access: request confirmation of whether we process your data and obtain a copy.
  • Right to rectification: request correction of inaccurate or incomplete data.
  • Right to erasure (“right to be forgotten”): request deletion where processing is no longer necessary or where you withdraw consent and no other legal basis applies.
  • Right to restriction: request that we limit processing in certain situations, such as while a complaint is investigated.
  • Right to data portability: receive certain data you provided to us in a structured, commonly used format, and request transmission to another controller where technically feasible.
  • Right to object: object to processing based on legitimate interests; we will stop unless we have compelling legitimate grounds or need to process for legal claims.
  • Right to withdraw consent: where we rely on consent (e.g., analytics/marketing cookies), you can withdraw it at any time by updating cookie choices (reject optional cookies) or clearing your browser storage.

How to exercise your rights: Email [email protected] with your request and the email address you used to contact us. We may ask for reasonable information to verify your identity. We aim to respond within one month, and we may extend this period where permitted by law due to complexity or number of requests.

Right to lodge a complaint: If you are in the UK, you can complain to the Information Commissioner’s Office (ICO). If you are in the EEA, you can complain to your local supervisory authority. We encourage you to contact us first so we can address your concerns directly.

10) Cookies and similar technologies

We use cookies and similar technologies to provide essential website features and, with your consent, to measure usage and marketing performance.

Cookie categories

  • Strictly necessary: required for basic site operation and security, and to remember essential preferences. These cannot be disabled through our banner because the site may not function properly without them.
  • Analytics: used to understand how visitors navigate and use the website (e.g., page views, events). Enabled only if you accept analytics cookies.
  • Marketing: used for advertising measurement and retargeting where applicable (e.g., Meta Pixel). Enabled only if you accept marketing cookies.

Your choice is recorded locally in your browser storage so the banner does not reappear on every page view. You can change your choice by clearing site storage in your browser or using privacy controls in your device settings.

Typical cookie durations

Cookie durations can vary by provider and configuration. The following durations are typical:

  • Strictly necessary: session-based or up to 12 months, depending on purpose (e.g., consent state storage).
  • Analytics: often between 24 hours and 14 months depending on the specific cookie and configuration.
  • Marketing: often between 7 days and 90 days depending on platform defaults and campaign settings.

You can manage cookies via browser settings. Most browsers allow you to block cookies, delete existing cookies, or set per-site controls. Blocking cookies may impact certain site features.

11) Children’s privacy

Our website and services are not directed to children under 16, and we do not knowingly collect personal data from children.

If you believe a child has provided personal data to us, contact [email protected] and we will take steps to delete the information where appropriate and lawful. We may request limited information to help locate the record and verify the request.

12) Security

We take reasonable technical and organizational measures to protect personal data, recognizing that no system is completely secure.

Security measures may include access controls, least-privilege permissions, secure hosting configurations, and staff practices designed to minimize unauthorized access. If you suspect any security issue involving your data, contact [email protected] so we can investigate. We do not request passwords or payment card information through our website inquiry form.

13) Policy updates

We may update this policy to reflect changes in law, technology, or our practices. When required, we will provide additional notice.

Updates are posted on this page with an updated “Last Updated” date. If changes materially affect how we process personal data, we may provide notice on the website or via email when we have your email address for correspondence and such notice is appropriate. Continued use of the website after an update means you have read the revised policy.

Contact for privacy requests

Email [email protected] or write to: Mulentuhub Advisory Ltd, 350 Fifth Avenue, New York, NY 10118, United States.