GDPR Compliance Statement

Last Updated: May 22, 2026

Introduction

Although MerquoraTechAI is based in Australia, we recognize the importance of the General Data Protection Regulation (GDPR) for our clients and visitors from the European Union. This document outlines our commitment to GDPR principles and your rights under this regulation.

Data Controller

For the purposes of GDPR, MerquoraTechAI acts as the data controller for personal information collected through our website and services.

Contact details:
MerquoraTechAI
Level 12, 180 Lonsdale Street
Melbourne VIC 3000, Australia
Email: [email protected]

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: When you voluntarily provide information through forms or communications
• Contractual necessity: When processing is necessary to fulfill service agreements
• Legitimate interests: For business operations, security, and service improvement
• Legal obligations: When required by applicable laws and regulations

Your Rights Under GDPR

If you are an EU resident, you have the following rights regarding your personal data:

Right to Access

You can request a copy of the personal information we hold about you, including details about how we use it and who we share it with.

Right to Rectification

You can request correction of inaccurate or incomplete personal information.

Right to Erasure

You can request deletion of your personal data in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected.

Right to Restriction

You can request that we restrict processing of your personal data in specific situations, such as while we verify accuracy of disputed data.

Right to Data Portability

You can request to receive your personal data in a structured, commonly used format and transmit it to another controller.

Right to Object

You can object to processing of your personal data when we rely on legitimate interests as the legal basis.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significant effects.

How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

Data Processing Activities

What Data We Collect

• Contact information: name, email address, company details
• Technical data: IP address, browser type, device information
• Usage data: pages visited, time on site, interaction patterns
• Communication data: inquiry content, service preferences

Why We Collect It

• To respond to inquiries and provide requested services
• To improve website functionality and user experience
• To send relevant service communications
• To comply with legal obligations

How Long We Keep It

We retain personal data only as long as necessary for the purposes outlined, typically:

• Active client data: duration of relationship plus 7 years for legal compliance
• Inquiry data: 2 years from last contact
• Technical logs: 12 months

International Data Transfers

As an Australian-based company, your data may be transferred outside the EU. We ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by the European Commission
• Adequate security measures during transmission and storage
• Compliance with Australian Privacy Principles, which align with GDPR standards

Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• Encryption of data in transit and at rest
• Access controls and authentication requirements
• Regular security assessments and updates
• Employee training on data protection

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant supervisory authorities within 72 hours of becoming aware of the breach, as required by GDPR.

Third-Party Processing

We work with carefully selected third-party service providers who process data on our behalf. All processors are required to:

• Comply with GDPR requirements
• Implement appropriate security measures
• Process data only according to our instructions
• Maintain confidentiality

Cookies and Tracking

We use cookies with your consent. You can manage cookie preferences through our cookie banner or browser settings. For detailed information, see our Cookies Policy.

Children's Data

We do not knowingly collect or process personal data from individuals under 16 years of age without parental consent.

Supervisory Authority

If you are an EU resident and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.

Changes to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised date.

Contact Us

For questions about GDPR compliance or to exercise your rights, contact us at:

Email: [email protected]
Address: Level 12, 180 Lonsdale Street, Melbourne VIC 3000, Australia