Mercarto Privacy Policy

Mercarto Ltd. ("Mercarto"/"we"/"us"/"our") is committed to protecting your privacy. We make the website located at www.mercarto.com ("Website"), the Mercarto application as well as the Mercarto services (“Services”) available on www.admin.mercarto.com. As you use our Services, we want you to be clear how we’re using information and the ways in which you can protect your privacy.

Our Privacy Policy explains:

  • What information we collect and why we collect it.

  • How we use that information and when we disclose it.

  • How to access and update your personal information.

Your privacy matters to us so please take time to familiarise yourself with our policies, and if you have any questions please contact us at hello@Mercarto.com.

1. IMPORTANT INFORMATION AND WHO WE ARE

Purpose of this Privacy Policy

This Privacy Policy aims to give you information on how Mercarto collects and processes your personal information through your use of the Website and the Services, including any information you may provide when you sign up for a demo of our Services, when you create an account and a profile with us, when you purchase or use our Services, when you search for our Website, when you subscribe to our email alerts, when you contact our customer service, when you participate in surveys, public forums, chats, or when you respond to one of our requests for suggestions and other content.

Please note that neither the Website nor the Services is intended for children under 18 years of age. No-one under age 18 may provide any information to or on the Website  or through our Services. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on the Website or on or through any of its features, use any of the interactive or public comment features of the Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us. 

It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal information about you so that you are fully aware of how and why we are using your information. This Privacy Policy supplements the other notices and is not intended to override them.

Controller or Processor

To the extent that Mercarto holds information about you due to your use of our Services, Mercarto is the controller and responsible for your personal information. To the extent that Mercarto holds information about you due to its presence in content uploaded by Mercarto customers, Mercarto acts as a processor on behalf of such customers and the terms of this Privacy Policy does not apply to such information.

If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact us using the details set out below.

Our full details are:
hello@mercarto.com
3 Archway, Birley Fields, Hulme, Manchester M15 5QJ
0800 246 1443

  • What information we collect and why we collect it.

  • How we use that information and when we disclose it.

  • How to access and update your personal information.

If you are based in the European Union, you also have the right to make a complaint at any time to your local supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the regulator so please contact us at hello@Mercarto.com in the first instance.

Changes to the Privacy Policy and your duty to inform us of changes

This version was last updated on Sept 1st, 2020. We reserve the right to change the terms of this Privacy Policy at any time. When we do, we will post the revised Privacy Policy to our Website and the last revision date will be updated so that you will always be able to understand what information we collect, how we use your information, and under what circumstances we may share your information with others. It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

Third-party Links 

The Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share information about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the privacy notice of every website you visit.

2. THE INFORMATION WE COLLECT ABOUT YOU

Personal data, or personal information, means any information relating to an identifiable person who can be directly or indirectly identified. It does not include data which cannot be related to an identifiable person (anonymous data).

We may collect, use, store and transfer different kinds of personal information about you which we have grouped together as follows:

  • Identity Data includes first name, last name, store name or similar identifier.

  • Contact Data includes billing address, delivery address, email address and telephone numbers.

  • Financial Data includes payment card details.

  • Transaction Data includes details about payments to and from you and other details of services you have purchased from us.

  • Technical Data includes internet protocol (IP) address, your mobile device’s unique ID number, your login data, browser type and version, time zone setting and location browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Website.

  • Profile Data includes your store name and password, purchases or orders made by you, your location, preferences, feedback and survey responses.

  • Usage Data includes information about how you use our Website, other app(s) and Services, such as the buttons, controls, products and ads you click on or the Website that you visit, the time spent on those pages, your search queries, the dates and times of your visits or use, but also about the products that you are tracking through the Service, how often you use those products, and other related data regarding such usage by you.

  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal information but is not considered personal information in law as this information does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific Website feature. However, if we combine or connect Aggregated Data with your personal information so that it can directly or indirectly identify you, we treat the combined data as personal information which will be used in accordance with this Privacy Policy.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

If your non-identifiable data are used for research purposes, then the limitation of liability and indemnity clauses contained within the End User License Agreement/Terms of Service Agreement are waived with respect to any harms suffered or liabilities incurred as a result of any research activities.

If you fail to provide personal information

Where we need to collect personal information by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our services). In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.

3. HOW IS PERSONAL INFORMATION COLLECTED

We use different methods to collect data from and about individuals including through:

Direct interactions by you
You may give us Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide or permit us to access when you:

  • sign up for our services;

  • create an account and profile with us;

  • purchase one of our products/services;

  • subscribe to our email alerts;

  • contact our customer service;

  • give us some feedback.

Automated technologies or interactions
As you interact with our Site, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data and Usage Data about you if you visit other websites employing our cookies.

Third parties or publicly available sources.
We may receive personal information about you from various third parties and public sources as set out below:

  • Technical Data from the following parties:
    analytics providers such as Google Analytics based outside the EU;
    search information providers such as Google based inside or outside the EU.

  • Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Stripe based outside the EU.

  • Identity and Contact Data from our partners, data brokers or aggregators based inside or outside the EU.

  • Identity and Contact Data from publicly available sources such as LinkedIn, Instagram, and other social networking sites based outside the EU.

5. DISCLOSURES OF YOUR PERSONAL INFORMATION BY US OUTSIDE OF THE SERVICES

We may have to share your personal information with the parties set out below for the purposes set out in the table in paragraph 4 above. Third Party categories as set out below:

  • Service providers who provide IT and system administration services.

  • Social networking sites to which you have linked your account.

  • Professional advisers including lawyers, bankers, auditors and insurers based in Canada and the United States who provide consultancy, banking, legal, insurance and accounting services.

  • Regulators and other government authorities [acting as processors or joint controllers] based in Canada, the United States and in the EEA who require reporting of processing activities in certain circumstances.

  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this Privacy Policy.

We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

6. INTERNATIONAL TRANSFERS

We share your personal information within our company and to our third party service providers such as Google Cloud or other providers. This may involve transferring your information internationally, including without limitation, if you are based in the European Union, transferring your data outside the European Economic Area (EEA).

Many of our external third parties are also based outside the European Economic Area (EEA) so their processing of your personal information will involve a transfer of data outside the EEA. If you are based in the European Union, whenever we transfer your personal information out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring appropriate safeguards are implemented.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

7. DATA SECURITY

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. DATA RETENTION

How long will you use my personal information for? We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law, we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax and other legally required purposes.

In some circumstances, you can ask us to delete your information: see Request erasure below for further information.
In some circumstances, we may anonymise your personal information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Got questions? Let’s chat.

Maybe you want to discuss business ideas, discover more about our features, or just want to speak to a friendly human.
Whatever it is, we’re all ears.

GET IN TOUCH