GDPR Compliance

Our Commitment to GDPR

MerquoraTechAI Pty Ltd is committed to complying with the General Data Protection Regulation (GDPR) when processing personal data of individuals in the European Economic Area (EEA). This page outlines how we ensure GDPR compliance and explains your rights under this regulation.

Data Controller Information

For the purposes of GDPR, MerquoraTechAI Pty Ltd acts as a data controller when we collect and process your personal data directly. Our contact details are:

MerquoraTechAI Pty Ltd
Level 18, 201 Elizabeth Street
Sydney NSW 2000, Australia
Email: [email protected]

Legal Bases for Processing

We process personal data of EEA residents only when we have a lawful basis to do so. The legal bases we rely on include:

• Consent: You have given clear consent for us to process your personal data for a specific purpose.
• Contract: The processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
• Legitimate Interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the personal data which overrides those interests.
• Legal Obligation: The processing is necessary for us to comply with the law.

Your Rights Under GDPR

If you are located in the EEA, you have the following rights regarding your personal data:

Right of Access

You have the right to request a copy of the personal data we hold about you, along with information about how we process it.

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

Right to Erasure

You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.

Right to Restriction of Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

Right to Object

You have the right to object to the processing of your personal data where we are relying on legitimate interests as the legal basis, including for direct marketing purposes.

Rights Related to Automated Decision-Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

Right to Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, or inform you if we need additional time.

We may request specific information from you to help us confirm your identity and ensure your right to access your personal data. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

International Data Transfers

As we are based in Australia, transfers of personal data from the EEA to our systems constitute international transfers. When we transfer your data internationally, we implement appropriate safeguards to ensure your data is protected, including:

• Standard Contractual Clauses approved by the European Commission
• Ensuring recipient countries have adequate data protection laws
• Implementing additional technical and organisational measures where necessary

Data Protection Officer

While we are not required to appoint a Data Protection Officer under GDPR, we have designated a privacy contact who is responsible for overseeing questions in relation to this notice. If you have any questions about our GDPR compliance, please contact us at [email protected].

Supervisory Authority

If you are located in the EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local supervisory authority. A list of supervisory authorities is available at: https://edpb.europa.eu/about-edpb/board/members_en

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process the data, and applicable legal requirements.

Updates to This Information

We may update this GDPR compliance information from time to time to reflect changes in our practices or applicable laws. We encourage you to review this page periodically for the latest information on our GDPR compliance efforts.

Contact Us

If you have any questions about our GDPR compliance or wish to exercise any of your rights, please contact us:

Email: [email protected]
Address: Level 18, 201 Elizabeth Street, Sydney NSW 2000, Australia