Legal

Privacy Policy

Effective date: October 24, 2023 • Last updated: February 13, 2026

1. Scope and Controller Information

This Privacy Policy describes how Mercuri collects, uses, discloses, and safeguards personal information when you use our websites, products, and services.

Data Controller: Santhe Technology Consulting OPC Pvt LTD (Mercuri). For privacy requests, contact privacy@mercuri.cx.

2. Categories of Information We Collect

  • Account and identity data: name, business name, email address, phone number, login credentials.
  • Billing and transaction data: billing address, subscription status, payment-related metadata from processors.
  • Communication data: message content, message metadata, opt-in records, templates, and delivery logs.
  • Technical and usage data: IP address, device/browser details, event logs, pages visited, and settings.
  • Support data: information shared in tickets, chat, onboarding, and account support interactions.

3. Sources of Information

  • Directly from you and your authorized users.
  • Automatically through your use of the platform and website.
  • From integrations and service providers you connect (for example CRM or messaging providers).

4. Purposes and Legal Bases for Processing

We process personal information to provide and improve Mercuri services, support customers, keep systems secure, and meet legal obligations.

  • Contractual necessity: account creation, service delivery, billing, and support.
  • Legitimate interests: product improvement, fraud prevention, and platform security.
  • Consent: where required for cookies, marketing, or specific communications.
  • Legal obligations: compliance with applicable tax, accounting, regulatory, and lawful request requirements.

5. SMS and WhatsApp Consent

We do not share mobile opt-in data, text messaging originator information, or consent details with third parties for their marketing or promotional purposes.

You are responsible for obtaining and maintaining any end-user consent required under applicable messaging laws and platform policies.

6. How We Share Information

We may share personal information with the following categories of recipients, only as needed to provide services:

  • Infrastructure, hosting, analytics, and security providers.
  • Payment processors and subscription billing vendors.
  • Messaging and communication providers (for example SMS or WhatsApp delivery).
  • Integrated applications you authorize.
  • Authorities or other parties when required by law, legal process, or to protect rights and safety.

7. Cookies and Tracking Technologies

We use cookies and similar technologies for authentication, security, product performance, analytics, and preference storage.

You can control cookies through browser settings. Where applicable, you may also opt out of certain tracking and targeted advertising signals.

8. Data Retention

We retain personal information for as long as necessary to provide services, maintain business records, resolve disputes, enforce agreements, and comply with legal obligations.

  • Account and billing records are retained for legal, tax, and accounting requirements.
  • Service logs and communication records are retained based on operational and compliance needs.
  • When deletion is requested and legally permitted, data is deleted or de-identified within a reasonable period.

9. International Data Transfers

Your information may be processed in countries other than your own. Where required, we use appropriate safeguards for cross-border data transfers.

10. Security

We implement technical and organizational safeguards, including access controls, encryption in transit, monitoring, and incident-response procedures. No method of transmission or storage is completely secure, but we work to protect data using industry-standard measures.

11. Your Privacy Rights

Depending on your location, you may have rights to access, correct, delete, or receive a copy of your personal information, and to object to or restrict certain processing.

California residents may have rights under the CCPA/CPRA, including rights to know, delete, correct, and opt out of sale or sharing where applicable. We will not discriminate against you for exercising privacy rights.

To exercise rights, contact privacy@mercuri.cx. We may verify your identity before processing your request.

12. Children's Privacy

Mercuri is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective or last-updated date.

14. Contact

For privacy-related questions or requests, contact us at privacy@mercuri.cx.