Mortar Marketing Privacy Policy

Collection of Personal Information 

When and How We Collect Data 

From the first moment you interact with us, we are collecting data. Sometimes you provide us with data, and sometimes data about you is collected automatically.

• Data You Give Us
  • When you request a demo, chat with customer support, connect integrations, or opt-in to marketing messages.
• Data We Collect Automatically
  • When you browse any page of our website, use our services, or connect integrations.

Types of Data We Collect

• Contact Details
  • Name, email address, address, organisation, and telephone number.
• Account Information
  • Log data, usage data, and analytics including IP address, browser type, device information, and general location information.
• Content from Your Use of the Services or Website
  • Profile information including username, email ID, and profile image.
• Surveys, Events, and Marketing Information
  • Information provided voluntarily to participate in surveys or events.
• Employment Applications
  • Information provided when applying for jobs.
• Browsing Our Websites or Portal
  • Data collected during website visits including chat inquiries and aggregated website usage data.

Use of Personal Information

We will generally use your personal information for the purpose for which it was collected and for related purposes within your reasonable expectations, including:

• Keeping Mortar AI Running
  • Login and authentication, processing payments, and managing service performance and security.
• Improving Mortar AI
  • Testing features, interacting with feedback platforms, traffic optimisation, data analysis, and research.
• Customer Support
  • Notifying you of changes to our service, solving issues via live chat support or email.

Legal Basis for Processing Data

• Contract
• Legitimate interest

Storage and Protection of Personal Information

We take reasonable steps to protect your personal information from misuse, interference, and loss as well as unauthorised access, modification, or disclosure. Measures include:

• • Security features and procedures for information stored on our network.
• Regular monitoring of security practices and systems.
• Secure destruction or permanent de-identification of personal information when no longer required.

Your personal information may be retained for legal or corporate governance purposes, fraud prevention, or backup records.

Disclosure of Personal Information

We generally only disclose your personal information for the purpose for which it was collected. We may disclose information to:

• Service providers (e.g., hosting providers, data processing companies) under contractual obligations to use the information only for specified purposes.
• Overseas recipients with your consent or as required by law.

Access to and Correction of Personal Information

You may request access to or correction of your personal information if you believe it is inaccurate, out-of-date, incomplete, irrelevant, or misleading. We may refuse access or correction if legally required or entitled. If access is refused, we will provide written reasons and information on how to complain about the refusal.

We may charge for access to personal information but will inform you of any costs before proceeding. Requests may require verification of identity or completion of a personal information request form.

Online Privacy

This section of our Privacy Policy sets out how we handle your personal information in respect of online services provided by us (which includes any services provided by us via the Internet, such as our website, and also includes email communications).

Automatic Server Logs

Our servers automatically collect various details when you use our website, including:

• Your IP (Internet Protocol) address (generally, an identifier assigned to your computing device when it is connected to the Internet);
• The operating system, computing device hardware, and Internet browser software you are currently using; and
• The data you access (such as web pages or other document files or software), and the time that you access it.

We do not attempt to identify individuals using this information and only use it for statistical analysis, system administration, and similar related purposes. This information is not disclosed to any other party.

Cookies

Our website uses “cookies,” which identify your computing device to our servers when you visit our website. Our website may store cookies on your computing device in order to improve and customise your future visits to the website. By using cookies, our website can provide customised content to you. If you do not want information collected through the use of cookies, you may be able to configure your Internet browser to disable cookies.

We may also use cookies that enable the collection of data which is linked to your account and may be considered personal information. We will handle any such personal

information in the same manner as other personal information in accordance with this Privacy Policy.

Email and Messages

We may collect personal information from you (such as your name and email address, business details, and any other personal information you volunteer) if you send us an email. We will use this to contact you to respond to your message, to send you information that you request, and for other related purposes we consider are within your reasonable expectations. We will not use or disclose any such personal information for any other purpose without your consent.

Storage and Transmission of Personal Information Online

If you provide any personal information to us via our online services (including email) or if we provide such information to you by such means, the privacy, security, and integrity of this information cannot be guaranteed during its transmission unless we have indicated beforehand that a particular transaction or transmission of information will be protected (for example, by encryption).

Other Online Services

If any of our online services (including any email we send to you) contain links to other online services that are not maintained by us, or if other services link to our online services, we are not responsible for the privacy practices of the organisations that operate those other services, and by providing such links we do not endorse or approve the other services. This Privacy Policy applies only in respect of our online services.

Data Breach Response

If a data breach or suspected data breach occurs, we will undertake a prompt investigation, which will include an assessment of whether the incident is likely to result in serious harm. If required, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals. Suspected breaches should be reported to us for investigation and appropriate action.

Your Privacy Choices and Rights

Your Rights

• Access Information

You have the right to access information we hold about you.

• Correct Information

You have the right to correct any inaccurate personal data about you.

• Object to Profiling

You can object to us using your data for profiling or making automated decisions about you.

• Data Portability

You have the right to port your data to another service.

• Right to Be Forgotten

You have the right to be ‘forgotten’ by us.

• Lodge a Complaint

You have the right to lodge a complaint regarding our use of your data.

Privacy Choices

Choose Not to Provide Personal Data

You can continue to use the website without disclosing your personal data, but we will not be able to process required transactions.

Turn Off Cookies

You can turn off cookies in your browser settings, but some services may not work effectively.

Opt-Out of Marketing

You can opt out from marketing by emailing us at [email protected].

Security Standards

We adhere to ISO 27001 and GDPR standards for information security management, ensuring robust processes to assess and minimise risks. Our platform is hosted on Microsoft’s Azure cloud services, offering advanced security features.

Our Security Measures Include:

• Role-Based Access Control (RBAC)
• Regular Security Audits
• Data Backups
• Compliance Updates

Note: We are currently going through the formal process of obtaining ISO 27001 and GDPR certification. The official compliance and certification will be uploaded on our official website in 6-8 weeks.

Use of Client Data

Commitment to Purpose-Limited Data Utilization

In our unwavering commitment to the trust and privacy of our clients, Mortar Marketing strictly adheres to the principle of purpose-limited data utilization. We hereby affirm that:

• Exclusive Use for Intended Purposes: All client data collected, processed, or handled by Mortar Marketing is used exclusively for the purposes for which it was originally intended, as explicitly communicated to and agreed upon by our clients. This includes, but is not limited to, the provision of our services, improvement of user experience, and compliance with legal obligations.
• Prohibition of Secondary Use: Under no circumstances will client data be utilized for secondary or unrelated purposes without the explicit and informed consent of the client. This encompasses a prohibition on the sale, transfer, or use of client data for external marketing, research, or any commercial activities not directly related to the agreed-upon services.
• Safeguards and Compliance: We implement rigorous safeguards and compliance measures to ensure that all team members, processes, and technologies align with this commitment. Regular audits and reviews are conducted to verify adherence to this principle.
• Transparency and Accountability: Mortar Marketing maintains a policy of transparency with our clients regarding data utilization practices. Any changes to the purpose of data usage will be communicated promptly and will require explicit client consent.
• Client Empowerment: Clients reserve the right to inquire about the specific uses of their data, request limitations on data utilization, or withdraw consent for certain uses, in accordance with applicable data protection laws and regulations.

By integrating this clause into our Privacy Policy, we reinforce our dedication to ethical data practices and the protection of our clients’ privacy and trust.

Conclusion

When it comes to securing your data, we at Mortar AI believe in a no-compromise approach. With a foundation built on ISO 27001 best practices and the robust Azure cloud infrastructure, your data is in safe hands. Rest easy, focus on what you do best, and let us handle the security of your data.

Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top.

Contact Us

For any questions, concerns, or clarifications about this Privacy Policy, or if you wish to exercise any of your rights, please contact our Data Protection Officer (Arpit Arya) at [email protected].

Appendices

Appendix A: Key Security Measures

Appendix B: Data Collection Overview