Privacy Policy

Last Updated: March 15, 2025
Effective Date: January 1, 2025

Introduction

At mervanqielo, we understand that your financial data deserves the highest level of protection. This Privacy Policy explains how we collect, use, store, and safeguard your personal information when you use our budget deviation analysis services.

We're committed to transparency about our data practices and your rights under Australian privacy legislation, including the Privacy Act 1988 and the Australian Privacy Principles.

Your Privacy Matters

We believe in giving you control over your personal information. This policy outlines exactly what data we collect, why we need it, and how you can manage your privacy preferences.

Information We Collect

Personal Information You Provide

When you create an account or use our services, we collect information that you voluntarily provide to us:

Name & Contact Details Email Address Phone Number Business Information Financial Data Account Preferences

Financial and Budget Data

Our budget deviation analysis services require access to specific financial information:

  • Budget forecasts and actual spending data
  • Transaction categories and amounts
  • Historical financial patterns
  • Account balances and cash flow information
  • Revenue and expense breakdowns

Automatically Collected Information

We collect certain information automatically when you interact with our platform:

  • Device information including IP address, browser type, and operating system
  • Usage patterns and feature interactions
  • Session duration and frequency of visits
  • Error logs and performance metrics

How We Use Your Information

Primary Service Delivery

We use your personal and financial information primarily to deliver our budget deviation analysis services:

Data Processing

Analyzing your budget data to identify deviations and trends

Report Generation

Creating personalized insights and recommendations

Account Management

Maintaining your user account and preferences

Support Services

Providing customer support and technical assistance

Communication Purposes

We may contact you for important service-related communications, including account updates, security notifications, and responses to your inquiries. Marketing communications are only sent with your explicit consent.

Service Improvement

Aggregated and anonymized data helps us enhance our analysis algorithms and develop new features. Individual user data is never used for this purpose without explicit consent.

Data Sharing & Third-Party Disclosure

Limited Sharing Principles

We follow strict principles when it comes to sharing your personal information. Your financial data is never sold, rented, or shared for marketing purposes.

Authorized Third-Party Services

We work with carefully selected service providers who help us deliver our services:

  • Cloud Infrastructure Providers: Secure hosting and data storage
  • Analytics Services: Platform performance monitoring (anonymized data only)
  • Payment Processors: Secure transaction handling
  • Customer Support Tools: Help desk and communication systems

Legal Requirements

We may disclose personal information when required by Australian law or court order, or when necessary to protect our legal rights, prevent fraud, or ensure user safety.

Data Sharing Safeguards

All third-party service providers must sign comprehensive data processing agreements that meet Australian privacy standards and international security requirements.

Your Privacy Rights

Under Australian privacy legislation, you have comprehensive rights regarding your personal information:

Access Your Data

Request a copy of all personal information we hold about you, including how it's being used and who it's shared with.

Correct Inaccuracies

Update or correct any incorrect or outdated personal information in your account at any time.

Delete Your Account

Request complete deletion of your account and associated data, subject to legal retention requirements.

Data Portability

Export your data in a commonly used format to transfer to another service provider if desired.

Restrict Processing

Limit how we use your personal information while maintaining essential account functionality.

Withdraw Consent

Remove consent for optional data processing activities like marketing communications or analytics.

Exercising Your Rights

To exercise any of these rights, contact our privacy team at privacy@mervanqielo.com or use the data management tools in your account dashboard. We respond to all requests within 30 days and provide regular updates on complex requests.

Security Measures

Technical Safeguards

We implement multiple layers of security to protect your financial information:

  • Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256
  • Access Controls: Multi-factor authentication and role-based permissions
  • Network Security: Firewalls, intrusion detection, and regular vulnerability assessments
  • Data Isolation: Customer data is logically separated and access-controlled

Operational Security

Our team follows strict security protocols including background checks for staff with data access, regular security training, and incident response procedures.

Infrastructure Security

We use Australian-based data centers that meet ISO 27001 standards and undergo regular third-party security audits. Physical access is strictly controlled and monitored.

Security Incident Response

In the unlikely event of a security incident, we have detailed response procedures and will notify affected users within 72 hours as required by Australian privacy laws.

Data Retention

Retention Periods

We retain your personal information only as long as necessary to provide our services and meet legal obligations:

Active Account Data

Retained while your account is active and for up to 7 years after account closure for tax and legal compliance

Financial Transaction Records

Maintained for 7 years as required by Australian financial regulations

Communication Records

Support tickets and correspondence kept for 3 years for quality assurance

Marketing Data

Removed immediately upon unsubscribing or account deletion

Secure Deletion

When data reaches the end of its retention period, it's securely deleted using industry-standard methods that make recovery impossible. We provide confirmation of deletion upon request.

Cookies & Tracking Technologies

Types of Cookies We Use

Our platform uses several types of cookies to enhance your experience:

  • Essential Cookies: Required for basic platform functionality and security
  • Preference Cookies: Remember your settings and customization choices
  • Analytics Cookies: Help us understand platform usage (with your consent)

Managing Cookie Preferences

You can control cookie settings through your browser or our cookie preference center. Disabling essential cookies may limit platform functionality.

Third-Party Tracking

We don't use third-party advertising cookies or social media tracking pixels. Any third-party services are limited to essential functionality and are clearly disclosed.

International Data Transfers

Data Location

Your personal information is primarily stored and processed within Australia. When we use international service providers, we ensure appropriate safeguards are in place.

Cross-Border Transfers

Limited data may be transferred internationally for:

  • Cloud infrastructure redundancy and backup services
  • Customer support during Australian business hours
  • Software development and security monitoring

Transfer Safeguards

All international transfers are protected by standard contractual clauses, adequacy decisions, or other mechanisms approved under Australian privacy law.

Children's Privacy

Our services are designed for businesses and adults managing financial data. We don't knowingly collect personal information from children under 13 years of age.

If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly and terminate any associated account.

Parents or guardians who believe their child has provided personal information to us should contact our privacy team immediately.

Policy Updates

Notification Process

We review and update this Privacy Policy regularly to reflect changes in our practices, services, or legal requirements. When we make material changes, we will:

  • Email registered users at least 30 days before changes take effect
  • Display prominent notices on our platform
  • Update the "Last Modified" date at the top of this policy
  • Provide a summary of key changes in plain language

Your Options

If you disagree with updated terms, you can close your account before the changes take effect. Continued use of our services after the effective date constitutes acceptance of the updated policy.

Version History

Previous versions of this Privacy Policy are available upon request to help you understand how our practices have evolved over time.

Privacy Contact Information

We're committed to addressing your privacy questions and concerns promptly. Our privacy team is available to help you understand your rights and exercise them effectively.

Privacy Officer

Email: privacy@mervanqielo.com

Response Time: Within 48 hours

General Support

Email: support@mervanqielo.com

Phone: +61 244 437 810

Postal Address

mervanqielo Privacy Team

Upstairs, 122 Victoria St

Bunbury WA 6230, Australia

If you're not satisfied with our response to your privacy concern, you have the right to contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or by calling 1300 363 992.