Privacy Policy

1. Scope and definitions

This Privacy Policy (“Policy”) describes how MECE TECH (“we,” “our,” or “us”) treats information in connection with our website at mece.tech, the Castle small-business software product (“Castle”), and any related services (together, the “Services”). “You” and “your” mean the individual or entity using the Services.

“Personal data” means information that identifies or can reasonably be linked to you or your household. “Sensitive information” includes financial account details, payment card data, payroll and tax information, health information, and other data that is typically considered confidential or highly sensitive.

2. Data controller

MECE TECH is the data controller responsible for the processing of personal data described in this Policy. Our contact details are in Section 12.

3. What we do not do

4. Information we may collect

Information you give us. When you contact us (for example via our website contact or demo request forms), we may collect your name, email address, company name, and the content of your message. We use this only to respond to your inquiry and to provide the Services you request.

Castle account and product data. If you use Castle, we may collect account and usage data necessary to provide the product (for example, account credentials, business name, and data you enter into Castle such as invoices, schedules, or checklists). This data is used to operate Castle for you. We do not use it for advertising or for building profiles about you.

Website and technical data. Our marketing website may use minimal analytics (e.g., aggregate page views and referrer information) to understand how the site is used. We do not use such tools to track your behavior inside the Castle application or to identify you for marketing. We may collect technical data such as IP address and browser type where necessary for security or to operate the website.

5. How we use information

We use the information we collect only for:

• Providing, maintaining, and improving the Services;
• Responding to your inquiries and requests;
• Security, fraud prevention, and compliance with law;
• As otherwise described in this Policy or with your consent.

We do not use your personal data for targeted advertising, and we do not use your sensitive business or financial data for any purpose other than delivering and securing the Services.

6. Sharing and disclosure

We do not sell or share your personal data with third parties for their marketing or for any purpose unrelated to the Services.

We may disclose information only in the following circumstances:

• Service providers: We may use trusted service providers (for example, hosting, email, or payment processors) that process data on our instructions and under agreements that protect your data. These providers do not use your data for their own marketing.
• Legal and safety: We may disclose information if required by law, court order, or government request, or when we believe in good faith that disclosure is necessary to protect rights, safety, or property.
• With your consent: We may share information when you have given us clear consent to do so.

7. Data retention

We retain your information only as long as necessary to provide the Services, respond to your requests, comply with legal obligations, resolve disputes, and enforce our agreements. When we no longer need the information, we will delete or anonymize it in accordance with our data retention practices.

8. Security

We use reasonable technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include secure transmission (e.g., TLS), access controls, and secure storage practices. No method of transmission or storage is completely secure; we cannot guarantee absolute security but we work to protect your data in line with industry practice.

9. Your rights

Depending on where you live, you may have rights to access, correct, delete, or restrict the processing of your personal data, or to data portability. You may also have the right to object to certain processing or to withdraw consent. To exercise these rights, please contact us using the details in Section 12. We will respond in accordance with applicable law. If you are in the European Economic Area or the United Kingdom, you also have the right to lodge a complaint with a supervisory authority.

10. Children

The Services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have collected such data, please contact us and we will take steps to delete it.

11. Changes to this policy

We may update this Policy from time to time. We will post the updated Policy on this page and update the “Effective date” at the top. If we make material changes that affect how we use your personal data, we will provide additional notice (for example, by email or a notice in the Services) where appropriate. Your continued use of the Services after the effective date of the updated Policy constitutes acceptance of the updated Policy, except where further consent or notice is required by law.

12. Contact

For questions about this Policy, your personal data, or to exercise your rights, contact us at:

MECE TECH
Email: contact@mece.tech

We will respond to your request as required by applicable law.