Privacy Policy

1. Information We Collect

Personal Information You Provide

When you sign up or use morenthilara, we collect what you give us directly. This includes your name, email address, phone number, and business details. If you're connecting bank accounts or financial systems, we'll receive login credentials (which we encrypt immediately) and any financial data you authorize us to access.

We also collect information when you contact our support team or participate in surveys. Sometimes people share more context about their business challenges, which helps us improve our tools. We keep those conversations on file.

Financial Data

Here's where it gets specific to what we do. Our software analyzes financial information, so we collect:

• Transaction records and account balances from connected financial institutions
• Invoice data, expense records, and payment histories
• Tax information and financial statements you upload
• Cash flow patterns and budget allocations
• Business performance metrics and KPIs you track

Automatically Collected Information

Like most online services, we automatically gather technical data when you use our platform. This includes your IP address, browser type, device information, and operating system. We track which features you use, how long you spend on different pages, and what actions you take within the software.

We use cookies and similar tracking technologies. Some are essential for the platform to function, others help us understand usage patterns and improve performance.

2. How We Use Your Information

We're not collecting data just to have it. Everything we gather serves a purpose for making morenthilara work better for you.

Core Service Delivery

First and foremost, we use your data to provide the financial analysis tools you signed up for. This means processing your financial information, generating reports, creating forecasts, and delivering the insights you need. Without access to your data, our software literally can't do its job.

Platform Improvement

We analyze usage patterns to understand what's working and what isn't. If everyone struggles with a particular feature, we need to know that. We look at aggregate data to spot trends, identify bugs, and prioritize new features. Your individual actions help shape how the platform evolves.

Communication

We use your contact information to send important updates about your account, respond to support requests, and notify you about changes to our service. Sometimes we'll send educational content or feature announcements, but you can opt out of those.

Security and Fraud Prevention

We monitor for suspicious activity to protect your account and our platform. This includes tracking login locations, flagging unusual access patterns, and maintaining audit logs of data access. These measures help us catch potential security issues before they become problems.

Legal Compliance

Australian financial regulations require us to maintain certain records and perform specific checks. We use your data to comply with these requirements, including anti-money laundering provisions and tax reporting obligations.

3. How We Share Your Information

We don't sell your data. Period. But we do share it in specific circumstances, and you should know about them.

Service Providers

We work with third-party companies that help us run morenthilara. This includes cloud hosting providers (your data lives on secure servers), payment processors (when you pay for our service), and customer support tools. These companies only get access to the data they need to do their specific job, and they're contractually required to protect it.

Financial Institutions

When you connect your bank accounts or accounting software, we use secure integration services to access that data. These connections work through encrypted APIs, and we only access what you explicitly authorize. You can revoke these connections anytime through your account settings.

Legal Requirements

If we receive a valid legal request for information, we may need to comply. This could include subpoenas, court orders, or regulatory investigations. We'll notify you about such requests unless legally prohibited from doing so.

Business Transfers

If morenthilara gets acquired or merges with another company, your information would transfer to the new entity. We'd notify you before this happens and explain any changes to how your data is handled.

4. Your Rights and Choices

Under Australian privacy law (specifically the Privacy Act 1988 and Australian Privacy Principles), you have significant control over your personal information.

Access Your Data

You can request a copy of all personal information we hold about you. We'll provide this in a commonly used electronic format within 30 days. Most of your data is already accessible through your account dashboard, but if you want a complete export, just ask.

Correct Inaccurate Information

Spotted an error in your profile or financial data? You can update most information directly through your account settings. For data that comes from connected financial institutions, you'll need to correct it at the source, and our system will update automatically.

Delete Your Data

You can request deletion of your account and associated data. We'll remove everything except what we're legally required to retain (usually for tax or regulatory purposes). This process typically takes 30 days to complete. Be aware that deletion is permanent and you'll lose access to all historical reports and analysis.

Restrict Processing

In certain situations, you can ask us to limit how we use your data. For example, if you're disputing the accuracy of information, you can request we pause processing it while we investigate. This might affect service functionality during the restriction period.

Data Portability

Want to take your data elsewhere? We'll provide your information in a structured, machine-readable format that you can transfer to another service. This includes your financial data, reports, and account settings.

Object to Processing

You can object to certain types of data processing, particularly for marketing purposes. However, some processing is essential for the service to function, so objecting might mean we can't provide certain features.

5. Data Security

Financial data demands serious security. Here's what we do to protect yours.

Encryption

All data transfers use TLS 1.3 encryption, the same standard banks use. Your data is also encrypted when stored on our servers. Even if someone somehow accessed our storage systems, they'd find unreadable encrypted data without the decryption keys (which are stored separately).

Access Controls

Not everyone at morenthilara can access your data. We use role-based access controls, meaning employees only see the information necessary for their job. Access is logged and regularly audited. Our development team works with anonymized data for testing and improvements.

Infrastructure Security

We host on enterprise-grade cloud infrastructure with redundant systems, regular backups, and disaster recovery procedures. Our servers are located in Australian data centers that meet ISO 27001 standards. We perform regular security assessments and penetration testing to identify vulnerabilities.

Authentication

We require strong passwords and offer two-factor authentication (which we strongly recommend enabling). Session tokens expire after periods of inactivity, and we monitor for suspicious login attempts.

Breach Response

If a data breach occurs, we'll notify affected users within 72 hours and report to the Office of the Australian Information Commissioner as required. We maintain an incident response plan that we test regularly.

No security system is perfect. While we implement industry-standard protections, we can't guarantee absolute security. That's why we focus on multiple layers of defense and rapid response capabilities.

6. Data Retention

We don't keep your data forever, but we do need to retain certain information for specific periods.

Active Account Data

While your account is active, we maintain all your financial data and analysis history. This allows you to access historical reports and track trends over time. You control what data you upload and can delete specific datasets through your account.

Closed Account Data

After you close your account, we retain certain information for 7 years to comply with Australian tax and business record requirements. This includes transaction records, financial statements, and account activity logs. Personal identifiers are minimized where possible while maintaining compliance.

Technical Logs

Security and access logs are kept for 2 years for audit and investigation purposes. After that, they're permanently deleted. Aggregated, anonymized usage statistics may be retained longer for platform improvement.

Marketing Data

If you opt out of marketing communications, we keep your email address on a suppression list to ensure we don't accidentally contact you again. Otherwise, marketing consent records are deleted 3 years after your last interaction.

7. International Data Transfers

Your data is primarily stored and processed in Australia. However, some situations involve international transfers.

Service Providers

Some of our service providers operate globally with servers in multiple countries. When we transfer data internationally, we ensure the receiving party provides adequate protection through standard contractual clauses or equivalent mechanisms approved under Australian privacy law.

Support Operations

Our support team is based in Australia, but we use cloud-based tools that may process data in other jurisdictions temporarily. These tools are covered by data processing agreements that ensure Australian privacy standards apply.

If you have concerns about international transfers, contact us to discuss your specific situation. In some cases, we may be able to accommodate data residency requirements.

8. Children's Privacy

morenthilara is designed for business use and not intended for children under 18. We don't knowingly collect information from minors. If we discover we've inadvertently collected data from someone under 18, we'll delete it immediately.

If you're a parent or guardian and believe your child has provided us with personal information, contact us right away so we can address it.

9. Changes to This Policy

We update this privacy policy occasionally to reflect changes in our practices, legal requirements, or platform features. When we make significant changes, we'll notify you via email and through a prominent notice in your account dashboard.

The date at the top of this document shows when it was last updated. We recommend reviewing this policy periodically to stay informed about how we protect your information.

Continuing to use morenthilara after policy changes means you accept the updated terms. If you disagree with changes, you can close your account before they take effect.

10. Cookies and Tracking

We use cookies and similar technologies to make morenthilara work properly and improve your experience. Here's the breakdown.

Essential Cookies

These keep you logged in, remember your preferences, and maintain security. You can't opt out of these because they're necessary for the platform to function. They expire when you close your browser or after your session ends.

Performance Cookies

These help us understand how people use morenthilara so we can fix problems and improve features. They collect aggregated data about page views, feature usage, and performance metrics. You can disable these in your account settings.

Managing Cookies

Most browsers let you control cookies through their settings. Blocking certain cookies might affect platform functionality. You can manage your cookie preferences through your account settings or browser configuration.

11. Australian Privacy Compliance

morenthilara complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We're committed to handling your personal information in accordance with these requirements.

Your APP Rights

Under the APPs, you have specific rights regarding your personal information. We've designed our systems and processes to support these rights and make them easy to exercise.

Complaints Process

If you believe we've mishandled your personal information, you can lodge a complaint with us. We take these seriously and will investigate promptly. If you're not satisfied with our response, you can escalate to the Office of the Australian Information Commissioner (OAIC).