Privacy Policy

Effective Date: January 15, 2025

Our Commitment to Your Privacy

At Merge Digital (Pty) Ltd ("we", "our", "us", or "classification.tools"), we are committed to maintaining the privacy and security of your personal and sensitive information. We take the protection of your data seriously and have implemented appropriate technical and organizational measures to keep it secure.

This Privacy Policy explains how we collect, use, share, and protect information about you when you use our Services, which include our website (classification.tools), API services, mobile applications, and related online services.

We do not sell or share your personal information with third parties for their marketing purposes. Your data is used solely to provide and improve our classification services.

Information We Collect

We collect several types of information to provide and improve our Services:

1. Personal Information You Provide

When you create an account or use our Services, you may provide:

  • Account Information: Name, email address, phone number, company name, billing address
  • Payment Information: Credit card details, billing information (processed securely through third-party payment processors)
  • Communication Data: Messages, feedback, and support requests you send to us
  • Professional Information: Job title, industry, business type, company size

2. API Usage Data

When you use our classification API, we collect:

  • Classification Requests: Product descriptions, chemical names, and other input data you submit for classification
  • Classification Results: HS codes, ECCN numbers, CAS numbers, dangerous goods classifications we return
  • API Usage Metrics: Number of requests, response times, error rates, API endpoints used
  • Request Metadata: Timestamps, origin/destination countries, language preferences

3. Automatically Collected Information

We automatically collect certain information when you access our Services:

  • Device Information: IP address, browser type and version, operating system, device identifiers
  • Usage Information: Pages viewed, features used, time spent, navigation paths
  • Technical Data: API keys used, authentication tokens, error logs
  • Location Data: General geographic location based on IP address

4. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities. See our Cookies section below for more details.

How We Use Your Information

We use the information we collect for the following purposes:

Service Provision

  • Provide, maintain, and improve our classification API and services
  • Process your classification requests and deliver accurate results
  • Authenticate your access and manage your account
  • Process payments and send billing statements
  • Provide technical support and respond to your inquiries

Service Improvement

  • Train and improve our machine learning classification models
  • Analyze usage patterns to enhance API performance and accuracy
  • Develop new features and services
  • Conduct research and analytics (using aggregated, anonymized data)

Communication

  • Send service notifications, updates, and security alerts
  • Communicate about regulatory changes affecting classifications
  • Send marketing communications (with your consent, where required)
  • Respond to your requests and provide customer support

Legal and Security

  • Comply with legal obligations and regulatory requirements
  • Detect, prevent, and address fraud and security issues
  • Enforce our Terms of Service and protect our rights
  • Maintain data security and system integrity

How We Share Your Information

We may share your information in the following limited circumstances:

Service Providers

We work with third-party service providers who perform services on our behalf:

  • Cloud Hosting: Microsoft Azure, AWS (for infrastructure and data storage)
  • Payment Processing: Stripe, PayPal (for secure payment processing)
  • Email Services: SendGrid, Mailchimp (for transactional and marketing emails)
  • Analytics: Google Analytics (for website usage analytics)
  • Customer Support: Zendesk, Intercom (for support ticket management)

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

Legal Requirements

We may disclose your information if required by law or in response to:

  • Subpoenas, court orders, or legal processes
  • Government or regulatory requests
  • Investigations of potential violations of our Terms of Service
  • Protection of our rights, property, or safety, or that of others

Business Transfers

In the event of a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the successor organization. We will notify you of any such change in ownership or control.

Aggregated Data

We may share aggregated, anonymized data that does not identify you personally with:

  • Industry partners for research and benchmarking
  • The public to demonstrate service capabilities and trends
  • Academic researchers for trade compliance studies

Data Security

We take security seriously and have implemented appropriate technical and organizational measures to protect your information:

  • Encryption: Data in transit is encrypted using TLS 1.2+; data at rest is encrypted using AES-256
  • Access Controls: Role-based access with multi-factor authentication for our team
  • Monitoring: 24/7 security monitoring and intrusion detection systems
  • Regular Audits: Security assessments and penetration testing
  • Compliance: SOC 2 Type II certified, GDPR compliant, ISO 27001 certified

However, please note that no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information using industry-standard practices, we cannot guarantee absolute security and are not liable in the event of a data breach or unauthorized access beyond our reasonable control.

Your Rights and Choices

You have the following rights regarding your personal information:

Access and Portability

  • Request a copy of the personal information we hold about you
  • Download your classification history and account data
  • Export your data in a machine-readable format

Correction and Updates

  • Update your account information through your dashboard
  • Request correction of inaccurate or incomplete data
  • Modify your communication preferences at any time

Deletion

  • Request deletion of your account and personal information
  • Delete specific classification requests from your history
  • Note: We may retain certain information as required by law or for legitimate business purposes

Marketing Communications

  • Opt out of marketing emails by clicking "unsubscribe" in any email
  • Update your email preferences in your account settings
  • Note: You will still receive essential service-related communications

Data Processing Restrictions

  • Object to processing of your data for certain purposes
  • Request restriction of processing in specific situations
  • Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us at [email protected] or through your account settings.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities and preferences.

Types of Cookies We Use

Essential Cookies (Required)

Necessary for the website to function properly:

  • Session management and authentication
  • Security and fraud prevention
  • Load balancing and performance

Analytics Cookies (Optional)

Help us understand how visitors use our website:

  • Google Analytics (anonymized IP addresses)
  • Usage patterns and feature adoption
  • Performance monitoring

Functional Cookies (Optional)

Remember your preferences and settings:

  • Language preferences
  • Display settings
  • Recently viewed items

Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may limit functionality. Most browsers allow you to:

  • View and delete cookies
  • Block third-party cookies
  • Block all cookies (may impact functionality)
  • Delete cookies when closing your browser

International Data Transfers

Merge Digital is based in South Africa, but we operate globally and may process data in multiple countries:

  • Our primary data centers are located in South Africa, Europe (Netherlands, Germany), and the United Kingdom
  • We use Microsoft Azure and AWS infrastructure across multiple regions
  • We implement appropriate safeguards for international transfers (Standard Contractual Clauses)
  • Data may be transferred to countries with different data protection laws

By using our Services, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection rules.

Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes described in this Privacy Policy:

  • Account Data: Retained while your account is active and for 90 days after deletion
  • Classification History: Retained for 2 years or as specified in your subscription plan
  • Billing Records: Retained for 7 years to comply with tax and accounting regulations
  • Aggregated Data: May be retained indefinitely in anonymized form
  • Security Logs: Retained for 1 year for security and audit purposes

You may request deletion of your data at any time, subject to legal retention requirements.

Children's Privacy

Our Services are not directed to children under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us at [email protected], and we will take steps to delete such information.

GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under GDPR:

  • Right to be informed about data collection and use
  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making and profiling

Legal Basis for Processing: We process your data based on:

  • Contract performance (providing our Services)
  • Legitimate interests (improving our Services, fraud prevention)
  • Legal obligations (compliance with applicable laws)
  • Consent (where applicable, such as marketing communications)

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Effective Date" at the top of this policy
  • Post the revised policy on this page
  • Notify you via email for significant changes (if you have an account)
  • Provide a prominent notice on our website

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Merge Digital (Pty) Ltd

Privacy Officer

Email: [email protected]

General Inquiries: [email protected]

Mailing Address:
Merge Digital (Pty) Ltd
Durban, South Africa

Response Time: We will respond to your privacy requests within 30 days.

For immediate assistance or additional questions, please submit your request through our Contact Form.

Supervisory Authority

If you are located in the EEA, UK, or Switzerland and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

Privacy Summary