Privacy Policy

Last updated: May 20, 2026

This Privacy Policy describes how MR Tech (“we”, “our”, “us”) collects, uses, and protects your personal information. We take data privacy, security, and integrity seriously. Our systems are engineered and audited in accordance with the General Data Protection Regulation (GDPR) and SOC 2 Type II Trust Services Criteria, alongside national government accounting regulations.

1. Information We Process

To provide e-commerce services, subscription modules, and support ticketing, we collect personal details directly provided by you or generated through site activity:

  • Profile Details (Name, Email, Phone)
  • Delivery & Billing Addresses
  • Wishlist Items & Shopping Cart Details
  • Order Placements, Payments & Invoices

2. Your GDPR Rights

As a data subject under GDPR, you possess full sovereignty over your Personally Identifiable Information (PII):

Right to Portability (Art. 20)

You can download a complete, machine-readable JSON archive containing your user profile, saved addresses, wishlist logs, and historical orders directly from your account settings panel at any time.

Right to Deactivation (Art. 17)

You have the right to request deactivation and soft-deletion of your account. Upon activation, all your active sessions are terminated, login permissions are revoked, and your status flags are toggled.

3. Government Compliance & Audit Retention

Critical Record Preservation: In accordance with national tax guidelines, government bookkeeping compliance, and corporate financial accounting regulations, all transaction documents—including Order Placements, Payment Records, Corporate Client Files, and Quotations—must remain fully intact and immutable for a minimum retention window.

Therefore, soft-deleting an account will leave all transactional, address, and profile records intact within our secure data layer. This ensures that historical audit trails, accounting summaries, and governmental audits are not broken or compromised.

4. SOC 2 Security Safeguards

We operate rigorous technical safeguards to ensure confidentiality, integrity, and availability:

Access Control & Brute-Force Shield

We enforce complex password policies requiring uppercase, lowercase, numerical, and special characters. Rapid failed login attempts trigger progressive lockout periods (up to 60 minutes) to prevent brute-force intrusion attempts.

Detailed Request Audit Logging

All transactional API requests are logged with timestamped request IDs, system fingerprints, browser user agents, and correlation hashes. All sensitive parameters (passwords, OTP codes, credit cards) are redacted automatically.

Contact Information

For questions or concerns regarding this Privacy Policy or our compliance framework:

MR Tech
Email: [email protected]
Phone: 09617-MRTECH (678243)
Address: 423, Zahera Mansion, Dhali Bhari Kacha Bazar Mour (Evercare Hospital Link Rd), 1212