Mercorama is an AI-powered platform. Every query you submit may be processed by one or more language models. This page explains exactly which AI providers we use, what data they receive, how long they hold it, and what Mercorama itself retains.
Your account data — email address, password, and billing details — is never included in AI prompts. Most tools send only product descriptions, HS codes, and trade parameters. The one exception is the Deal Summary Generator, which sends seller and buyer party names to Claude because a trade agreement cannot be drafted without them. Where processing can be handled locally via Ollama, we prefer that over sending data to an external service.
Primary AI engine for trade analysis, deal document generation, HS code classification, Incoterm recommendations, and Export Compass results.
On-premise small language model for lightweight definitional queries (Incoterm definitions, HS heading lookups, clause templates).
Separate from AI providers, Mercorama's own platform retains the following:
| Data Category | What's Stored | Retention Period | Legal Basis |
|---|---|---|---|
| Account Data | Email, name, password hash (Supabase Auth), plan tier, beta cohort | Lifetime of account. Deleted within 30 days of deletion request. | Contract performance · Legitimate interest (fraud prevention) |
| Tool Inputs & Outputs | Text entered into tools and AI-generated responses | Session data not persisted by default. If saved results are introduced, retention period will be stated at point of save. | Legitimate interest (service improvement, error diagnosis) |
| Usage Logs | API route hits, tool run counts, feature access timestamps. No prompt content stored. | Rolling 90-day window. Auto-purged after 90 days. | Legitimate interest (rate limiting, abuse prevention) |
| Billing & Payment | Stripe customer ID, subscription status, plan history. Card details held exclusively by Stripe. | 7 years (Canadian financial record-keeping obligations) | Legal obligation (CRA) · Contract performance |
| Export Compass Reports | Market intelligence results for your product–country combination | Not currently persisted. If saving introduced: 12 months or until deleted. | Contract performance |
Request a copy of all personal data we hold about you.
Request deletion of account and data. Actioned within 30 days.
Ask us to correct inaccurate data. Account details can be updated in your profile.
To exercise any of these rights, email [email protected]. We respond within 30 days.
We will update this page whenever we add a new AI provider, change a retention period, or modify how we handle data. Material changes will be communicated by email to registered users at least 14 days before taking effect.