Privacy Policy

Last updated: June 2026

1. Information We Collect

Mortacc collects information you provide directly — firm name, contact details, client entity data, corporate records, and uploaded documents. We also collect standard server log data (IP address, browser type, pages visited) for security and analytics.

2. How We Use Your Information

Your data is used solely to provide the Mortacc platform: managing corporate entities, generating documents, tracking compliance, processing payments, and supporting your account. We do not sell, rent, or share your data with third parties for marketing purposes.

3. Data Storage & Security

All data is stored on Canadian infrastructure (Toronto — yyz region). We use encryption in transit (TLS 1.3) and at rest. Database access is restricted to authorized application processes. Backups are encrypted and retained for 30 days.

4. Data Retention

We retain your data for as long as your account is active. Upon account closure, data is permanently deleted within 90 days. You may request earlier deletion by contacting support@mortacc.com.

5. Your Rights

You have the right to access, correct, delete, and export your data. Canadian firms and their clients are protected under PIPEDA. Submit requests to support@mortacc.com — we respond within 30 days.

6. Third-Party Services

Mortacc uses Stripe for payment processing. Stripe's privacy policy applies to payment data. We use Sentry for error monitoring (no personal data). We do not use third-party analytics or advertising trackers.

7. Contact

Questions about this policy? Contact us at support@mortacc.com.