How we handle your information.

1. Who we are

Mericron, Inc. is a Delaware C-corporation with its principal office in Saratoga County, NY, USA. References to "Mericron", "we", "us", and "our" mean Mericron, Inc. and (where context permits) its subsidiaries.

2. Information we collect

• Contact data — name, business email, company, role — when you submit a form (CRM lead, sample request, gated download, newsletter, careers).
• Account data — password hash, MFA token — when you register on the Customer Portal or Defense Portal.
• Inquiry data — information you provide when you use a contact form.
• Telemetry — anonymised page-view counters, error reports, and a one-time cookie consent record — for site reliability. We do not use third-party advertising trackers.
• Documents you submit — NDAs, U.S.-person attestations, EAR/ITAR review forms — when you engage with defense / qualified portals.

3. Lawful basis (GDPR / UK GDPR)

We rely on (a) contract for sample, order, and portal-account processing; (b) legitimate interests for direct outreach to business addresses you've provided; (c) consent for marketing email and non-essential cookies; and (d) legal obligation for export-control screening, tax records, and audit retention.

4. How we use your information

To respond to your request, route the inquiry internally, comply with applicable legal obligations, secure our systems, and (with consent) send company updates. We do not sell, rent, or trade your information.

5. Retention

Business inquiries are retained only as long as needed for legitimate business and legal purposes. Marketing-only contacts may be removed sooner if you opt out or ask us to delete them.

6. International transfers

Mericron primarily processes data in the U.S. (Odoo Cloud, U.S. region). For EU/UK transfers we rely on Standard Contractual Clauses (2021/914/EU) and the UK Addendum. Japanese-residency processing for our Tokyo presence is on JP-domiciled Odoo when required by JP procurement.

7. Your rights

You can request access, correction, deletion, restriction, or portability of your information at any time. EU/UK residents may also lodge a complaint with their supervisory authority. California residents have CCPA/CPRA rights including the right to know, delete, correct, and opt out of "sale or share" (we do neither).

8. Security

We follow the security architecture described on our Security disclosure page. Our SOC 2 Type II is in flight; security questionnaires are available under NDA via the Customer Portal.

9. Contact

For privacy questions, use the Contact Mericron form and include "privacy" in your message so it can be routed appropriately.

10. Changes

We post material changes here with an updated effective date and email opted-in subscribers. The current version is binding from the effective date at the top of this page.