MOR PRIVACY POLICY

Effective Date: 1 November 2025

Last Updated: 30 March 2026

This Privacy Policy (the "Policy") explains how Mor (referred to as "Mor," "we," "us," or "our") manages your Personal Information. We are committed to protecting the privacy of our customers and website visitors in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth).

This Policy applies to all personal information collected by us through our website at getmor.co and move.getmor.co (the "Website"), our e-commerce platform (WooCommerce), and our NFC URL Redirection Service (the "Service").

1. Our Contact Details (Mandatory APP 1)

Detail	Information
Business Name	Mor Business
Email Address	support@getmor.co
Mailing Address	2/290 Boundary Street, Spring Hill QLD 4000 AUSTRALIA

2. What Personal Information We Collect

We only collect personal information that is reasonably necessary for the purposes of managing and operating the Service, fulfilling product orders, and delivering valuable usage analytics (APP 3).

Category	Types of Information Collected	Purpose of Collection
Customer/Order Data	Name, business name, billing and shipping addresses, telephone number, email address, and custom design notes (e.g., logo files).	To fulfill product orders, process payments, communicate about delivery, and manage customer accounts.
NFC Service Data (Usage Analytics)	Unique Tag Identifier: The permanent, static URL are pre-programmed onto your NFC card or plate. Click Metadata: IP address, device type, time of tap/scan, date, frequency, and general geographic location of the tap. Technical Identifiers: We collect device IP addresses and browser "User Agent" strings when an NFC product is tapped or a QR code is scanned. Purpose of Anonymization: This data is collected to provide "Unique Tap" analytics (distinguishing between multiple taps by the same guest vs. new guests). To protect guest privacy, we aim to anonymize or delete these logs once they are no longer required for your reporting period.	Mandatory Disclosure: To provide you (the customer) with performance metrics and analytics on the usage of your product, to manage the dynamic redirection function, and to ensure the security and stability of the Service.
Digital Activity Data	Browsing history, page views, items added to the cart, session duration, and referral source (via cookies/tracking).	To maintain the functionality of the website, personalize advertising, and improve user experience.
Destination Data	The customer-supplied Google Business Profile URL or personal link that the NFC tag is programmed to redirect to.	Stored solely for the purpose of executing and maintaining the dynamic redirection function of the Service.

3. How We Collect and Store Your Personal Information

3.1. Direct Collection (Solicited Information)

We collect information directly from you when you interact with our service:

When you place an order or pre-order through WooCommerce.
When you submit your destination URL via the online form post-purchase.
When you create or update an account/profile to manage your redirects.
When you subscribe to our marketing newsletters.

3.2. Automated Collection (Usage Analytics)

We collect Usage Data automatically when an end-user taps your NFC plate or card or interacts with our Website. This data is collected and linked to your customer account by our URL Redirection Service and website analytics tools (e.g., Google Analytics).

3.3. Storage and Security

We take reasonable steps to protect your personal information from misuse, loss, unauthorized access, modification, or disclosure. This includes storing data on secure servers and utilizing encryption for payment processing.

4. How We Use and Disclose Personal Information

We will not use or disclose your personal information for any purpose other than the primary purpose for which it was collected, unless you have consented, or the use is permitted under APP 6 (Use and Disclosure).

Primary Purposes:

Fulfilling your orders and delivering Goods.
Providing the requested Service, including allowing you to manage and update your URL redirects.
Sharing the collected NFC Service Data (Usage Analytics) with you via your customer dashboard so you can monitor the performance of your product.
General marketing and communications related to your product.
Social Proof & Case Studies: We may use your business name and logo for promotional purposes (as outlined in our Terms and Conditions). You have a "Right to Revoke" this permission at any time by emailing hello@getmor.co.

Disclosure to Third Parties (APP 6):

We may share your information with the following external parties:

Payment Processors (e.g., Stripe, PayPal, credit card gateways) to process transactions.
Shipping and Logistics Providers (e.g., Australia Post) to deliver your Goods.
Third-Party Digital Service Providers (e.g., Bitly for URL management, cloud hosting platforms) strictly for the purpose of maintaining the Service functionality.

Automated Decisions: Mor does not currently utilize computer programs or AI to make decisions that significantly affect your rights or interests. If this changes, we will update this policy and provide the required transparency in accordance with APP 1.7

5. Cross-Border Data Disclosure (APP 8)

Mor operates with a global perspective and may use third-party providers located outside of Australia.

By accepting this Policy, you acknowledge that we may disclose your personal information to overseas recipients, including but not limited to, parties in the United States of America (for cloud hosting, analytics, and URL redirection services).

When data is disclosed overseas, Mor takes reasonable steps to ensure that the overseas recipient handles your personal information in accordance with the APPs, but we will not be responsible for acts or practices of an overseas recipient that breach the APPs.

6. Data Retention and Destruction

We only keep your personal information for as long as it is reasonably necessary to provide the Service or as required by Australian law (e.g., 7 years for financial records).

Analytics Logs: IP address logs used for tap analytics are typically retained for [e.g., 60–90 days] before being deleted or permanently de-identified .

Account Data: If you close your Mor account, we will take reasonable steps to destroy or permanently de-identify your personal information within 30 days, unless we are required to keep it for legal or tax purposes.

7. Accessing and Correcting Your Information (APP 12 and 13)

You have the right to request access to the personal information we hold about you and request that we correct any information that is inaccurate, incomplete, or out-of-date.

Access: To request access, please contact us using the contact details in Section 1. We may require proof of identity before providing access.
Correction: If you believe any information we hold is incorrect, please notify us immediately so we can take reasonable steps to correct it.

8. How to Lodge a Complaint (Mandatory APP 1)

If you believe we have breached the Australian Privacy Principles or mishandled your personal information, you may lodge a complaint by contacting us in writing using the details in Section 1.

We will acknowledge your complaint in writing and endeavor to resolve it within 30 days.
If you are not satisfied with our response, you may escalate your complaint to the Office of the Australian Information Commissioner (OAIC).

9. Changes to this Privacy Policy

We may update this Policy from time to time to reflect changes in our information handling practices or legal requirements. We encourage you to review this Policy periodically. Material changes will be clearly posted on our Website and, where appropriate, notified to you via email.