Privacy Policy

Last updated: 19 April 2026

1. Introduction

This Privacy Policy explains how Murguz (“Murguz”, “we”, “us”, or “our”) collects, uses, shares, and protects your personal data when you use our website at murguz.com (the “Website”), including when you submit the “Schedule Call” form, contact us directly, or register for an account in areas of our services where registration is available.

We are committed to protecting your privacy and handling your personal data in compliance with Regulation (EU) 2016/679 (the General Data Protection Regulation or GDPR) and the Data Protection Acts 1988–2018 of Ireland, as well as any other applicable Irish or EU data protection laws.

2. Data Controller and Contact Details

For the purposes of GDPR and applicable data protection laws, the data controller is:

  • Murguz.com
  • Postal address: Bracken Road, Dublin 18, Co. Dublin, Ireland
  • Email: info@murguz.com

If we appoint a Data Protection Officer (DPO), their contact details will be provided here.

3. Personal Data We Collect

You may choose not to provide certain personal data. However, where that data is necessary for us to create your account, respond to your enquiry, or provide a requested feature or service, you may not be able to use that feature or receive that service.

3.1 Data You Provide Directly

When you fill out the “Schedule Call” form, contact us, or otherwise interact with us directly, you may provide:

  • Business information: business name, website.
  • Contact details: first name, last name, email address, phone number.
  • Preferences: preferred time for a call or meeting, and any other details you choose to include in free-text fields.

If you communicate with us by email, phone, contact form, video call, or other channels, we may collect the content of your communications, meeting details, follow-up correspondence, and any related information you choose to share.

3.2 Account and Registration Data

If you register for an account or access restricted areas of our services, we may collect and store information such as your name, email address, account credentials, account preferences, company details, and records related to the creation and administration of your account.

3.3 Usage Data

When you browse the Website, we may collect:

  • Technical data: IP address, browser type and version, device identifiers, operating system and platform, language settings, approximate location inferred from IP address, and similar connection or diagnostic information.
  • Usage information: pages viewed, time and date of visits, time spent on each page, referring URLs, searches performed, navigation paths, and interaction data (e.g. clicks, scrolling, form interactions).

This data may be collected through standard web server logs, cookies, analytics tools, and similar technologies.

3.4 Cookies and Similar Technologies

We use cookies and similar technologies in a limited way on the Website. Some cookies may be strictly necessary to support basic site functionality, security, network management, or user-requested actions.

At present, our only planned non-essential analytics tool is Google Analytics. If enabled, Google Analytics may set first-party or third-party cookies to help us understand aggregate Website usage, such as page visits, traffic sources, and general engagement patterns. We use this information to measure and improve the performance of the Website and our outreach to prospective business clients.

Where required by law, we will request your consent before using non-essential analytics cookies, including Google Analytics cookies. You can also manage cookies through your browser settings, and where a consent mechanism is available on the Website you may update your choices there. For more detail, please see our Cookie Policy.

3.5 Special Category Personal Data

We do not intentionally request or require special categories of personal data (such as data concerning health, racial or ethnic origin, religious beliefs, political opinions, trade union membership, genetic data, biometric data for identification purposes, or data concerning a person's sex life or sexual orientation) in order to operate our Website or provide our standard business services.

Please avoid including special category personal data in free-text fields, enquiry messages, meeting notes, uploaded materials, or other content you submit to us unless it is strictly necessary. If you choose to provide such information, we may store and process it as part of the information you submit, in accordance with this Privacy Policy and applicable law.

4. Purposes and Legal Bases for Processing

We use the personal data we collect to provide and improve our Website, platform, and related business services. Depending on how you interact with us, this may include responding to enquiries, arranging calls, delivering services, administering accounts, supporting client projects, improving our workflows and platform, communicating important updates, and protecting the security of our systems.

We process your personal data only where a legal basis applies under Article 6 GDPR. Depending on the circumstances, we may process your personal data because it is necessary to perform a contract with you, to take steps at your request before entering into a contract, to pursue our legitimate interests, to comply with legal obligations, or because you have given your consent.

Where we rely on consent, you may withdraw it at any time. For example, you may unsubscribe from marketing emails using the link included in those communications, adjust cookie preferences where available, or contact us using the details in Section 2. Withdrawal of consent will not affect the lawfulness of processing carried out before that withdrawal.

4.1 To Respond to Your Enquiries and Provide Initial Services

Purpose: To process your “Schedule Call” request, respond to your queries, and communicate with you about potential collaboration or services.

Legal basis:

  • Article 6(1)(b) GDPR – processing is necessary for the performance of a contract or in order to take steps at your request prior to entering into a contract; and/or
  • Article 6(1)(f) GDPR – our legitimate interest in responding to business enquiries and developing our client relationships.

4.2 To Register and Administer Accounts

Purpose: To create and manage user accounts, authenticate users, maintain account settings, and provide access to account-based areas or services.

Legal basis:

  • Article 6(1)(b) GDPR – processing is necessary for the performance of a contract or in order to take steps at your request prior to entering into a contract; and/or
  • Article 6(1)(f) GDPR – our legitimate interest in administering our services and maintaining secure access to them.

4.3 To Send You Administrative, Service, and Security Communications

Purpose: To contact you about your request, schedule calls, confirm meetings, support your account, provide important information related to potential or existing engagements, and send service-related or security notices.

Legal basis:

  • Article 6(1)(b) GDPR - performance of a contract or pre-contractual steps; and/or
  • Article 6(1)(f) GDPR - our legitimate interest in managing our relationship with you.

Where we send service-related or security communications that are necessary for the operation of our services or to meet legal obligations, you may not be able to opt out of those specific messages.

4.4 To Send You Marketing Communications (Where Applicable)

Purpose: To send you information about our services, updates, or events that may be of interest to you.

Legal basis:

  • Article 6(1)(a) GDPR - your consent, where required (e.g. email marketing to certain individuals); and/or
  • Article 6(1)(f) GDPR - our legitimate interest in promoting our services to existing or prospective business clients, in compliance with applicable e-privacy and direct marketing rules.

Where consent is required, we will send you marketing communications only if you have opted in to receive them. You may change your marketing preferences at any time through your account settings where available, by following the unsubscribe instructions in our emails, or by contacting us using the details above.

4.5 To Improve Our Website, Platform, and Services

Purpose: To analyse how the Website and related services are used, review feedback, improve performance and user experience, refine our workflows, develop new service features, and support internal research and product development relevant to our enterprise automation and AI offerings.

Legal basis: Where we use non-essential analytics cookies or similar technologies, including Google Analytics, Article 6(1)(a) GDPR – your consent. For other improvement, administration, security, and service optimisation activities that do not rely on non-essential cookies, Article 6(1)(f) GDPR – our legitimate interest in operating, improving, and securing our Website and services.

4.6 To Provide Customer Support and Client Services

Purpose: To investigate and respond to support requests, troubleshoot issues, manage service delivery, and communicate with you about implementation, onboarding, training, and other client service matters.

Legal basis:

  • Article 6(1)(b) GDPR - performance of a contract or pre-contractual steps; and/or
  • Article 6(1)(f) GDPR - our legitimate interest in supporting our clients and improving service quality.

4.7 To Protect Security and Investigate Misuse

Purpose: To detect, prevent, and investigate suspected fraud, abuse, unauthorised access, attacks on our systems, or violations of our Terms of Use or this Privacy Policy.

Legal basis: Article 6(1)(f) GDPR - our legitimate interest in protecting our business, Website, platform, users, and other affected parties; and, where applicable, Article 6(1)(c) GDPR – compliance with legal obligations.

4.8 To Comply with Legal Obligations

Purpose: To comply with obligations under applicable laws, regulations, and court orders (e.g. record-keeping, responding to lawful requests from authorities).

Legal basis: Article 6(1)(c) GDPR - processing is necessary for compliance with a legal obligation to which we are subject.

5. How We Share Your Personal Data

We do not sell your personal data. We share personal data only where reasonably necessary to operate our Website, provide our services, comply with legal obligations, protect our business, or support a corporate transaction.

5.1 Service Providers and Processors

We may share personal data with carefully selected third-party service providers that help us operate our Website and deliver our business services, such as hosting and infrastructure providers, communication and scheduling tools, video conferencing platforms, analytics providers (such as Google Analytics, if enabled), CRM and business management tools, support tools, security or fraud-prevention providers, and, where applicable, payment or invoicing providers.

These providers may access personal data only to the extent reasonably necessary to perform services on our behalf. They are subject to contractual obligations to protect personal data and not to use it for their own unrelated purposes.

5.2 Professional Advisers

We may share personal data with lawyers, accountants, auditors, insurers, or other professional advisers where reasonably necessary to obtain advice, enforce our rights, manage claims, or operate our business.

5.3 Legal Disclosures and Protection of Rights

We may disclose personal data where required by law, regulation, court order, subpoena, or other lawful request, or where we reasonably believe disclosure is necessary to:

  • comply with applicable law or legal process;
  • detect, investigate, prevent, or respond to suspected fraud, misuse, security incidents, or unlawful activity;
  • enforce our Terms of Use, service agreements, or other legal rights;
  • establish, exercise, or defend legal claims; or
  • protect the rights, property, safety, and security of Murguz, our personnel, our clients, our users, or others.

5.4 Business Transfers and Change of Ownership

If we enter into a merger, acquisition, joint venture, reorganisation, financing, sale of company assets, or another corporate transaction, personal data may be disclosed to relevant counterparties, advisers, or prospective purchasers and may be transferred as part of that transaction, subject to appropriate confidentiality and data protection safeguards.

If another entity acquires all or part of our business, that entity may continue to use the personal data in a manner consistent with this Privacy Policy, unless a different basis or your consent is required by law.

5.5 Phone Numbers and SMS Data

We do not share mobile contact information with third parties or affiliates for their own marketing or promotional purposes. Phone numbers may be shared with service providers or subcontractors only where necessary to support our communications, customer support, scheduling, or service operations. Text messaging originator opt-in data and consent will not be shared with third parties except where required to provide the messaging service you requested or as required by law.

6. International Transfers

Some of our service providers may be located outside the European Economic Area (EEA), for example in countries that may not provide the same level of data protection as the EEA. Where we transfer personal data outside the EEA, we will ensure that an adequate level of protection is provided, for example by relying on an adequacy decision by the European Commission or on Standard Contractual Clauses (SCCs) approved by the European Commission, possibly with supplementary measures where required.

7. Data Retention

We retain your personal data only for as long as necessary for the purposes for which it was collected and processed. The appropriate retention period depends on the type of data involved, the nature of our relationship with you, and any legal, accounting, tax, audit, regulatory, or claims-related obligations that apply. Where a longer retention period is not required, we will not keep personal data for longer than is reasonably necessary.

Retention periods depend on the type of relationship you have with us and the type of data involved, including:

  • For enquiries, call requests, and other pre-contract or business communications where no account is registered: for the duration of our communications and, where reasonably necessary for follow-up, record-keeping, or legal purposes, for up to 7 years after your last meaningful interaction with us.
  • For account and registration data: for as long as your account remains active and, after account closure or deactivation due to prolonged inactivity under our internal policies, for up to 7 years where reasonably necessary for security, audit, dispute resolution, legal compliance, or the establishment, exercise, or defence of legal claims.
  • For clients or contractual relationships: for as long as you remain our client and, after the relationship ends, for as long as required by legal, accounting, reporting, or claims-related obligations (often up to 7 years after the end of the relationship).
  • For website analytics and logs: for a limited period necessary for analysis, security, and performance purposes, in line with our internal policies.

We may retain some data for longer if we are required to do so by law or if it is necessary to establish, exercise, or defend legal claims. Where data is anonymised so that it can no longer be linked to an identifiable individual, we may retain and use that information for legitimate business purposes.

8. Your Rights Under GDPR

As an individual in the EEA (or where GDPR applies), you have the following rights in relation to your personal data, subject to certain conditions and exceptions:

  • Right of access: to obtain confirmation as to whether we are processing your personal data and to receive a copy of it.
  • Right to rectification: to have inaccurate or incomplete personal data corrected.
  • Right to erasure (“right to be forgotten”): to request the deletion of your personal data in certain circumstances.
  • Right to restriction of processing: to request the restriction of our processing of your personal data in certain situations.
  • Right to data portability: to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller, where technically feasible and where the processing is based on consent or contract and carried out by automated means.
  • Right to object: to object at any time to processing based on our legitimate interests, on grounds relating to your particular situation; and to object at any time to processing for direct marketing purposes (including profiling to the extent that it is related to such direct marketing).
  • Rights relating to automated decision-making: not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where permitted by law.

Where you have given consent to specific processing (e.g. for certain marketing activities or non-essential cookies), you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

You may ask us to provide a copy of the personal data we hold about you, correct or update inaccurate data, delete personal data where the legal requirements for erasure are met, restrict certain processing, or provide a portable copy of eligible data in a structured, commonly used, and machine-readable format. You may also object to certain processing, including direct marketing.

Where available, you may update some account information directly through your account settings. Otherwise, to exercise any of your rights, please contact us using the details in Section 2. We may need to verify your identity before fulfilling your request. In some cases, we may be unable to comply fully with a request where an exemption applies or where we must retain certain information to comply with law, maintain appropriate business records, or protect legal rights.

9. Complaints

If you have any concerns about our handling of your personal data, we encourage you to contact us first by email at info@murguz.com so that we can address your concerns.

You also have the right to lodge a complaint with your local data protection authority. In Ireland, the supervisory authority is the Data Protection Commission.

10. Security

We take appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. We also carry out regular monitoring of our systems to help identify possible vulnerabilities, misuse, and attacks.

However, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to protect your personal data, we cannot warrant or guarantee the absolute security of information you send to us, and no security safeguards can eliminate all risk of access, disclosure, alteration, or destruction.

11. Children's Privacy

Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete such information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect changes in our processing activities, services, or applicable laws. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice (such as a notice on the Website).

We encourage you to review this Privacy Policy periodically to stay informed about how we process your personal data.