Mercorama is an AI-powered trade intelligence platform for Canadian SMEs. It provides HS Code classification, Incoterms analysis, export market intelligence, FTA optimization, deal documentation, and a marketplace of verified trade experts including CITP/FIBP professionals, customs brokers, and logistics specialists.

How does Mercorama help Canadian exporters?

Mercorama helps Canadian exporters by providing AI-powered tools for every stage of an export deal: classifying products with HS codes, selecting the right Incoterms, identifying the best export markets via the Export Compass, finding FTA advantages under CETA/CPTPP/CUSMA, matching to export financing programs (EDC, BDC), and connecting with verified trade experts for professional guidance.

What trade agreements does Mercorama cover?

Mercorama covers all 15 active Canadian Free Trade Agreements including CETA (EU), CPTPP (Australia, Japan, Vietnam, and others), CUSMA/USMCA (US, Mexico), CKFTA (South Korea), EFTA (Iceland, Norway, Switzerland), and 10 additional bilateral agreements covering 51+ partner countries.

What is the Trade Expert Marketplace?

The Mercorama Trade Expert Marketplace connects Canadian SME exporters with verified professionals including CITP/FIBP certified trade professionals, CSCB licensed customs brokers, CIFFA freight forwarders, FTA advisors, and export finance consultants. Experts are verified through a three-tier system and sessions can be booked directly on the platform.

How much does Mercorama cost?

Mercorama is currently in beta. You can apply for early access at mercorama.com/beta. The platform offers Starter, Growth, and Advisory plan tiers with different tool access levels.

Data Retention Policy

Mercorama is an AI-powered platform. Every query you submit may be processed by one or more language models. This page explains exactly which AI providers we use, what data they receive, how long they hold it, and what Mercorama itself retains.

Last updated: March 2026 · Operated by MightyIQ Inc., Bedford, NS, Canada

Our Core Principle

Your account data — email address, password, and billing details — is never included in AI prompts. Most tools send only product descriptions, HS codes, and trade parameters. The one exception is the Deal Summary Generator, which sends seller and buyer party names to Claude because a trade agreement cannot be drafted without them. Where processing can be handled locally (via Ollama), we prefer that over sending data to an external service.

AI Provider Data Handling

The following covers every language model Mercorama uses or has planned.

Anthropic — Claude (Haiku & Sonnet)

Primary AI engine for trade analysis, deal document generation, HS code classification, Incoterm recommendations, and Export Compass results.

Input retention

Not used for model training by default. Anthropic may retain API inputs and outputs for up to 30 days for trust & safety review. No data is used to train or fine-tune models. Exception: the Deal Summary Generator sends seller and buyer party names to Claude — these are required to draft a valid trade agreement and are the only business identifiers included in any prompt.

Output retention

Responses are returned in real time and are not stored by Anthropic beyond the 30-day safety review window.

Data location

Processed on Anthropic infrastructure (United States). Anthropic is SOC 2 Type II certified.

PII in prompts

Account data (email, password) is never included in prompts. Most tools send only product/trade descriptions. The Deal Summary Generator sends party names (seller, buyer) as these are required to draft the trade agreement.

Anthropic privacy policy →

Ollama — Local SLM (Mistral / Phi-4 Mini)

On-premise small language model for lightweight definitional queries (Incoterm definitions, HS heading lookups, clause templates). Planned — not yet live.

Input retention

Zero. The model runs entirely on the Mercorama Hetzner VPS. No data is transmitted to any external service.

Output retention

Zero. Inference is local; no logs leave the server unless Mercorama's own application logging captures them (see Platform Logs below).

Data location

Mercorama production server — Hetzner VPS (Germany, EU). Data never leaves this server.

PII in prompts

Full. Because processing is local, Mercorama has complete control over what is logged and how long it is kept.

Ollama privacy policy →

What Mercorama Stores

Separate from AI providers, Mercorama's own platform retains the following categories of data.

Account Data

Email address, name, password hash (via Supabase Auth), plan tier, beta cohort.

Retention: Held for the lifetime of your account. Deleted within 30 days of account deletion request.

Legal basis: Contract performance (account access) · Legitimate interest (fraud prevention)

Tool Inputs & Outputs

Text entered into Mercorama tools (HS code descriptions, trade agreement clauses, Incoterm queries) and the AI-generated responses returned to you.

Retention: Session data is not persisted to the database by default. If saved results are introduced in future, the retention period will be stated at the point of save.

Legal basis: Legitimate interest (service improvement, error diagnosis)

Usage Logs

API route hits, tool run counts, feature access timestamps. No prompt content is stored in logs.

Retention: Rolling 90-day window. Logs older than 90 days are purged automatically.

Legal basis: Legitimate interest (rate limiting, abuse prevention, billing verification)

Billing & Payment Data

Stripe customer ID, subscription status, plan history. Card details are held exclusively by Stripe — Mercorama never stores raw card numbers.

Retention: Retained for 7 years to comply with Canadian financial record-keeping obligations.

Legal basis: Legal obligation (CRA record-keeping) · Contract performance

Export Compass Reports

Market intelligence results generated for your product–country combination.

Retention: Not currently persisted. If report saving is introduced, results will be held for 12 months or until you delete them — whichever comes first.

Legal basis: Contract performance

Other Third-Party Services

Supabase

Authentication & database (Postgres)

Hosted on AWS ca-central-1 (Canada). SOC 2 Type II.

Stripe

Payment processing

PCI DSS Level 1. Card data never touches Mercorama servers.

Resend

Transactional email delivery

Used to send Export Compass and FTA Diversify PDF reports to the email address you provide. Only your email address and the report content are transmitted. Resend does not use this data for marketing.

Hetzner

VPS hosting (application server)

Located in Germany (EU). GDPR-compliant data centre.

UN Comtrade / Statistics Canada / USITC / CBSA

Public trade datasets

Read-only API access. No user data is sent to these sources.

Your Rights

As a Canadian resident you have rights under PIPEDA. As an EU/UK resident you have rights under GDPR/UK GDPR. These include the right to access, correct, and delete personal data we hold about you.

Access

Request a copy of all personal data we hold about you.

Deletion

Request deletion of your account and associated data. We action deletion requests within 30 days.

Correction

Ask us to correct inaccurate data. Account details can be updated directly in your profile.

To exercise any of these rights, email [email protected]. We will respond within 30 days.

Policy Updates

We will update this page whenever we add a new AI provider, change a retention period, or modify how we handle data. Material changes will be communicated by email to registered users at least 14 days before taking effect. The “Last updated” date at the top of this page always reflects the most recent revision.