Mentio

Privacy Policy

Privacy Policy

Last updated: 13.04.2026

This Privacy Policy explains how RENDERCH Ltd., trading as Mentio (“Mentio”, “we”, “us”, or “our”), collects, uses, stores, shares, and otherwise processes personal data when you visit mentio.pro (the “Site”), contact us, place an order, subscribe to our services, or otherwise interact with us.

1. Who we are

Mentio is operated by:

RENDERCH Ltd.

Pirotska 11, Burgas, Bulgaria

UIC / EIK: 207510157

VAT No.: BG207510157

Email: support@mentio.pro

For the purposes of applicable data protection law, Mentio generally acts as an independent controller in relation to the personal data described in this Privacy Policy.

If and to the extent that we process personal data strictly on behalf of a client and under that client’s documented instructions, we may act as a processor for that limited processing activity, in which case a separate data processing agreement may be entered into where required by applicable law.

2. Scope of this Privacy Policy

This Privacy Policy applies to personal data we collect through:

  • the Site;
  • contact forms;
  • enquiry forms;
  • order and checkout flows;
  • email communications;
  • support requests;
  • subscriptions;
  • invoicing and billing;
  • introductory or discovery calls;
  • cookies and similar technologies, where used; and
  • any other direct interaction between you and Mentio.

This Privacy Policy does not apply to third-party websites, third-party platforms, or third-party services that have their own privacy notices or policies.

3. Personal data we collect

Depending on how you interact with us, we may collect the following categories of personal data.

3.1 Contact and identity data

  • full name;
  • work email address;
  • phone number;
  • job title;
  • company name;
  • company address;
  • billing address;
  • VAT number, tax number, company registration number, or similar business identifiers;
  • correspondence details.

3.2 Order and account data

  • details of services requested or purchased;
  • package selection;
  • subscription details;
  • order history;
  • cancellation requests;
  • refund requests;
  • support interactions.

3.3 Business and project information

  • website or domain;
  • service categories or practice areas;
  • professional identifiers of key personnel (for example, names of partners, experts, or other professionals) provided for the purpose of service delivery;
  • target market information;
  • comments, notes, instructions, or business information you provide in connection with your order;
  • information provided during onboarding or strategy discussions.

3.4 Payment and transaction data

We do not ordinarily collect or store full payment card details ourselves.

Payments are processed by Stripe, which may collect payment details directly from you.

We may receive limited transaction-related information from Stripe, such as:

  • payment status;
  • billing name;
  • billing address;
  • transaction identifiers;
  • subscription status;
  • invoice and tax-related information; and
  • limited payment metadata made available to us by Stripe.

3.5 Technical and usage data

Depending on the technologies used on the Site, we may collect:

  • IP address;
  • browser type and version;
  • device type;
  • operating system;
  • referral URL;
  • pages viewed;
  • time spent on pages;
  • approximate geolocation derived from IP;
  • date and time stamps;
  • cookie identifiers or similar identifiers; and
  • information about how you interact with the Site.

3.6 Communications data

  • emails you send us;
  • messages submitted through forms;
  • support requests;
  • scheduling information;
  • call notes;
  • records of your preferences or requests.

3.7 Special category data

We do not intentionally request or require special category data or highly sensitive personal data for ordinary use of our services.

Please do not send such data unless it is strictly necessary and we have expressly asked for it.

4. How we collect personal data

We may collect personal data:

  • directly from you when you fill in a form, contact us, place an order, subscribe, or communicate with us;
  • from your employer or business where they provide your details in connection with an order or service;
  • from Stripe in connection with transactions;
  • automatically through cookies, logs, and similar technologies, where used;
  • from publicly available sources, where relevant to onboarding, business verification, fraud prevention, or service delivery; and
  • from service providers and tools we use to operate the Site and our business.

5. How we use personal data

We may use personal data for the following purposes:

  • to operate, maintain, and improve the Site;
  • to respond to enquiries and provide support;
  • to assess, accept, manage, and deliver orders;
  • to administer subscriptions and recurring billing;
  • to send order confirmations, invoices, payment notices, and service communications;
  • to manage onboarding and delivery;
  • to prevent fraud, abuse, and misuse of the Site or services;
  • to maintain business, tax, and accounting records;
  • to comply with legal, tax, regulatory, and contractual obligations;
  • to send service updates or legally required notices;
  • to analyse Site usage and performance, where applicable;
  • to improve our services, content, and user experience;
  • to protect our legal rights and interests;
  • to establish, exercise, or defend legal claims; and
  • to send direct marketing communications where permitted by law or where you have consented, if applicable.

6. Legal bases for processing

Depending on the context, we rely on one or more of the following legal bases.

6.1 Contract

We process personal data where it is necessary to:

  • take steps at your request before entering into a contract;
  • perform a contract with you or your business; and
  • administer orders, subscriptions, support, billing, and service delivery.

6.2 Legal obligation

We process personal data where necessary to comply with legal obligations, including obligations relating to:

  • tax;
  • invoicing;
  • accounting;
  • fraud prevention;
  • legal compliance; and
  • regulatory requests.

6.3 Legitimate interests

We may process personal data where necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. These interests may include:

  • operating and improving the Site and services;
  • handling enquiries and business communications;
  • managing customers and service delivery;
  • fraud prevention and security;
  • internal administration;
  • quality assurance; and
  • protecting our legal and commercial interests.

6.4 Consent

Where required, we rely on consent, for example:

  • for non-essential cookies or similar technologies; and
  • for certain marketing communications, where consent is required by law.

Where we rely on consent, you may withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

7. Direct marketing

We may send marketing communications to business contacts where permitted by applicable law, or where you have given consent.

You can opt out of marketing communications at any time by:

  • using the unsubscribe link in the communication, where available; or
  • contacting us at support@mentio.pro.

Even if you opt out of marketing, we may still send non-marketing communications that are necessary for service delivery, billing, legal compliance, or account administration.

8. Cookies and similar technologies

We use cookies and similar technologies as described in our Cookie Policy.

Where required by law, we will ask for your consent before using non-essential cookies or similar technologies.

9. Disclosure of personal data

We may share personal data with the following categories of recipients, where necessary:

  • Stripe;
  • hosting providers;
  • email service providers;
  • analytics providers, if used;
  • Calendly;
  • professional advisers, including lawyers, accountants, auditors, and insurers;
  • regulators, courts, law enforcement, tax authorities, or other authorities where required by law;
  • contractors or service providers supporting our operations; and
  • potential buyers, investors, successors, or advisers in connection with a corporate transaction, subject to appropriate safeguards.

We do not sell personal data.

10. International transfers

We may transfer or allow access to personal data outside the country in which it was originally collected, including outside the EEA or the United Kingdom, where necessary for our operations or where our service providers are located in other jurisdictions.

Where a transfer of personal data is subject to restrictions under applicable data protection law, we will implement appropriate safeguards where legally required, which may include:

  • an adequacy decision;
  • the European Commission’s Standard Contractual Clauses;
  • the UK International Data Transfer Addendum; or
  • another lawful transfer mechanism.

11. Data retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including for legal, tax, regulatory, accounting, dispute-resolution, fraud-prevention, and record-keeping purposes. Where applicable law prescribes a longer retention period, we retain the relevant data for that period. Otherwise, we retain personal data only for as long as is necessary and proportionate for the relevant purpose.

Retention periods may vary depending on the type of data and the purpose of processing. For example:

  • contact and enquiry data: 24 months after the last meaningful contact;
  • customer and order records: 10 years;
  • invoices and tax records: 10 years;
  • support communications: 24 months after closure of the relevant request, unless longer retention is necessary for an active order, dispute, fraud prevention, or legal claim;
  • subscription records: for the duration of the subscription and 10 years thereafter to the extent necessary for billing, tax, accounting, dispute resolution, and legal compliance;
  • cookie consent records: 6 months, or for such other period as is necessary to demonstrate compliance and manage the next consent refresh cycle;
  • analytics data: 14 months, or in accordance with the retention settings of the analytics service used on the Site.

Where we do not set a fixed retention period, we retain data based on criteria such as:

  • the nature of the relationship;
  • the purpose of the processing;
  • legal obligations;
  • limitation periods; and
  • the need to resolve disputes or enforce agreements.

12. Data security

We use reasonable technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or unauthorised access.

However, no method of transmission over the internet or method of electronic storage is completely secure. We therefore cannot guarantee absolute security.

13. Your rights

Depending on your location and the applicable law, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate personal data;
  • request deletion of personal data;
  • request restriction of processing;
  • object to certain processing;
  • request data portability;
  • withdraw consent where processing is based on consent; and
  • lodge a complaint with a competent supervisory authority.

If you wish to exercise any of these rights, contact us at support@mentio.pro.

We may need to verify your identity before responding to your request.

14. Complaints

If you have concerns about how we handle your personal data, we encourage you to contact us first at support@mentio.pro.

You may also lodge a complaint with the competent supervisory authority in the country where you live, work, or where the alleged infringement took place.

In Bulgaria, the competent supervisory authority is the Commission for Personal Data Protection (CPDP):

Address: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592, Bulgaria

Email: kzld@cpdp.bg

Website: cpdp.bg

15. Third-party services and links

The Site may contain links to third-party websites, services, or platforms. We are not responsible for the privacy practices of those third parties.

If you visit a third-party website or service, their privacy notice or policy will apply.

16. Children

The Site and services are not directed to children, and we do not knowingly collect personal data from children.

If you believe that a child has provided personal data to us, please contact us and we will take appropriate steps.

17. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

When we do, we will update the “Last updated” date above. Where required by law, we will take additional steps to notify you of material changes.

18. Contact

If you have any questions about this Privacy Policy or our data practices, contact:

RENDERCH Ltd.

Pirotska 11, Burgas, Bulgaria

Email: support@mentio.pro