Mercalot Inc. 10-K Cybersecurity GRC - 2025-08-12

Page last updated on August 12, 2025

Mercalot Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2025-08-12 15:46:41 EDT.

Filings

10-K filed on 2025-08-12

Mercalot Inc. filed a 10-K at 2025-08-12 15:46:41 EDT
Accession Number: 0001683168-25-005966

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

Item 1C. Cybersecurity. Mercalot Inc. has implemented basic but targeted cybersecurity risk management measures appropriate for its early-stage operations and limited digital footprint. As a digital marketplace operating in a primarily cloud-based environment, the Company’s exposure to cybersecurity threats is continuously monitored by executive management. The Company currently relies on third-party hosting and software providers for its core platform operations, email communications, and data storage. These vendors maintain their own cybersecurity programs, which include network protection, access controls, and incident response procedures. While Mercalot Inc. does not yet employ a dedicated IT security team, its directors are actively involved in overseeing operational and technological risk, including cybersecurity. Executive management, consisting of the Chief Executive Officer and the Board , is responsible for identifying, evaluating, and responding to potential cyber risks. The Company periodically reviews its internal systems and third-party vendor protocols to assess vulnerabilities and ensure secure handling of sensitive business information. To date, Mercalot Inc. has not experienced any material cybersecurity incidents, and no specific threat has materially affected or is reasonably likely to materially affect the Company’s business strategy, operations, or financial condition. However, the Company recognizes that its reliance on cloud infrastructure and digital communication tools poses an ongoing cybersecurity risk and will continue to assess and strengthen controls as operations scale. Management plans to formalize its cybersecurity policies and implement internal training protocols as the business grows. In 2024, we did no t identify any cybersecurity threats that have materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition. However, despite our efforts, we cannot eliminate all risks from cybersecurity threats, or provide assurances that we have not experienced undetected cybersecurity incidents.


Company Information

NameMercalot Inc.
CIK0002029014
SIC DescriptionServices-Miscellaneous Business Services
Ticker
Website
CategoryNon-accelerated filer
Smaller reporting company
Emerging growth company
Fiscal Year EndJune 29