Effective June 17, 2026
Privacy Policy
For a plain-language explanation of how we treat your data, see the Trust Center. This page is the formal policy.
1. Who we are
Meritbook is operated as a sole proprietorship. You can reach us at support@meritbook.net. We are the data controller for personal information collected through meritbook.app.
2. What we collect and why
We collect only what is necessary to operate the service:
- Account email address — to create your account, authenticate you, and send you transactional messages.
- Work log entries — the notes you choose to write. These are stored on your behalf and used only to generate output you explicitly request.
- Access logs — timestamps and hashed IP addresses, used for rate limiting and security. Raw IP addresses are not stored.
We use Plausible Analytics for aggregate pageview counting — no cookies, no personal data, no fingerprinting. We do not run ad trackers or place third-party cookies on this site.
3. Legal basis for processing (GDPR)
If you are in the European Economic Area, our legal bases are:
- Contract performance (Art. 6(1)(b)) — processing your email and entries to provide the service you signed up for.
- Legitimate interests (Art. 6(1)(f)) — access logs for security and rate limiting, where those interests are not overridden by your rights.
- Legal obligation (Art. 6(1)(c)) — retaining certain records if required by applicable law.
4. How we use your data
Your data is used for exactly three purposes:
- To operate, maintain, and improve the service.
- To generate a review, brag document, or other output when you explicitly request it.
- To send you transactional emails about your account.
We do not sell your data. We do not use it for advertising. We do not share it with your employer or any third party except the subprocessors listed below.
5. The AI
When you generate output, a scoped slice of your entries is sent to a large-language model provider under a no-training API agreement. The model sees only the entries you select for that generation — your full log is never transmitted. Your words are never used to train or improve any model.
6. Who can access your entries
Your entries are isolated to your account by design. No other user, no other company, and no employer has an access path — Meritbook has no employer integration, no admin console for companies, and no API that exposes your log to anyone else.
We operate under a strict internal no-read policy and do not log the contents of your entries. We are honest about the current technical limit: entries are encrypted at rest but are not yet zero-access encrypted, meaning we are technically capable of reading them even though our policy is not to. Closing this gap with end-to-end encryption is on our roadmap.
7. Subprocessors
We use a small, fixed set of third-party vendors. Each is bound by a data processing agreement:
- Supabase (United States) — database and authentication. Your account data and entries are stored here, encrypted at rest.
- Resend (United States) — transactional email delivery. Used only for account confirmations and service notices.
- Anthropic (United States) — the AI model provider that powers generation, used under a no-training API agreement.
- Plausible Analytics (European Union) — privacy-safe aggregate pageview analytics. No cookies, no personal data, no cross-site tracking.
- Paddle (United States / United Kingdom) — Merchant of Record for payments and subscriptions. Paddle handles checkout, billing, and tax compliance. We do not see or store your card details.
8. International data transfers
Meritbook and its subprocessors are based in the United States. If you are located in the European Economic Area, United Kingdom, or Switzerland, your data is transferred to the US under Standard Contractual Clauses or equivalent transfer mechanisms where required.
9. Data retention
We retain your data until you delete it. You can export everything in Markdown and JSON, or permanently delete your account, at any time — one click, no waiting period, no "contact support" step. When you delete your account, your entries are deleted. Access logs are retained for up to 90 days for security purposes, then deleted.
10. Cookies
We do not use tracking or analytics cookies. A session cookie is used to keep you signed in while you use the app. No third-party cookies are set on this site.
11. Children's privacy
Meritbook is intended for adults in the workplace. We do not knowingly collect personal information from anyone under 16. If you believe a minor has created an account, please contact us and we will delete it promptly.
12. Your rights
You have the right to:
- Access — request a copy of the data we hold about you.
- Portability — export your entries in Markdown and JSON at any time from within the app.
- Correction — ask us to correct inaccurate data.
- Erasure — delete your account and all associated data.
- Restriction — ask us to stop processing your data while a dispute is resolved.
- Objection — object to processing based on legitimate interests.
- Withdraw consent — where processing is based on consent, withdraw it at any time.
If you are in California, you additionally have rights under the CCPA to know what personal information is collected, to opt out of sale (we do not sell data), and to non-discrimination for exercising your rights.
To exercise any right, email support@meritbook.net. We will respond within 30 days. If you are in the EEA and believe we have not addressed your concern, you have the right to lodge a complaint with your local supervisory authority.
13. Security
We use industry-standard security practices: encryption at rest and in transit, per-user data isolation, tested backups, and an incident response plan. If your data is ever affected by a breach, we will notify you promptly and before any regulatory deadline requires us to.
14. Changes to this policy
We will notify you by email at least 14 days before making any material changes to this policy. The effective date at the top of this page reflects the current version. Non-material changes (grammar, clarifications) may be made without notice.