Trust Center
Meritbook holds something sensitive: the record of your work. This page exists so you can verify exactly how we treat it, in plain language — no legal boilerplate.
What we collect
The minimum needed to run the service: your account email and the entries you choose to write. We use Plausible Analytics for aggregate pageview counts only (no cookies, no personal data, no fingerprinting). We do not run ad trackers or place third-party cookies anywhere on this site.
Who can read your entries
Your entries are isolated to your account. No other user can reach them. Your employer has no access — there is no employer integration, no admin view, no way in.
We operate under a strict no-read policy: we do not read your entries and we never log their contents. We are honest about the current technical limit: entries are encrypted at rest but are not yet zero-access encrypted, which means we are technically capable of reading them even though our policy is not to. Closing that gap with end-to-end encryption is on our roadmap.
The AI
When you generate a review, a scoped slice of your entries is sent to a large-language model under a no-training API agreement. The model only ever sees that slice at the moment of generation, and your words are never used to train or improve any model.
Subprocessors
We use a small, fixed set of vendors to deliver the service:
- Supabase — database and authentication. Your entries and account data are stored here, encrypted at rest, in a single region.
- Anthropic — the AI model provider, generation only, on a no-training API agreement.
- Resend — transactional email only (account confirmations, service notices). No marketing without your consent.
- Paddle — Merchant of Record for payments and subscriptions. Paddle handles checkout, billing, and tax compliance. We never see or store your card details.
Your control
You can export all your entries in Markdown and JSON at any time. You can delete your account permanently at any time — one click, no "contact support" step, no waiting period. When you delete, your entries are gone.
Backups and breach plan
We keep tested, encrypted backups and a documented incident response plan. If your data is ever affected by a breach, we will notify you promptly — before any regulatory deadline requires us to.
Changes to this page
If we add a new subprocessor or change how we handle data in a material way, we will update this page and notify users by email before the change takes effect.
Questions? support@meritbook.net