Privacy Policy
Mesh Mesh Inc.
Version 2.1 — Effective March 26, 2026
This Privacy Policy describes how Mesh Mesh Inc. ("MeshMesh," "we," "us," or "our") collects, uses, discloses, and processes personal data in connection with our platform, software, and related services (the "Services"). By using the Services, you agree to the practices described in this Privacy Policy.
This Privacy Policy should be read together with our Terms of Service. Capitalized terms not defined in this Privacy Policy have the meanings assigned to them in the Terms of Service.
1. Information We Collect
1.1 Information You Provide Directly
When you create an account, purchase a subscription, submit a support request, or otherwise use the Services, you may provide personal data such as:
- Name, email address, and organization name
- Billing and payment information (processed via our third-party payment processor; we do not store full payment card details)
- Account preferences and settings
- Communications with us, including support requests and correspondence
1.2 Customer Data
Customer Data (as defined in our Terms of Service) includes Inputs submitted to the Services and Outputs generated by the Services. Customer Data is processed solely as necessary to provide the Services and as otherwise described in our Terms of Service.
1.3 Product Analytics Data
We collect aggregated and de-identified Product Analytics Data (as defined in our Terms of Service) relating to the use and performance of the Services, including workflow execution patterns, performance metrics, and usage data. Product Analytics Data contains no Customer Data, customer-specific content, business information, or personally identifiable information.
1.4 Feedback
We collect Feedback (as defined in our Terms of Service) that you provide regarding the Services, including suggestions, ratings, task completion assessments, time-savings estimates, and other information submitted through the Services interface, support channels, or otherwise.
1.5 Device and Technical Information
We automatically collect certain technical information when you access the Services, including:
- Device type, operating system, and browser type
- IP address and approximate geographic location
- Log data, including access times, pages viewed, and referring URLs
- Identifiers associated with your device or browser
1.6 Connected System Metadata
When you connect third-party applications or platforms to the Services, we may collect metadata about those Connected Systems (such as system type, edition, and feature set) as necessary to provide the Services. We do not collect or store the underlying data within Connected Systems except as necessary to perform the Services at your direction, as described in our Terms of Service.
1.7 Cookies and Tracking Technologies
We use cookies and similar tracking technologies as described in Section 5 below.
2. How We Use Information
We use the information we collect for the following purposes:
2.1 Providing the Services. We process personal data and Customer Data as necessary to provide, operate, maintain, and support the Services you have requested.
2.2 Improving the Services. We use Product Analytics Data and Feedback to improve the Services, train and improve our AI Systems, develop new features, and optimize performance. We do not use Customer Data to train our AI Systems or context model.
2.3 Aggregate Insights. We may compile, publish, and share aggregate, de-identified insights derived from Product Analytics Data and Feedback, provided that such insights do not identify you or any individual.
2.4 Communications. We may use your contact information to send you service-related communications, including updates, security alerts, and administrative messages. We may also send you marketing communications, subject to your preferences and applicable law.
2.5 Support. We use information you provide in support requests to resolve technical issues and improve our support processes. Where you authorize us to access Customer Data or session information in connection with a support request (including through the Services' support interface), we use that information solely to resolve the applicable request.
2.6 Safety and Security. We use information to detect, prevent, and investigate fraud, abuse, security incidents, and violations of our Terms of Service, and to protect the rights, safety, and property of MeshMesh, our users, and third parties.
2.7 Legal Compliance. We process information as necessary to comply with applicable laws, regulations, legal processes, or enforceable governmental requests.
3. How We Share Information
3.1 Service Providers and Subprocessors. We share personal data with third-party service providers and subprocessors that perform services on our behalf, consistent with our instructions and applicable law. These include infrastructure providers, analytics providers, authentication providers, payment processors, and AI model providers. A current list of our subprocessors is maintained at meshmesh.io/subprocessors.
3.2 AI Model Providers. In order to provide the Services, Inputs and related data may be transmitted to third-party AI model providers for processing and response generation. We maintain contractual agreements with these providers that include zero training and zero retention policies. These providers do not use Customer Data to train their models.
3.3 Business Transfers. In the event of a merger, acquisition, reorganization, bankruptcy, or other corporate transaction, personal data may be disclosed to counterparties and advisors as part of due diligence or transferred as part of the transaction.
3.4 Legal Compliance and Protection. We may disclose personal data to government authorities or third parties if we believe doing so is necessary to: (a) comply with applicable laws, regulations, or legal processes; (b) respond to lawful requests or investigations; (c) protect the safety, rights, or property of any person; (d) prevent fraud, security incidents, or other unlawful activity; or (e) enforce our Terms of Service.
3.5 With Your Consent. We may share personal data when you give us permission to do so, including through features of the Services designed to share information.
4. Data Retention
4.1 Customer Data. We retain Customer Data during the active subscription term. Following termination, we make Customer Data available for export for thirty (30) days upon request. After the export window, we delete Customer Data in our possession unless legally required to retain it.
4.2 Product Analytics Data. We retain Product Analytics Data in aggregated and de-identified form indefinitely. By definition, Product Analytics Data contains no Customer Data or personally identifiable information.
4.3 Account Information. We retain account information as long as your account is active and for a reasonable period after account closure for legal, compliance, and legitimate business purposes.
4.4 LLM Provider Retention. Our AI model provider subprocessors maintain zero retention policies. Customer Data transmitted to these providers for processing is not retained after the response is generated.
4.5 Support Data. We retain information related to support requests for the duration reasonably necessary to resolve, document, and improve our support processes.
5. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to operate the Services, understand usage patterns, and support our marketing efforts. We categorize these technologies as follows:
5.1 Essential Cookies. These cookies are required for the Services to function properly, including session management, authentication, and security. These cookies cannot be disabled.
5.2 Analytics Cookies. These cookies help us understand how the Services are used, including user interactions such as clicks, scrolls, page views, and navigation patterns, to improve the user experience and Service performance. We use analytics tools that capture user interactions with the Services to understand how our Services are used and to improve the user experience. We take measures to mask or exclude sensitive input fields.
5.3 Marketing and Advertising Cookies. These cookies may be used to deliver relevant advertisements and measure the effectiveness of marketing campaigns across platforms. They may be used for remarketing purposes to present relevant content to users who have previously interacted with the Services.
5.4 Functional Cookies. These cookies remember your preferences and settings to provide a more personalized experience.
5.5 Your Choices. Under applicable law (including the GDPR), we obtain your consent before placing non-essential cookies (analytics, marketing, and functional). You can manage your cookie preferences through our cookie settings, accessible on the Services. Under the CCPA, you may opt out of the sale or sharing of personal information collected through cookies. Disabling certain cookies may affect the functionality of the Services.
6. Data Security
We implement and maintain reasonable administrative, physical, and technical safeguards designed to protect personal data from unauthorized access, use, alteration, and destruction, including:
- Encryption of data in transit using TLS 1.2 or greater
- Encryption of data at rest using AES-256
- Isolated execution sandboxes for agent task processing
- Access controls and least-privilege principles for personnel and systems
- Regular security assessments and vulnerability testing
- SOC 2 compliance
While we take reasonable measures to protect your data, no method of transmission or storage is completely secure. We cannot guarantee the absolute security of your information.
7. Your Rights
Depending on your location and applicable law, you may have the following rights regarding your personal data:
7.1 Access. You may request access to the personal data we hold about you.
7.2 Correction. You may request that we correct inaccurate or incomplete personal data.
7.3 Deletion. You may request that we delete your personal data, subject to certain exceptions.
7.4 Portability. You may request a copy of your personal data in a structured, commonly used, and machine-readable format.
7.5 Opt-Out. You may opt out of non-essential cookies and analytics through our cookie settings. You may opt out of marketing communications by using the unsubscribe link in any marketing email or by contacting us.
7.6 Withdrawal of Consent. Where we rely on your consent to process personal data, you may withdraw your consent at any time without affecting the lawfulness of processing that occurred before the withdrawal.
7.7 Exercising Your Rights. To exercise any of these rights, please contact us at privacy@meshmesh.io. We will respond to requests in accordance with applicable law, typically within thirty (30) days.
7.8 Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights.
8. International Data Transfers
MeshMesh is based in the United States, and the information we collect is processed and stored in the United States. If you are located outside the United States, your personal data will be transferred to, processed, and stored in the United States.
Where required by applicable law (including the GDPR), we rely on appropriate transfer mechanisms, such as the European Commission's Standard Contractual Clauses, to ensure that transfers of personal data to countries outside the European Economic Area, the United Kingdom, or Switzerland receive an adequate level of protection.
Our Data Processing Agreement, available at meshmesh.io/dpa, includes applicable Standard Contractual Clauses and governs the processing of personal data under applicable data protection laws.
9. Children's Privacy
The Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children under 18. If we learn that we have collected personal data from a child under 18, we will take steps to delete that information. If you believe a child has provided us with personal data, please contact us at privacy@meshmesh.io.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time by posting a revised version on the MeshMesh website. Each revised version will include a version number and effective date. Your continued use of the Services after the effective date of any revision constitutes your acceptance of the revised Privacy Policy. If you do not agree to any revision, your sole remedy is to discontinue use of the Services.
11. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
Mesh Mesh Inc. privacy@meshmesh.io