Merit ("we", "our", "us") provides software that helps businesses automate review collection and reputation management. This policy explains how we handle personal information.
1. Information We Collect
- Account information: name, email, business details.
- Business Profile data: name, address, phone, website, hours (when you connect Google Business Profile).
- Customer data: contact details (name, email, phone) for sending review requests.
- Payment and billing data (processed securely via Stripe or Xero).
- Technical data: logs, usage metrics, device/browser info.
2. How We Use Information
- To provide and operate our services (sending review requests, managing responses).
- To communicate with you (support, updates).
- To improve our product (analytics, troubleshooting).
- To comply with legal obligations.
3. Sharing Information
We use trusted processors to deliver our service:
- Supabase (database & auth)
- Vercel (hosting)
- Twilio (SMS)
- Resend/Postmark (email)
- Stripe & Xero (billing/integration)
We do not sell personal data.
4. Security
- Data encrypted in transit (HTTPS) and at rest.
- OAuth tokens stored securely with least-privilege access.
- Regular monitoring for misuse.
5. Data Retention & Deletion
Account data is kept while your account is active. You may request deletion by contacting support@mymerit.app.
6. Your Rights
- Access, correct, or delete your data.
- Withdraw consent by disconnecting integrations or closing your account.