Privacy Policy

Who we are

MeritCubby is operated by Veradin Co (“we,” “us”). Reach us at rachel@veradin.co.

What this product does

MeritCubby helps you collect evidence of your work impact (meeting transcripts, summaries, notes) so you can show what you shipped during performance reviews. The product is in private beta. This policy describes how we handle your data during that beta.

What we collect

• Account info — your name, email, and Google account ID via Google sign-in. We use theopenid email profilescopes only. We do not request access to your Gmail in V1.
• Meeting evidence you connect — when you connect Granola, Fireflies, or Fathom, we store the meeting metadata (title, date, attendees) and the transcript or summary content you make available through their API.
• Content you upload — anything you intentionally add (drag-and-drop, single-item upload).
• Usage telemetry — page views, feature taps, error logs, sufficient to debug the product and improve it.
• Billing info — when paid plans exist, payment is processed by Stripe. We do not store card numbers; Stripe does. We keep an internal customer ID and subscription state.

What we do with it

• Run MeritCubby for you (the obvious one).
• Apply our extraction and summarization pipeline to turn your evidence into review-ready output.
• Communicate with you (account messages, product updates).
• Debug, secure, and improve the product. Aggregated usage stats are fine; we do not sell your evidence content.

Who we share it with

We use a small set of vetted infrastructure providers as sub-processors:

• Supabase — database + authentication (us-west-1).
• Vercel — application hosting + edge delivery.
• Cloudflare — DNS for meritcubby.com.
• Google — sign-in (account info only) and, when you opt in, your Google Workspace meeting tools.
• Stripe — payments (active when paid plans launch).
• Granola, Fireflies, Fathom — meeting-tool providers you connect yourself.
• LLM providers(e.g., Anthropic), used to transform evidence into output. We use providers whose current terms prohibit training on customer data. If those terms change, we’ll notify you.

We do not sell your data and we do not share it with third parties for advertising.

How long we keep it

We keep your evidence for as long as your account is active. You can delete individual items, or your entire account, at any time. Account deletion removes your evidence within 30 days from our primary store and from backups within 90 days.

Your rights

Depending on where you live (GDPR, CCPA, others), you have rights to access, correct, export, and delete your personal information. Signed-in users can export every row we hold or permanently delete their account from Settings → Privacy + data. Or email rachel@veradin.co and we’ll respond within 30 days.

California privacy notice (CCPA)

If you’re a California resident, the California Consumer Privacy Act gives you specific rights about your personal information:

• Right to know — what we collect, why, who we share it with. The sections above cover this in plain language; ask if anything is unclear.
• Right to delete — delete your account from Settings → Privacy + data. Cascades through every row we hold about you.
• Right to portability — download all your data as a single JSON file from the same settings page.
• Right to correct — edit your profile + evidence in-app, or email us.
• Right to non-discrimination — we will not degrade service for exercising any of these rights.

Do Not Sell My Personal Information: we don’t sell or share your evidence content for advertising, training, or third-party commercial purposes. There is no “sale” for us to stop. If that ever changes, we will notify you and provide an explicit opt-out before the change takes effect.

To exercise any of these rights or to ask a question, email rachel@veradin.co. We respond within the CCPA-required 45 days.

Security

Data in transit is encrypted with TLS. Data at rest is encrypted by Supabase and Vercel. Access to production systems is limited to staff who need it. We are not yet SOC 2 certified — beta users should weigh that against the value the product provides.

Children

MeritCubby is not for anyone under 16. Don’t use it if you are.

Changes

We will update this policy as the product matures. Material changes will be announced by email at least 30 days before they take effect. The “Last updated” date at the top reflects the current revision.

Contact

Questions? rachel@veradin.co.