Privacy Policy

Meshbase ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our headless CMS platform.

Please read this Privacy Policy carefully. By using Meshbase, you agree to the collection and use of information in accordance with this policy.

2.1 Information You Provide

We collect information that you voluntarily provide to us, including:

• Account Information: Name, email address, password
• Profile Information: Optional profile details you choose to provide
• Payment Information: Billing details processed securely through Stripe
• Content: Data, files, and content you create and store using our Service
• Communications: Messages you send to our support team

2.2 Automatically Collected Information

When you use our Service, we automatically collect certain information:

• Usage Data: API requests, features used, actions performed
• Device Information: Browser type, operating system, IP address
• Cookies: Session cookies for authentication and preferences
• Log Data: Access times, pages viewed, errors encountered

We use the collected information for various purposes:

• To provide, maintain, and improve our Service
• To process your transactions and manage your subscription
• To send you technical notices, updates, and security alerts
• To respond to your comments, questions, and support requests
• To monitor and analyze usage patterns and trends
• To detect, prevent, and address technical issues and security threats
• To send you marketing communications (with your consent)
• To comply with legal obligations

4.1 Data Storage

Your data is stored securely using industry-standard practices. We use MongoDB for database storage and AWS services for file storage and email delivery.

4.2 Security Measures

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit using SSL/TLS
• Secure password hashing using industry-standard algorithms
• Regular security audits and updates
• Access controls and authentication mechanisms
• Monitoring for unauthorized access

4.3 Data Breach

In the event of a data breach, we will notify affected users within 72 hours and take immediate steps to mitigate the impact.

We use the following third-party services that may collect information:

• Stripe: Payment processing (subject to Stripe's privacy policy)
• AWS SES: Email delivery
• Google OAuth: Optional authentication method

These third parties have their own privacy policies. We encourage you to review their policies before using their services through our platform.

We use cookies and similar tracking technologies to track activity on our Service and hold certain information. Cookies are files with small amounts of data that are stored on your device.

We use cookies for:

• Authentication and session management
• Remembering your preferences
• Analyzing usage patterns

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

If you are a resident of the European Economic Area (EEA), you have certain data protection rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Request transfer of your data
• Right to Object: Object to processing of your data
• Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

For business customers who process personal data using our Service, please refer to our Data Processing Agreement which outlines our commitments as a data processor.

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

When you delete your account, we will delete your personal data within 30 days. However, we may retain certain information for legitimate business purposes or to comply with legal obligations.

Your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data to the United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Our Service is not intended for use by children under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us.

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

• With Your Consent: When you explicitly authorize us to share information
• Service Providers: With third-party vendors who perform services on our behalf
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Team Members: With other users you invite to collaborate on your projects

12.1 Email Communications

You can opt out of receiving promotional emails by clicking the "unsubscribe" link in any email. Note that you cannot opt out of service-related emails (e.g., account verification, password reset).

12.2 Account Information

You can update your account information at any time by logging into your account settings.

12.3 Data Deletion

You can request deletion of your account and data by contacting us at [email protected].

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

We will notify you via email and/or a prominent notice on our Service prior to the change becoming effective. You are advised to review this Privacy Policy periodically for any changes.

If you have any questions about this Privacy Policy, please contact us:

Email: [email protected]
Website: meshbase.com

For GDPR-related inquiries, please contact our Data Protection Officer at: [email protected]