← Home

Privacy Policy

Last updated: 22 May 2026

What we collect

When you create a MergeCase account, we collect the email address you sign up with and the business name you provide. As you use the product, we store the data you enter — clients, bookings, services, staff and payment records — so we can render the app for you.

What we don't do

  • We do not sell your data, ever.
  • We do not share your data with advertisers or data brokers.
  • We do not use your data, or your clients' data, to train AI models.
  • We do not read individual booking content for any commercial purpose.

Payment data

We never store full credit card numbers on our servers. All card information is handled directly by Stripe, our PCI-compliant payment processor. We only see and store the last four digits, brand, and expiry date for display purposes.

Email & communications

We send transactional emails (booking confirmations, password resets, receipts) to the addresses you and your clients provide. Customer email goes through our service provider Resend. We don't send marketing emails to your clients on your behalf.

Hosting & infrastructure

MergeCase runs on Vercel (application hosting) and Supabase (database). Data is stored in encrypted form at rest and in transit.

Your rights

You can request a full export of your account's data, or permanent deletion of your account, at any time by emailing mergecase.service@gmail.com. We respond within 7 days.

Cookies

We use a small number of essential cookies for authentication and language preference. We do not use third-party tracking cookies.

Changes to this policy

If we make material changes to how we handle data, we'll notify you via email and in-product notice at least 14 days in advance.

Contact

Questions or concerns about your privacy? mergecase.service@gmail.com.