Privacy Policy

Last updated: March 6, 2026

1. Introduction

Mesh ("we," "us," or "our") provides an AI-powered paraplanning platform for financial advisors. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our website and services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, organization name, and role. Authentication is handled through our identity provider (Supabase).

Meeting Recordings & Transcripts

When you use our meeting assistant or upload recordings, we process audio and video data to generate transcripts. These recordings and transcripts are stored securely and associated with your organization.

CRM & Contact Data

If you connect a CRM integration (e.g., Wealthbox, Redtail), we import contact records and sync meeting notes and action items back to your CRM. We only access the data you authorize.

Calendar Data

If you connect Google Calendar, we access your calendar events to schedule and prepare for meetings. We do not modify or delete your calendar events. For full details on how we handle Google user data, see our Google API Services Privacy Policy.

Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, browser type, IP address, and device information.

3. How We Use Your Information

  • Meeting Processing: Transcribing recordings, generating AI-powered summaries, extracting action items, and identifying compliance findings.
  • AI Analysis: Using large language models to summarize meetings, prepare meeting briefs, draft follow-up emails, and enrich client profiles.
  • CRM Synchronization: Syncing meeting notes, action items, and contact data with your connected CRM.
  • Compliance Support: Flagging potential compliance issues from meeting transcripts to assist your review process.
  • Service Improvement: Analyzing usage patterns to improve the Service, fix bugs, and develop new features.
  • Communication: Sending service-related notifications, updates, and support responses.

4. Data Storage & Security

Your data is stored in secure, encrypted PostgreSQL databases hosted by our infrastructure providers. We implement industry-standard security measures including:

  • Encryption in transit (TLS) and at rest
  • Row-level security ensuring strict tenant isolation between organizations
  • JWT-based authentication for all API requests
  • Regular security audits and access reviews
  • Audit logging of data access and modifications

We retain your data for as long as your account is active or as needed to provide the Service. You may request deletion of your data at any time (see "Your Rights" below).

5. Data Sharing & Third Parties

We do not sell your personal information. We share data with third parties only in the following circumstances:

  • Meeting Recording Services: We use Recall.ai to join and record meetings on your behalf. Meeting audio is processed through their infrastructure.
  • AI/LLM Providers: Meeting transcripts and related data are sent to large language model providers (e.g., Anthropic, OpenAI) for processing. Data is sent only as needed and is not used by these providers to train their models.
  • CRM Integrations: When you connect a CRM, we exchange data with that provider as authorized by you.
  • Infrastructure Providers: We use cloud hosting and database services to operate the platform. These providers process data on our behalf under strict contractual obligations.
  • Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Data Export: Request your data in a portable, machine-readable format.
  • Opt-Out: Opt out of non-essential communications at any time.
  • Restrict Processing: Request that we limit how we process your data in certain circumstances.

To exercise any of these rights, please contact us at privacy@meshfp.com. We will respond within 30 days.

7. Cookies & Tracking

We use essential cookies to maintain your session and authentication state. We may use analytics tools to understand how the Service is used. You can control cookie preferences through your browser settings.

8. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us: