Privacy Policy

• Account info: email, display name, the OAuth providers you sign in with (Google, etc.), and your Telegram handle if you connect one.
• Content you give us: photos you upload, captions you draft, posts you connect (Reddit, etc.), edits you make to agent output, and reactions in Telegram.
• Usage signals: which agents you use, how often, what triggers your edits, and the outcomes of posts you ship. This is what lets Meadow learn your voice and calibrate forecasts.
• Billing info: handled by Stripe. We never see or store your card. We store only the customer/subscription IDs Stripe gives us.
• Standard web logs: IP, device, browser, page views — used for security and product analytics.

• To run the agents and deliver the product features you signed up for.
• To train your personal models — your voice profile, your calibration history, your preferences. These stay isolated to your account via row-level security.
• To improve shared causal models that benefit all users. We use anonymized, aggregated patterns only — never your raw content, identity, or per-user data.
• To bill you, communicate with you (transactional + occasional product emails — never spam), and respond to support requests.

Meadow's architecture separates two things:

• Per-user data: your photos, posts, edits, voice profile, agent memories. Stored under row-level security in your workspace; no other user can access it; we don't share it with third parties beyond the model providers needed to run the service (see §5).
• Shared causal patterns: aggregated, anonymized learnings about which kinds of actions tend to produce which kinds of outcomes. These improve forecasting for everyone. We do not include any data that identifies you or your content.

• We don't sell your personal data. Ever.
• We don't share your raw content with advertisers.
• We don't broker your social-media credentials. When Meadow posts on your behalf, it uses an authenticated browser session you set up — your password never touches our servers.
• We don't track you across other sites.

To deliver Meadow, we send certain data to processors who run parts of the system. Each is bound by their own privacy commitments:

• Model providers: Anthropic (Claude), OpenAI (GPT), BytePlus (Seedance video), Google (Gemini, when used). Prompt + response data is sent to these providers to generate agent output.
• Infrastructure: Supabase (database + auth), Vercel (hosting), Stripe (billing), Telegram (bot transport).
• Analytics: Vercel Analytics for aggregated traffic patterns. No cross-site tracking.

You can, at any time:

• Export your data — captured memory + causal graph as JSON, from Settings.
• Delete your account — from Settings, or by emailing contact@trymeadow.xyz. Deletion removes your raw content within 30 days. Anonymized aggregated patterns already incorporated into shared models cannot be selectively reversed (this is true for any ML system).
• Request a copy of the data we hold about you, or correct inaccuracies — email us.
• Opt out of marketing emails via the unsubscribe link in every email. Transactional emails (billing, security) continue.

California residents have additional rights under CCPA (right to know, delete, correct, opt-out of sale — though we don't sell data, this is moot). EU/UK residents have rights under GDPR (access, rectification, erasure, portability, objection). Email us to exercise any of these.

We retain your data while your account is active. After deletion, raw content is removed from our active systems within 30 days and from backups within 90 days. Aggregated, anonymized patterns may persist in shared models indefinitely.

Data is encrypted in transit (TLS) and at rest (Supabase managed encryption). Per-user content is isolated by row-level security. We restrict employee/contractor access to production data to what's necessary for operations and support. We're a small team — if we have a security incident affecting your data, we'll tell you within 72 hours.

Meadow is not intended for users under 16. We don't knowingly collect data from children. If you believe a child has signed up, email us and we'll delete the account.

We'll update this page when material changes happen and notify active users by email at least 14 days before changes take effect for material updates.

Privacy questions, data requests, or concerns? Email contact@trymeadow.xyz.