← Meshia

Privacy Policy

Last updated: April 11, 2026

The short version

We collect the minimum data needed to run Meshia. We don't sell your data. We don't train AI models on your code, your conversations, or your experiment results. We don't read your sessions unless you ask us to debug one.

What we collect

Account data: your email address (for sign-in and billing receipts), the date you signed up, and which plan you're on.

Session data: the names of sessions you create, the GPU type and storage size you picked, when each session started and ended, and how much it cost. We need this for billing and for showing you your own dashboard.

Message data: the messages between you and the in-pod agent, stored in our database so the conversation persists between page reloads. This is yours. We don't read it and we don't use it to train anything. We may temporarily access a specific session when you explicitly ask us for help debugging it.

Payment data: handled by Stripe. We never see your full card number. We only get back a customer ID and the last four digits of your card.

Usage telemetry: page views, button clicks, and funnel events through PostHog (when enabled). All emails and identifiers are hashed before they leave our backend. No raw email addresses in PostHog. You can opt out from the footer of any page.

Server logs: standard things like the IP that hit our API, the route, the response code, and the timestamp. Retained for 30 days for debugging and abuse prevention, then deleted.

Who we share data with

We use a small number of vendors to run the service. Each one only sees the data they need:

  • GPU infrastructure providers: GPU compute. See your pod configuration and the code you run inside the pod.
  • Anthropic: the Claude model that powers the in-pod agent. Sees the messages you send to the agent. Anthropic does not train on Meshia API traffic.
  • Supabase: our database. Sees account data, session metadata, and message history.
  • Vercel: hosts the web frontend. Sees request headers and the response body.
  • Stripe: payment processing. Sees your email and payment method.
  • Resend: sends auth code and notification emails. Sees your email address.
  • PostHog: product analytics (when enabled). Sees hashed identifiers and event names. No raw email addresses.

We do not sell, rent, or share your personal data for advertising.

Cookies

We use one essential cookie (your session token) so the site knows you're signed in. We use one analytics cookie via PostHog when you opt in. We don't use any advertising or tracking cookies.

Your rights

You can ask us to:

  • show you all the personal data we have about you
  • correct anything that's wrong
  • delete your account and all associated data (sessions, messages, billing history)
  • export your data in a machine-readable format
  • opt out of analytics and marketing emails

For any of these, email privacy@meshia.io from the address on your account. We respond within 7 days.

If you're in the EU, UK, or California, you have additional rights under GDPR, UK GDPR, and CCPA. We honor all of them.

Children

Meshia is not for children under 13. If you're between 13 and 18, you need a parent or guardian's permission to use the service.

Changes to this policy

If we make material changes, we'll email you and update the date at the top of this page at least 30 days before the changes take effect.

Contact

Privacy questions, data requests, or a complaint go to privacy@meshia.io.