M
MeridianTerms of Service

Privacy Policy

Last updated: May 2026

Our approach to your privacy

Meridian is built for therapy. Privacy is not a feature we added on top. It is the foundation everything else is built on.

We believe that what happens in a therapy session belongs to the people in that session. Our platform is designed around that principle.

What we do not collect

This is the most important section of this document.

We do not record video or audio. Your sessions are live, encrypted, peer-to-peer video streams. When the session ends, the content is gone. There is no recording, no transcript, no replay. We could not retrieve session content even if asked to, because it never touches our servers in a viewable form.

We do not store chat messages. If you use the in-session chat, those messages exist only in your browser's memory while the session is active. When you close the session, they are gone.

We do not track what happens in your sessions. We do not analyze eye movements, breathing patterns, facial expressions, or any other biometric data. The therapeutic tools run locally on your device.

What we do collect

We collect only what is necessary to make the platform work:

Account information. Your name, email address, and account type (therapist or self-therapy). This is what you provide when you sign up.

Session metadata. When a session takes place, we store basic summary data: when it started, when it ended, how many bilateral stimulation sweeps or breath cycles were completed, and which presets were used. This helps therapists keep track of their work and gives self-therapy users a sense of their practice over time. This metadata contains no content from the session itself.

Patient names. Therapists can add patient names to organize their session links. These are stored in our database. No other patient information is collected. Patients do not need to create accounts.

Preset configurations. If you create custom stimulus or breathwork presets, those settings are saved to your account.

How your data is protected

Encryption in transit. All data between your browser and our servers is encrypted using TLS. Video and audio streams use end-to-end encryption through WebRTC.

Secure infrastructure. Our database is hosted on Supabase with row-level security policies, meaning each user can only access their own data. There is no way for one therapist to see another therapist's patients or sessions.

No third-party analytics on session content. We do not share session data with analytics providers, advertisers, or any other third parties. Because we do not collect session content, there is nothing to share.

Cookies

We use cookies only for authentication (keeping you logged in) and essential platform functionality. We do not use advertising cookies, tracking cookies, or third-party analytics cookies.

Where your data is stored

Our database and infrastructure are hosted in the EU through our service providers (Supabase and Vercel). Video streams are routed through the nearest available server to minimize latency, using LiveKit's infrastructure.

Your rights

You can request a copy of your data or ask us to delete your account and all associated data at any time. Reach out to us through the contact form in your account settings and we will take care of it.

Changes to this policy

If we make changes to this policy, we will update the date at the top of this page. For significant changes, we will notify you by email.

Questions?

If you have questions about your privacy or how your data is handled, you can reach us through the contact form in your account settings.