Legal

Privacy Policy

MergeOn LLC

Effective Date: January 9, 2026Last Updated: January 9, 2026

1. Introduction

MergeOn LLC ("MergeOn," "we," "us," or "our") operates an enterprise software platform providing secure document processing, compliance workflows, and AI-assisted intelligence services (the "Platform").

This Privacy Policy describes how we collect, use, disclose, protect, and retain personal data when you access or use our websites, applications, APIs, and related services (collectively, the "Services").

This Privacy Policy applies to customers, authorized users, administrators, and visitors. Individuals applying for employment with MergeOn are subject to a separate Applicant Privacy Notice.

2. Information We Collect

2.1 Information You Provide

We may collect information you provide directly, including:

  • Name, email address, phone number
  • Account credentials and authentication data
  • Company name, role, and organizational details
  • Billing and payment metadata (processed by third-party providers)
  • Communications with customer support or sales

2.2 Customer Data

When using the Platform, customers may upload or generate data, including:

  • Documents and files
  • Extracted fields, metadata, and structured outputs
  • AI-generated outputs derived from customer-submitted content
  • Workflow activity and audit records

Customer Data is processed solely on behalf of customers. MergeOn does not claim ownership of Customer Data.

2.3 Automatically Collected Information

We automatically collect certain technical and usage information, including:

  • IP address, device identifiers, and browser type
  • Log files, usage metrics, and system activity
  • Security, performance, and error telemetry

3. How We Use Information

We process information for legitimate business purposes, including to:

  • Operate, maintain, and secure the Platform
  • Authenticate users and enforce access controls
  • Process documents and workflows as instructed by customers
  • Provide customer support and service communications
  • Comply with legal, regulatory, and contractual obligations
  • Improve Platform functionality, reliability, and performance

4. Legal Bases for Processing

Where applicable, we process personal data on the following legal bases:

  • Performance of a contract
  • Legitimate business interests
  • Compliance with legal obligations
  • Consent, where required by law
  • Protection of legal rights and interests

5. Artificial Intelligence and Automated Processing

MergeOn uses automated systems, including artificial intelligence models, to process data strictly as configured and instructed by customers.

  • Customer Data is not used to train public or generalized AI models.
  • AI outputs are generated within controlled, auditable workflows.
  • MergeOn does not engage in automated decision-making with legal or similarly significant effects without customer authorization and appropriate oversight.

6. Data Sharing and Disclosure

MergeOn does not sell personal data.

We may share data with:

  • Service providers performing functions such as hosting, security, billing, analytics, and support
  • Authorized sub-processors operating under contractual confidentiality and data protection obligations
  • Legal authorities when required by law or valid legal process
  • Parties involved in mergers, acquisitions, or corporate transactions, subject to confidentiality safeguards

7. International Data Transfers

Where data is transferred across borders, MergeOn implements appropriate safeguards, including contractual protections and technical security measures, in accordance with applicable law.

8. Data Retention

  • Customer Data is retained in accordance with customer instructions, configurations, or contractual terms.
  • Operational logs and audit records are retained as necessary for security, compliance, and business purposes.
  • Data is deleted or anonymized upon termination of services, subject to legal obligations.

9. Security Measures

MergeOn implements administrative, technical, and organizational safeguards designed to protect personal data against unauthorized access, disclosure, alteration, or destruction. While no system can guarantee absolute security, we design and operate the Platform in accordance with industry-recognized security practices.

10. Your Privacy Rights

Depending on your jurisdiction, you may have rights to:

  • Access personal data
  • Correct inaccurate data
  • Request deletion or restriction of processing
  • Object to processing
  • Request data portability

Requests may be submitted to privacy@mergeon.io and will be handled in accordance with applicable law.

11. California Privacy Rights

California residents may have rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including rights to access and delete personal data. MergeOn does not sell personal data.

12. Children's Privacy

The Services are not intended for individuals under the age of 18. MergeOn does not knowingly collect personal data from children.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Platform or other appropriate means.

14. Contact Information

MergeOn LLCPrivacy Officer15051 N Kierland BlvdScottsdale, AZ 85254United Statesprivacy@mergeon.io