Privacy Policy

1. Data Collection

We collect information necessary to provide our services, including:

• Account Information: Name, email, and company details provided during sign-up.
• Knowledge Base Content: Documents, RFIs, and SLAs you upload to your Source of Truth.
• Payment Information: When you subscribe to a plan, payment data is collected directly by our payment processor.

2. Data Residency & Sovereignty

All Knowledge Base data is stored in the europe-west2 (London) region. We ensure that your data remains within these boundaries to comply with UK/EU regulations and ensure low-latency sync between Firestore and Pinecone.

3. Third-Party Processors

We use trusted third-party services to ensure the security and functionality of Merge Point:

• Stripe: To process subscription payments. Your credit card information is encrypted and handled entirely by Stripe; Merge Point never stores your full card details on our servers.
• Google Cloud/Firebase: To host our application infrastructure and database layers in the London region.

4. How We Use Your Data

Your data is used exclusively to:

• Generate bid drafts and analyze tender documents.
• Maintain your private Knowledge Base.
• Manage your subscription and billing.

Merge Point does not sell your data or use your proprietary documents to train foundation models for other customers.

5. Security

We employ enterprise-grade security measures, including AES-256 encryption at rest and TLS encryption in transit. Access to your environment is strictly controlled via secure authentication protocols.

6. Your Rights

You retain full ownership of your data. You may export or request the permanent deletion of your Knowledge Base at any time. Our cleanupKnowledgeBase protocols ensure that deletions are synced across Firebase, Firestore, and Pinecone immediately.

7. Contact Us

If you have questions regarding this policy, please contact our Data Protection Officer at privacy@mergepoint-software.com.