Legal

Privacy Policy

Effective date: April 18, 2026  ·  Jurisdiction: Ontario, Canada

1. Who We Are

Merba (“Merba”, “we”, “our”, or “us”) is a guardian intelligence platform for independent service providers, operated from Ontario, Canada. We are small, we are careful with your data, and we want you to know exactly what happens with it. Our platform is accessible at merba.app and is managed by Visually Affirmed (www.visuallyaffirmed.ca).

This Privacy Policy governs how we collect, use, disclose, and protect personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable Ontario privacy law.

2. Information We Collect

2.1 Account & Business Information

  • Name, email address, and password (hashed and never stored in plain text)
  • Business name, address, phone number, and timezone
  • Profile images uploaded voluntarily

2.2 Client Data (Stored on Your Behalf)

When you use Merba to manage your business, you may enter personal information about your own clients (names, contact details, appointment history). You are the data controller for this information. We act as a data processor on your behalf and will not use your clients' data for any purpose other than providing the service to you.

2.3 Usage & Technical Data

  • IP addresses and browser/device information (collected by our hosting infrastructure)
  • Actions taken within the platform (for support and debugging purposes)
  • Session tokens stored in secure, HTTP-only cookies

2.4 Payment Information

We do not store credit card numbers or payment instrument details. All payment processing is handled by Stripe, Inc., a PCI-DSS compliant payment processor. We receive only non-sensitive billing metadata (subscription status, last-four digits, expiry).

2.5 Chain Booking Data (Merba Discovery)

When you use Merba Discovery to book services across multiple businesses (“chain bookings”), we collect and process:

  • Your name, email address, and phone number (provided during checkout)
  • A one-way hash (SHA-256) of your phone number, stored in our trust record system for fraud prevention
  • A fingerprint of your payment card (last four digits and expiry), used solely to detect duplicate or fraudulent bookings
  • A one-time verification code (OTP) sent to your phone via SMS — the code is stored temporarily in our database and deleted after verification or expiry

Your name and phone number are shared with each business in your chain booking so they can confirm your appointment and contact you if needed. By completing a chain booking, you consent to this limited sharing.

Inter-Business Privacy

When multiple businesses participate in a chain booking, each business can only see its own appointment details, deposit amount, and the customer's contact information. Businesses cannot see:

  • The names or identities of other businesses in the chain
  • Appointment times, services, or pricing at other businesses
  • Payment amounts received by other businesses
  • The customer's full itinerary or order of stops

Businesses are informed only that the customer is part of a multi-stop booking and which stop number they represent (e.g., “stop 2 of 4”). This protects competitive information between service providers while enabling the coordination necessary for a seamless customer experience.

2.6 Subscription and Usage Data

We store your subscription plan tier (Free, Sole Proprietor, or Team) and billing status. For businesses on the Free tier, we track aggregate discovery view counts (how many customers viewed your business listing on the Merba map each week). These counts are anonymized — we do not store which individual customers viewed your business. View counts are reset weekly and are used solely to provide you with business insights.

2.7 Ad Generation Data

When you use Merba’s ad generation features, we collect and process the information needed to research, produce, deliver, and support your ad job.

  • Website content: If you provide a website URL, Merba may collect publicly available text, headings, images, metadata, and brand elements from that site to inform your brief and visual direction.
  • Submitted prompts and business context: Your messages, creative direction, business description, services, pricing, and related business context may be processed to create briefs, strategy, and rendered outputs.
  • Derived job records: Creative briefs, intermediate strategy outputs, and render metadata may be stored with the ad job for delivery, troubleshooting, fraud prevention, and support.
  • Generated videos: Rendered video files are stored in Backblaze B2 and linked to your account until you delete them or they are removed under our normal storage lifecycle.
  • AI processing: Ad-generation inputs may be processed by Anthropic PBC to support research, writing, and creative planning. See Anthropic’s Privacy Policy.

You are solely responsible for the accuracy and legality of content you provide and for reviewing generated advertising before publication. For more detail on feature-specific data handling, see our Intelligence Policy.

2.8 Business Intelligence Taxonomy

As you use Merba’s intelligence features (ad creation, market analysis), Merba builds and maintains a structured record of facts about your business. This is called the Business Intelligence Taxonomy. It exists entirely to make Merba smarter for you over time — so future ad sessions start sharper, and the Advisor has relevant context without you needing to re-explain your business every session.

What the taxonomy contains:

  • Your service and pricing profile — which services you offer, your price points, and how they compare to local market rates (derived from your own service list and market intelligence scans)
  • Market positioning — where your business sits in your category, which client segments appear underserved in your area, and which competitors are active nearby (derived from public data, never from competitor platforms)
  • Creative history — which ad angles, messaging directions, and visual approaches have been used in previous ad sessions, so Merba does not repeat the same territory
  • Strategic observations — patterns and opportunities Merba has identified during intelligence sessions, such as pricing gaps or differentiation signals. These are observations, not decisions — all strategic choices remain yours

What the taxonomy does not contain:

  • Client names, contact details, or any personally identifiable information about your clients
  • Individual appointment records
  • Payment, card, or banking information
  • Chart notes, health records, or clinical data of any kind

How it is used — and only how it is used:

Your business intelligence data operates in a closed loop. It flows in through your activity on Merba, and it flows back out to you as insight. Merba does not benefit from this data in any way beyond providing you with those features as a subscriber. It is not sold, not shared, not processed for any purpose outside the specific feature set that generated it.

  • Knowledge & Intelligence panel — your Signals, Rivals, Stats, and Creative History tabs in the workspace are powered by this data. When you refresh your intelligence, Merba draws on what it has learned about your business to generate market signals, competitive context, and seasonal insights specific to you — not generic content from a shared library.
  • Weekly intelligence digest — if you are on a paid plan, Merba may send a Sunday morning email summarising new signals and intelligence updates from the past week. This is drawn from your business intelligence data and is sent only to you.
  • Ad creation sessions — Merba builds on what it has already learned about your business rather than starting from scratch each time. Previous creative directions are tracked so Merba does not repeat the same territory without reason.
  • Guardian Intelligence Advisor — your business context, services, pricing, and market position are available to the Advisor at session start so you do not need to re-explain your situation every time.

That is an exhaustive list. If a use case is not named above, it is not happening.

You control it. You can request deletion of your business intelligence data at any time by emailing privacy@merba.app. It is deleted within 30 days of account closure (financial records required by the Income Tax Act are excepted).

2.9 Guardian Intelligence Advisor Data

When you use the Guardian Intelligence Advisor feature, we collect and process the data needed to run the live session, answer your questions, and record feature consumption.

  • Audio and speech (opt-in): Microphone access is your choice. Your browser will prompt you for permission before any audio is captured — you can deny or revoke it at any time. If you grant permission, your voice is transmitted in real time to Runway ML Inc. for speech recognition during the session. If you do not grant permission, the session continues without audio.
  • Session context: Merba may provide business context such as your business name, services, pricing, plan tier, and the page or panel you have open so the advisor can respond coherently.
  • Operational context: If needed to answer a question or complete a user-approved action, Merba-side systems may fetch additional account or business data during the session. We aim to limit third-party sharing to the minimum reasonably necessary for the session.
  • Excluded sensitive categories: Chart notes, health records, and payment card details are not used as advisor inputs. Client identifiers and appointment data are not included in Runway session setup by default.
  • Credit consumption: Session start time and duration are logged for credit deduction and dispute handling purposes.

By starting a Guardian Intelligence Advisor session, you consent to the real-time processing described above. Microphone access is separately gated by your browser’s permission prompt — audio is only transmitted if you explicitly grant it. For Runway’s handling of session data, see runwayml.com/privacy.

3. Health Information

If a business uses Merba’s charting system to store clinical notes, treatment records, or health-related information about their clients (“Chart Notes”), the following applies:

3.1 Storage and Encryption

Chart Notes are stored with database-level encryption at rest and are transmitted using TLS encryption in transit. This means Chart Notes are encrypted both when stored in our database and when transmitted between your device and our servers.

3.2 Access Controls

Chart Notes are only accessible to authorized staff members at the business that created them. Access is enforced through role-based access controls within the Merba platform. No other business on Merba can access another business’s Chart Notes.

3.3 AI Exclusion

No AI system — including Merba’s ad generation service, market intelligence features, or any third-party AI provider — has access to Chart Notes or clinical data. Chart Notes are never processed by, transmitted to, or used as input for any artificial intelligence or machine learning system.

3.4 Data Export

Chart Notes are included in data export requests. If you request a copy of your business data under Section 7 (Your Rights), Chart Notes will be included in the export.

3.5 Retention and Deletion

Chart Notes follow the same 30-day post-deletion grace period as other business data (see Section 6). Upon account deletion, Chart Notes are permanently deleted after the 30-day grace period. Financial records associated with clinical appointments (invoices, transaction records) are retained for 7 years as required by the Income Tax Act (Canada).

4. How We Use Your Information

  • To create and manage your account and business profile
  • To provide, operate, and improve the Merba platform
  • To send transactional emails (booking confirmations, reminders, account notices) via our email provider
  • To process subscription payments and manage billing
  • To generate video advertisements using intelligence systems when you use the ad creation service
  • To provide real-time voice and video advisor sessions via Guardian Intelligence Advisor
  • To respond to support requests and diagnose technical issues
  • To comply with legal obligations

We do not sell your personal information. We do not use your data for advertising or share it with third parties for their own marketing purposes.

5. Third-Party Service Providers

We engage the following sub-processors to deliver our service. Each is bound by contractual data protection obligations:

ProviderPurposeLocation
Hetzner Online GmbHApplication server hosting (VPS)Germany (EU)
Neon Inc.PostgreSQL database storageUSA (AWS us-east-1)
Backblaze Inc.Generated video file storage (Backblaze B2)USA
Resend Inc.Transactional email deliveryUSA
Stripe Inc.Payment processing and billingUSA (global)
Stripe ConnectDeposit transfers to service providers (chain bookings)USA (global)
Twilio Inc.SMS notification deliveryUSA (global)
Anthropic PBCIntelligence systems for ad generation and market research (Claude)USA
Runway ML Inc.Real-time avatar video and speech processing for Guardian Intelligence Advisor sessionsUSA

By using Merba, you acknowledge that your data may be processed in the United States. We rely on contractual safeguards (including standard contractual clauses where applicable) to ensure adequate protection.

6. Data Retention

  • Active account data is retained for as long as your account remains open.
  • Upon account deletion, personal data is removed within 30 days, except where we are required by law to retain it longer (e.g., financial records for 7 years under the Income Tax Act).
  • Anonymised and aggregated usage statistics may be retained indefinitely.

6.1 Account Deletion

You can delete your account at any time from Settings in your dashboard. When you delete your account:

  • Your business is immediately removed from the Merba map
  • All online bookings are stopped
  • Your data is permanently deleted after 30 days
  • Financial records (transaction history, payment records) are retained for 7 years as required by the Income Tax Act (Canada)
  • If you change your mind within 30 days, contact support@merba.app to restore your account

6.2 Client Data When a Salon Owner Deletes Their Account

When a salon owner deletes their account, client booking history associated with that business is also deleted after 30 days. Financial transaction records are anonymized and retained for 7 years as required by the Income Tax Act (Canada).

7. Your Rights (PIPEDA)

Under PIPEDA, you have the right to:

  • Access — request a copy of the personal information we hold about you
  • Correction — request that inaccurate information be corrected
  • Deletion — request deletion of your account and personal data
  • Withdrawal of consent — withdraw consent for non-essential data processing (note: withdrawal may prevent us from providing the service)
  • Complaint — file a complaint with the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca

To exercise any of these rights, email privacy@merba.app.

8. Security

We implement industry-standard security measures including:

  • TLS encryption in transit for all data
  • Passwords hashed using bcrypt with a cost factor of 12
  • Database access restricted to authenticated application services only
  • Session tokens stored in secure, HTTP-only, same-site cookies

No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we take commercially reasonable steps to protect your information.

9. SMS and Email Communications

When a client books an appointment through a Merba-powered booking page, they may receive transactional SMS and email messages related to that appointment (confirmations, reminders, cancellation notices, and rating requests). These messages are sent on behalf of the service provider whose booking page was used.

Opt-out: Clients may opt out of SMS or email notifications at any time by contacting the service provider directly or by following the unsubscribe link included in email communications. Once opted out, notification preferences are recorded in the system and respected for all future communications from that provider.

SMS messages are delivered via Twilio Inc. (USA). Standard carrier message and data rates may apply. Message frequency varies based on appointment activity.

10. Cookies & Tracking

We use a small number of first-party cookies. No advertising cookies or third-party tracking cookies are used on Merba.

CookieCategoryPurposeDuration
next-auth.session-tokenStrictly necessaryKeeps you signed in to your Merba account. Required for the platform to function.Session / 30 days
merba_consentStrictly necessaryStores your cookie consent preference so you are not asked again.365 days
merba_refAnalyticsRecords the page or source you came from (e.g. a search engine or campaign link) so we understand how people find Merba. Only set if you accept cookies. Never shared with third parties.30 days

Your Cookie Choices

When you first visit Merba, a cookie banner gives you the option to accept or decline analytics cookies. Strictly necessary cookies are always active — they are required for authentication and to remember your preferences. If you decline analytics cookies, the merba_ref cookie will not be set.

You can also manage cookies through your browser settings. Note that disabling all cookies will break sign-in functionality.

11. Children’s Privacy

Merba is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users by email at least 14 days before material changes take effect. Continued use of the platform after that date constitutes acceptance of the updated policy.

13. Contact

For privacy-related inquiries:

Merba / Visually Affirmed

Ontario, Canada

Email: privacy@merba.app

Web: merba.app