Privacy Policy.

Merl ("we", "our", or "us") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights. By using the Merl app, you agree to this policy.

Information we collect

When you sign in with Apple, Merl creates a private account so your history and personalization follow you across devices. Here's exactly what we store:

• Account identifiers — the stable, opaque user ID from Sign in with Apple, plus whichever email you chose to share (your real email or Apple's private "Hide My Email" relay address).
• Profile basics — the name you picked for yourself, the name you gave Merl, your age range, vibe, selected interests, and theme.
• Text materials you create or paste — prompts, résumé text, essays, cover letters, study sources, and any text you type into most agents. Stored so Merl can personalize your next cast and show your history on any device you sign into.
• Editor & Echo context — your résumé, target roles, tone preferences, voice style guide, and writing samples. Powers the personalization.
• Agent memory — notes you give each agent plus short auto-summaries Merl builds from your recent casts, so agents "remember" you.
• Cast history — every cast's tool, your prompt text, the generated text output, and timestamps.
• Usage data — which agents you use, when, and how much mana you consume. Used to calculate your balance, debug the product, and measure paid-ad performance.
• Device info — device model, OS version, app version, and crash logs. Used for debugging.
• Purchase data — managed entirely by Apple and RevenueCat. We do not store your payment details.

What we do NOT store on our servers

• Photos and videos you upload — selfies, room photos, product photos, face images, and source videos are sent through the selected image or media route for the single cast you requested, depending on the model you pick, and then discarded. We keep no copy.
• Generated images and videos — outputs from Shine, Designer, Headshots, and Cutter live only on your device. They are never uploaded to our account system.
• Lore message imports — when you import a Mac Messages chat.db file into Lore, the raw file, local message index, cached Wraps, and local Lore answers stay on your device. They do not sync to Supabase, Scrolls, or Merl servers.
• Real name, phone number, or postal address — Merl never asks for these.
• Payment card details — handled by Apple and RevenueCat. We don't see them.

How we use your data

• To authenticate you and keep your account secure.
• To sync your history and personalization across devices you sign into.
• To make Editor, Echo, and other agents feel personal — the more you use them, the better they know you.
• To track your mana balance and subscription status.
• To process your AI requests through our model providers.
• For Lore, to build a local Messages index on your device and send selected message excerpts or aggregate stats to Claude only when you ask for a Wrap or answer.
• To diagnose crashes and fix bugs.
• To measure installs, onboarding, purchases, cast starts, and shares for paid ad attribution and product analytics.
• To send optional push notifications about your results (only if you opt in).

We do not sell your data. We do not use your content to train AI models. We do not send prompts, résumés, Echo samples, photos, generated media, or Lore message data to ad networks. Our AI providers (Anthropic and our routed media providers) operate under API terms that prohibit training on inputs.

Third-party services

Merl uses the following third-party services to operate:

• Supabase — database and authentication (user accounts, mana balances).
• Anthropic — AI text generation (Claude Opus and Sonnet routes) for Editor, Echo, résumé, cover-letter, Lore answer/Wrap, and prompt-refinement flows. Lore sends selected message-derived excerpts or local aggregate stats only when you ask it to answer or generate a Wrap.
• OpenAI / Google / fal.ai-routed media providers — AI image, video, face-swap, and enhancement routing for Shine, Designer, and Cutter, including GPT Image 2, Nano Banana 2, Z-Image, Grok, Veo 3.1, Seedance 2.0, Runway Aleph 2.0, Kling, and Topaz models.
• RevenueCat — subscription and in-app purchase management.
• TikTok and Meta app-event SDKs — paid ad attribution and purchase optimization. These receive limited app events such as install, onboarding completion, paywall views, purchase starts, subscriptions, mana purchases, cast starts, and share actions. We do not send user content or Lore message data to these SDKs.
• Apple — Sign in with Apple, App Store payments, push notifications.

Each provider has its own privacy policy. Content you submit is processed under their terms. We choose providers with strong data protection practices.

Data retention

Text materials, history, profile, and agent memory are retained in your account (Supabase) as long as your account exists. Photos you upload and generated media are never retained by us — photos pass through to the model provider for that single cast, and generated media stays only on your device. Lore imports and local Lore results stay on your device unless you choose to export or share them. Crash logs and usage analytics are retained for up to 90 days.

You can delete your Merl app data at any time from the Profile tab in the app. This removes Merl-owned app data we store for you, including profile, history, usage, mana, and personalization data, and clears local app data from the device. Apple, RevenueCat, and Supabase authentication records may remain where required for security, fraud prevention, legal compliance, or subscription handling.

Children's privacy

Merl is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

Your rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data.
• Object to or restrict certain processing.
• Data portability (export your history from the Profile tab).

To exercise these rights, contact us at the address below or use the in-app "Delete account & data" option.

Security

We use industry-standard encryption (HTTPS/TLS) for all data in transit. Authentication tokens are stored securely in the iOS Keychain. We regularly review our practices to keep your data safe.

Changes to this policy

We may update this policy as the product evolves. We'll notify you of material changes via the app or email. Continued use of Merl after changes constitutes acceptance.