Privacy Policy

1. Introduction

Red Point Ascent Group, LLC ("Company," "we," "us") operates the Meridian Edge platform (meridianedge.ai and app.meridianedge.ai). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Service.

By using the Service, you consent to the data practices described in this Privacy Policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address
• Username
• Password (stored as a salted hash; we never store plaintext passwords)
• Authentication tokens from third-party providers (e.g., Clerk, Discord OAuth)

2.2 Billing Information

Payment processing is handled entirely by Stripe. We do not store your credit card number, bank account details, or other payment instruments. Stripe may share with us your billing email, subscription status, and payment history. Stripe's handling of your data is governed by Stripe's Privacy Policy.

2.3 Marketplace API Keys

When you connect marketplace accounts (Polymarket, Kalshi), you provide API keys that grant the Service permission to execute trades on your behalf. These keys are:

• Encrypted at rest using AES encryption before storage
• Used solely for executing trades within your configured bot parameters
• Never shared with third parties
• Deletable at any time through the dashboard or upon account deletion

2.4 Trading and Bot Data

We collect and store data related to your use of the platform, including:

• Bot configurations, skill selections, and risk parameters
• Trade logs, position history, and performance metrics (paper and live)
• AI reasoning outputs and probability assessments generated by your bots
• Company structures, team configurations, and goal settings

2.5 Usage Data

We automatically collect:

• IP address and approximate geolocation
• Browser type, operating system, and device information
• Pages visited, features used, and interaction patterns
• Timestamps of access and session duration

2.6 Discord Data

If you connect Discord, we may access your Discord user ID, username, and guild/server membership for the purpose of delivering trade notifications and bot alerts to your selected channels. We do not read your Discord messages or access channels beyond those you explicitly configure.

3. How We Use Your Information

We use collected information to:

• Provide, operate, and maintain the Service
• Execute trades on your behalf through connected marketplace accounts
• Process billing and manage your subscription
• Send transactional communications (trade confirmations, alerts, billing receipts)
• Deliver notifications through connected channels (Discord, email)
• Monitor system performance, detect errors, and troubleshoot issues
• Improve our AI models and trading algorithms using aggregated, anonymized data
• Enforce our Terms of Service and prevent fraud or abuse
• Comply with legal obligations

4. How We Share Your Information

We do not sell your personal information. We may share information with:

• Stripe: For payment processing and subscription management
• Discord: To deliver trade notifications to your configured channels (user-directed)
• Marketplace platforms: Trade execution occurs via your own API keys on Polymarket/Kalshi — this is user-directed activity, not data sharing by us
• Infrastructure providers: Hosting and cloud services that process data on our behalf, subject to data processing agreements
• Legal compliance: When required by law, subpoena, court order, or to protect our rights, safety, or property
• Business transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users

5. Data Retention

• Account data: Retained while your account is active and for up to 30 days after deletion to allow recovery
• Trading data: Trade logs and performance history are retained for 3 years for audit and compliance purposes
• API keys: Immediately and permanently deleted upon your request or account deletion
• Billing records: Retained for 7 years as required by tax and financial reporting obligations
• Usage/analytics data: Retained in aggregated, anonymized form indefinitely for service improvement

6. Data Security

We implement commercially reasonable security measures to protect your information, including:

• AES encryption of sensitive credentials (marketplace API keys, wallet keys)
• Salted bcrypt hashing for passwords
• HTTPS encryption for all data in transit
• Docker Swarm Secrets for infrastructure credential management
• Role-based access controls and audit logging for administrative actions

No method of transmission or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Cookies and Tracking

We use essential cookies to maintain your authentication session and preferences. We may use analytics tools to understand usage patterns and improve the Service. You can disable cookies through your browser settings, though some features may not function properly.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate personal data
• Deletion: Request deletion of your personal data, subject to legal retention requirements
• Portability: Request your data in a structured, machine-readable format
• Opt-out: Opt out of marketing communications at any time
• Withdraw consent: Withdraw consent for data processing where consent is the legal basis

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know what personal information we collect and how it is used
• Request deletion of your personal information
• Opt out of the sale or sharing of your personal information — we do not sell personal information
• Non-discrimination for exercising your privacy rights

To submit a request, email [email protected] with the subject line "CCPA Request."

10. International Users

The Service is operated from the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Service, you consent to such transfers.

11. Children's Privacy

The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the Service at least 30 days before taking effect. The "Effective date" at the top of this page indicates when the policy was last revised.

13. Contact Us

For questions or concerns about this Privacy Policy or our data practices, contact:

Red Point Ascent Group, LLC
Email: [email protected]