How Meridian Dispatch collects, uses, discloses, retains, and otherwise processes information in connection with the Meridian Dispatch iOS application and any related services.
This Privacy Policy ("Policy") describes how Meridian Dispatch ("Meridian Dispatch," "we," "us," or "our") collects, uses, discloses, retains, and otherwise processes information in connection with the Meridian Dispatch iOS application and any related services (collectively, the "Service").
By downloading, installing, accessing, or using the Service, you acknowledge that you have read, understood, and agree to this Policy and to our Terms of Service. If you do not agree, do not use the Service. Your continued use of the Service following any update to this Policy constitutes your acceptance of the updated Policy.
Your photos and your iCloud-synced trips never reach our servers. Photo metadata is read on your device only. See Sections 2(e) and 2(f).
This Policy applies only to information processed by Meridian Dispatch. It does not apply to information processed by Apple, your email provider, or any other third party, including third parties whose links or services may be accessed through the Service.
For questions, contact: dispatch@meridiandispatch.com.
You represent and warrant that:
If you do not meet these requirements, you are not authorized to use the Service.
We may collect, generate, receive, or otherwise process the following categories of information ("Information"). The categories below are illustrative and not exhaustive; the Service may evolve, and this Policy will be updated to reflect material changes.
When you sign in via Sign in with Apple, Apple provides us with an opaque user identifier (the "sub" claim of the identity token), and may provide an authorization code we exchange with Apple for a refresh token used to revoke the association at your request. We do not request your name or email address through Sign in with Apple. We assign you a forwarding inbox address and a device token used to authenticate your app's requests.
When you forward an email to your assigned inbox address, our infrastructure receives the message, including the sender, subject line, body content, and any attachments (including PDFs). We process this content, including by transmitting it to our artificial intelligence service provider (currently Anthropic), to extract structured reservation details. We retain a structured derivative of the email contents (the parsed reservation fields, sender address, and subject line) for the life of your account so that the in-app Inbox view remains accurate and so that we can demonstrate the parse outcome of any email you forwarded. We do not retain the full original body text or attachment contents after parsing, except as may be present in transient caches and in routine system backups and audit logs described in Section 6 below.
If you become a paid member, Apple processes the transaction and provides us with verification of your subscription status. We do not receive your payment method, card number, or billing address.
We may collect technical information automatically generated through your use of the Service, including but not limited to: device tokens, IP address, request timestamps, app version, iOS version, device model, daily and aggregate counts of features used (such as artificial intelligence calls), error and crash diagnostics, and similar telemetry.
The Service reads your iOS photo library locally on your device when you grant permission, including photo timestamps, GPS coordinates embedded in photo metadata, and image previews used for display in the journal. This information is processed on your device and is not transmitted to us. Apple's iCloud Photo Library may sync your photos between your own devices independently of the Service; we have no access to that sync.
Your trips and journal entries may sync between your devices via Apple's iCloud (CloudKit). This data is encrypted and accessible only to you and to your devices. We do not have access to iCloud-synced data.
We may receive information about you from service providers, fraud-prevention vendors, and others as reasonably necessary to operate, secure, and improve the Service.
We may create aggregated, anonymized, statistical, or de-identified data from any of the categories above. Such data does not identify you and is not subject to the restrictions of this Policy. We reserve the right to use, share, license, sell, or commercialize aggregated and de-identified information for any lawful purpose, including but not limited to research, analytics, product development, marketing, and disclosure to third parties, without additional notice or consent.
We may use Information for any lawful business purpose, including but not limited to:
We do not sell your personal information for advertising purposes, and we do not run advertising in the Service. Subject to that limitation, we may share or disclose Information as follows:
We share Information with vendors, contractors, and service providers that perform services on our behalf, including but not limited to: cloud infrastructure providers (currently Cloudflare); artificial intelligence and machine-learning processors (currently Anthropic); platform providers (Apple); crash and error reporting providers (currently Sentry); customer-support providers; analytics providers; payment processors; legal and accounting professionals; and similar providers we may engage from time to time. We require these providers to use Information only as necessary to perform the services we engage them for.
We may disclose Information when we believe in good faith that disclosure is appropriate to: (i) comply with applicable law, regulation, legal process, or governmental request; (ii) enforce our Terms of Service, including investigation of potential violations; (iii) detect, prevent, or address fraud, security, or technical issues; (iv) protect against harm to the rights, property, or safety of Meridian Dispatch, our users, or the public, as required or permitted by law; or (v) respond to claims or potential claims.
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your Information may be sold, transferred, or otherwise shared as part of that transaction or potential transaction. The successor entity will be bound by this Policy unless and until it provides notice of a different policy.
We may share Information for any other purpose with your consent.
As described in Section 2(h), we may share aggregated or de-identified information without restriction.
The Service is a native iOS application and does not use browser cookies. The Service does not engage in cross-app or cross-site tracking, does not request App Tracking Transparency (ATT) permission, does not use the Identifier for Advertisers (IDFA), and does not register any tracking domains. The Service does not use Apple's SKAdNetwork attribution framework.
We retain Information for as long as we deem necessary for our legitimate business purposes, including but not limited to: providing the Service, complying with our legal obligations, resolving disputes, enforcing our agreements, preventing fraud and abuse, and operating routine system backups.
The specific retention periods we currently observe include:
You acknowledge that complete and immediate deletion from all systems, including third-party providers' systems and routine backups, may not be technically feasible, and you agree that retention consistent with this Section (with a ninety-day ceiling for residual copies) satisfies any deletion request.
The "Delete Account" function in the Service's Settings sheet initiates deletion of your account and parsed confirmations on our servers and, where we hold a valid refresh token, calls Apple's revocation endpoint to disassociate Sign in with Apple from the Service. Local data on your device is not deleted by this function; you may remove the app to delete on-device data.
The "Sign Out" function clears local credentials but does not delete your server-side record. Signing back in with the same Apple ID restores access.
You may grant, restrict, or revoke photo-library access at any time in iOS Settings. The Service does not transmit photos or photo metadata to our servers; revoking access only affects on-device features.
Manage or cancel your subscription in iOS Settings → Apple ID → Subscriptions, or via the in-app "Manage Subscription" link. Cancellation does not entitle you to a refund of fees already paid; refund eligibility is governed by Apple's policies.
If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA"), gives you specific rights regarding your personal information. We honor these rights regardless of whether we are technically required to do so.
How to exercise your California rights. Email dispatch@meridiandispatch.com with the subject line "California Privacy Request" and a clear description of the right you wish to exercise. We will acknowledge your request within ten (10) business days and substantively respond within forty-five (45) days, with a one-time forty-five (45) day extension permitted under the CCPA where reasonably necessary. We may need to verify your identity before fulfilling a request, typically by confirming control of the email address associated with your account, or by asking you to authenticate the request from within the app.
Authorized agents. You may designate an authorized agent to make a request on your behalf. The agent must provide written, signed authorization, and we may require you to verify your identity directly to confirm the request.
If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation ("GDPR") and equivalent laws give you rights to access, rectify, erase, restrict processing of, port, and object to processing of your personal data, and to withdraw consent where processing is based on consent. We process personal data on the following lawful bases: (i) contract (Article 6(1)(b)), to provide the Service you signed up for; (ii) legitimate interests (Article 6(1)(f)), for security, fraud prevention, abuse detection, internal analytics, and improvement of the Service, where those interests are not overridden by your interests or rights; and (iii) legal obligation (Article 6(1)(c)), to comply with applicable law. Where required, we rely on standard contractual clauses with our processors for international transfers. To exercise GDPR rights, email dispatch@meridiandispatch.com. You also have the right to lodge a complaint with your local data protection authority.
Residents of other states or countries (including without limitation Virginia, Colorado, Connecticut, Utah, Texas, Quebec, Brazil) may have analogous rights under local law. We will honor verifiable requests under such laws on substantially the same basis as the CCPA and GDPR rights above.
We implement administrative, technical, and physical safeguards reasonably designed to protect Information against unauthorized access, alteration, disclosure, or destruction, including HTTPS encryption in transit, cryptographic verification of authentication tokens, and storage of device credentials in iOS Keychain.
No method of transmission over the internet or electronic storage is one hundred percent secure. Your use of the Service is at your own risk.
While we strive to use commercially acceptable means to protect Information, we cannot guarantee its absolute security and we expressly disclaim any such warranty. In the event of a security incident affecting your Information, we will notify affected users and applicable authorities to the extent required by, and in accordance with, applicable law.
The Service is not directed to and is not intended for use by children under seventeen (17) years of age. We do not knowingly collect personal information from children under thirteen (13). If you believe a child under thirteen (13) has provided personal information to us, contact dispatch@meridiandispatch.com and we will take reasonable steps to delete such information from our records.
The Service is operated from, and Information is processed in, the United States and other jurisdictions where we or our service providers maintain facilities. If you access or use the Service from outside the United States, you consent to the transfer of your Information to the United States and to processing in any jurisdiction where we operate, which may have different data-protection laws than your jurisdiction. Where required by applicable law, we implement appropriate transfer mechanisms, such as standard contractual clauses with our service providers.
The Service may contain links to or interact with third-party services (such as your email provider, Apple, the App Store, and third-party mapping services). We are not responsible for the privacy practices, content, security, or terms of those third parties. Your interactions with third-party services are governed by those parties' policies. We disclaim any liability arising from your use of, or interactions with, third-party services.
The Service, including any Information generated, parsed, displayed, or otherwise processed by the Service, is provided on an "AS IS" and "AS AVAILABLE" basis, without warranty of any kind, whether express, implied, statutory, or otherwise. We make no representation or warranty regarding the accuracy, completeness, reliability, timeliness, or suitability of any reservation parse, AI-generated description, trip-detection result, or other Information generated or displayed by the Service. You acknowledge that artificial intelligence systems may produce inaccurate, incomplete, or misleading results, and that you are solely responsible for verifying any reservation, date, location, or other detail before relying on it for travel or other purposes.
To the maximum extent permitted by applicable law, we disclaim all warranties, including warranties of merchantability, fitness for a particular purpose, non-infringement, accuracy, and quiet enjoyment.
To the maximum extent permitted by applicable law, in no event shall Meridian Dispatch, its affiliates, officers, directors, employees, agents, licensors, or service providers be liable for any indirect, incidental, special, consequential, exemplary, or punitive damages, including but not limited to damages for lost profits, lost data, loss of goodwill, missed travel, or substitute services, arising out of or related to: (i) your use of, inability to use, or reliance on the Service or any Information processed by the Service; (ii) any unauthorized access to or alteration of your Information; (iii) any third-party conduct or content on the Service; or (iv) any other matter relating to the Service.
To the extent the foregoing disclaimer is not enforceable, our total cumulative liability arising out of or related to the Service or this Policy shall not exceed the greater of (a) the amount you have paid us for the Service in the twelve (12) months preceding the event giving rise to the claim, or (b) one hundred U.S. dollars ($100). The limitations in this Section apply even if a remedy fails of its essential purpose. Some jurisdictions do not allow limitation of certain damages; in such jurisdictions, the foregoing limitations apply to the fullest extent permitted by law.
You agree to indemnify, defend, and hold harmless Meridian Dispatch and its affiliates, officers, directors, employees, agents, and service providers from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or related to: (i) your use or misuse of the Service; (ii) your violation of this Policy or our Terms of Service; (iii) your violation of any applicable law; (iv) the content you forward, transmit, or otherwise submit through the Service, including any content that infringes a third party's rights; or (v) your violation of the rights of any third party.
We may update this Policy at any time, in our sole discretion. If we make material changes, for example, expanding the categories of Information we collect, the purposes for which we use Information, or the parties with whom we share Information, we will provide notice through the Service, by email (if we have a contact address for you), or by updating the "Last updated" date at the top of this Policy with reasonable advance notice prior to the effective date. Non-material changes (such as clarifying language or correcting errors) may be made without prior notice. Your continued use of the Service after the effective date of any update constitutes your acceptance of the updated Policy.
This Policy is governed by the laws of the State of New York, United States, without regard to conflict-of-laws principles. Any dispute arising out of or related to this Policy or your use of the Service shall be resolved exclusively in accordance with the dispute-resolution provisions of our Terms of Service, which include mandatory binding arbitration and a waiver of class-action rights. Please review our Terms of Service carefully.
If any provision of this Policy is held invalid, illegal, or unenforceable, the remaining provisions shall continue in full force and effect. Our failure to enforce any provision is not a waiver of that provision or of our right to enforce it later. This Policy, together with our Terms of Service and any other agreements expressly incorporated by reference, constitutes the entire agreement between you and us with respect to the subject matter hereof and supersedes all prior or contemporaneous communications and proposals.
Except as expressly provided herein, this Policy does not confer any rights, remedies, or benefits on any person or entity other than you and Meridian Dispatch.
You may not assign or transfer your rights or obligations under this Policy without our prior written consent. We may assign or transfer our rights and obligations under this Policy at any time without notice or consent.
For questions, requests, or complaints about this Policy or our privacy practices:
Email: dispatch@meridiandispatch.com
Mailing address:
For privacy requests under specific laws (GDPR access requests, CCPA "do not sell" requests, etc.), please mark your communication clearly so we can route and respond within statutory timeframes.