Privacy Policy

Last Updated: May 5, 2026

Mesh Connect, Inc. (the “Company,” “we,” or “us”) provides financial infrastructure to deliver asset-agnostic read, write and transfer capabilities (“Services”) to application developers (“Business Customers”).

Whether you interact with us as a representative of a Business Customer, as a website visitor, or a user of our Services, we want you to be familiar with how we collect, use and disclose (collectively also referred to as “process”) information, including information that identifies you as an individual or relates to an identifiable individual. We call this “Personal Information”.

The purpose of this policy is to provide you and our Business Customers with information about what personal data Mesh Connect collects, how we use the data, and an individual’s right to access the data and consent to how it is used.

“Site” herein refers to our website at meshpay.com.

Business Customers

If you are a representative of our Business Customer, we will process your Personal Information such as:

• Name;
• Contact details;
• Name of employer;
• Job title and function;
• Financial information, such as payment method, billing details and invoice history.

We process this Personal Information to enter into and manage our contractual relationship with our Business Customer and for other legitimate business purposes. This includes:

• The provision of our Services;
• Arranging access to your developer account;
• Providing customer service and responding to other inquiries and requests;
• Communicating with you about our Services and our contract with you;
• Completing transactions, verifying your information, sending you invoices and processing payments from you.

You can view this information and update it by accessing your developer account on the Site (https://dashboard.meshconnect.com/login).

If you disclose any Personal Information relating to other people to us, such as your teammates or colleagues, you represent that you have the authority to do so and to permit us to use the information.

Website Visitors

If you visit the Site at https://www.meshpay.com/, we will process information such as log information, IP address, approximate location, and other information collected through our use of cookies or other similar technologies.

We process this information for the following purposes:

• Analyzing Personal Information for business reporting and providing personalized services.
  • To analyze or predict our users’ preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our Services and the Site.
  • To better understand your interests and preferences, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests.
  • To better understand your preferences so that we can deliver content that we believe will be relevant and interesting to you.

For more information about our use of cookies or similar technologies, please see the cookie section of this policy.

AI-Powered Chatbot

Mesh may make available on the Site an AI-powered chatbot (“Chatbot”) to provide general information and customer support. This section describes how we collect, use, and process information in connection with your interactions with the Chatbot.

Information We Collect Through the Chatbot

When you interact with the Chatbot, we may collect the following categories of information:

• Conversation Data: The text of messages you submit to the Chatbot and the responses generated by the Chatbot, including conversation transcripts and session identifiers.
• Technical Data: IP address, browser type and version, device type and operating system, referring URL, approximate geolocation, and timestamps associated with your Chatbot interactions.
• Cookies and Tracking Technologies: The Chatbot and its underlying platform may use cookies, pixel tags, and similar technologies to identify your browser session, facilitate the Chatbot experience, and collect usage analytics. For more information, see the “Cookies and Similar Technologies” section of this Privacy Policy.
• Voluntarily Provided Information: Any additional information you choose to share during a Chatbot conversation, such as your name, email address, company name, or details about your inquiry. Because the Chatbot is conversational, you may choose to share information beyond what is requested. We encourage you to use discretion and avoid submitting sensitive personal information (see below).

How We Use Chatbot Information

We process information collected through the Chatbot for the following purposes:

• To provide, operate, and improve the Chatbot experience and respond to your inquiries;
• To train, improve, and enhance the quality and accuracy of the Chatbot and Mesh’s customer support operations;
• To analyze usage patterns and generate aggregated, de-identified analytics to improve the Site and our Services;
• To detect, prevent, and address fraud, abuse, security incidents, and technical issues;
• To comply with applicable legal obligations, including responding to lawful requests from law enforcement or regulatory authorities.

Third-Party Processing

The Chatbot is operated through one or more third-party platforms and may utilize third-party artificial intelligence services to generate responses. When you interact with the Chatbot, your Conversation Data and Technical Data may be transmitted to and processed by these third-party providers in accordance with their respective privacy policies. We require our third-party providers to process your information only as necessary to provide services to Mesh and in accordance with applicable data protection obligations. A current list of subprocessors involved in delivering the Chatbot and other Mesh services is available at trust.meshconnect.com/subprocessors.

Chatbot Data Retention

Chatbot conversation transcripts are retained for as long as reasonably necessary to fulfill the purposes described above, subject to applicable legal retention requirements. We apply the same retention criteria described in the “Retention Period” section of this Privacy Policy. Where feasible, we use de-identified or aggregated data for analytics and Chatbot improvement purposes.

Sensitive Information Warning

Please do not submit sensitive personal information through the Chatbot, including but not limited to: wallet private keys, seed phrases or recovery phrases, passwords or authentication credentials, social security numbers or government-issued identification numbers, financial account numbers, or information related to racial or ethnic origin, political opinions, religious beliefs, health conditions, biometric data, or criminal history. If you voluntarily provide sensitive information through the Chatbot, you do so at your own risk. Mesh will take reasonable steps to delete sensitive personal information inadvertently submitted through the Chatbot upon becoming aware of such submission.

Your Rights Regarding Chatbot Data

You may exercise your rights under applicable data protection laws (including the GDPR, CCPA/CPRA, and other applicable privacy regulations) with respect to the personal information we collect through the Chatbot. This includes the right to access, correct, delete, or request a copy of your Chatbot conversation data. To exercise any of these rights, please contact us at [email protected].

International Data Transfer

Chatbot data may be processed and stored in the United States or other countries where Mesh or its third-party providers maintain facilities. If you are located in the European Economic Area, the United Kingdom, or Switzerland, please note that your Chatbot data may be transferred to jurisdictions that may not provide the same level of data protection as your home jurisdiction. We rely on appropriate transfer mechanisms, including Standard Contractual Clauses, to ensure adequate protection for your personal information. For more information, see the “Jurisdiction and Cross-Border Transfer” section of this Privacy Policy.

Newsletter, Marketing, and Third-Party Advertising

We may process your Personal Information, including marketing data (e.g., your preferences for receiving our marketing communications and details about your engagement with them), for promotional purposes. This includes the following:

• Providing you with our newsletter and/or other marketing materials.
  • To send you marketing related emails, with information about our Services, new products and other news about our Company.
  • To facilitate social sharing functionality that you choose to use.
• Analyzing Personal Information for business reporting and providing personalized services.
  • To analyze or predict your preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our Services.
  • To better understand your interests and preferences, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests.
  • To better understand your preferences so that we can deliver content that we believe will be relevant and interesting to you.
• Allowing you to participate in sweepstakes, contests or other promotions.
  • We may offer you the opportunity to participate in a sweepstakes, contest or other promotion.
  • Some of these promotions have additional rules containing information about how we will use and disclose your Personal Information. Please read those additional rules before choosing to participate.
• Allowing you to participate in our events.
  • To plan and host events or webinars for which you have registered or that you attend, including sending related communications to you.

We may disclose your Personal Information:

• To third-party sponsors of sweepstakes, contests, and similar promotions.

We give you choices regarding our use and disclosure of your Personal Information for promotional purposes. You may opt out from:

1. Receiving marketing-related emails from us. If you no longer want to receive marketing related emails from us on a going-forward basis, you may opt out by contacting us in accordance with the “Contacting Us” section below.
2. Receiving text/SMS/mobile messages. If you no longer want to receive marketing related texts/SMS/mobile messages from us on a going-forward basis, you may opt out by following the instructions provided in the relevant text/SMS/mobile messages.

We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt out of receiving marketing related emails from us, we may still send you important administrative messages, from which you cannot opt out.

We use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the Site and other websites or online services.

• You may receive advertisements based on information relating to your access to and use of the Services and other websites or online services on any of your devices, as well as on information received from third parties. These companies place or recognize a unique cookie on your browser (including through the use of pixel tags). They also use these technologies, along with information they collect about your online use, to recognize you across the devices you use, such as a mobile phone and a laptop. If you would like more information about this practice, and to learn how to opt out of it in desktop and mobile browsers on the particular device on which you are accessing this Privacy Policy, please visit http://optout.aboutads.info/, http://optout.networkadvertising.org/, and https://allaboutcookies.org/.

Information from Children

The Services are not directed to children under the age of 13. Any person who provides Personal Information through the Site represents to us that they are 13 years of age or older. If we obtain actual knowledge that we have collected personal information from a child under the age of 13, we will promptly delete it, unless we are legally obligated to retain such data.

Information from Teens

We do not direct the services to individuals under the age of 18. We do not knowingly collect or maintain Personal Information from individuals under 18.

Other Purposes for Processing Personal Information

We may also process Personal Information for the general purposes below. Where we do so, we will make attempts to process only de-identified or pseudonymized Personal Information, where possible.

• Aggregating and/or anonymizing Personal Information.
  • We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual.
• Accomplishing our business purposes.
  • For data analysis, for example, to improve the efficiency of our Services and Site;
  • For audits, to verify that our internal processes function as intended and to address legal, regulatory, or contractual requirements;
  • For fraud prevention and fraud security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft;
  • For developing new products and services;
  • For improving or training the Services;
  • For verifying your ownership of any third-party account or wallet you connect to the Services;
  • For providing the Services to our Business Customers;
  • For enhancing, improving, repairing, maintaining, or modifying our current products and services, as well as undertaking quality and safety assurance measures;
  • For identifying usage trends, for example, understanding which parts of our Services are of most interest to Business Customers;
  • For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our Business Customers; and
  • For operating and expanding our business activities, for example, understanding which parts of our Services are of most interest to our Business Customers so we can focus our energies on meeting their interests.
• To comply with applicable law and regulations.
  • This may include laws outside your country of residence.
• To cooperate with public and government authorities.
  • To respond to a request or to provide information we believe is necessary or appropriate.
  • These can include authorities outside your country of residence.
• To cooperate with law enforcement.
  • For example, when we respond to law enforcement requests and orders or provide information we believe is important.
• For other legal reasons.
  • To enforce our terms and conditions;
  • To protect our rights, privacy, safety or property, and/or that of our business partners, you or others.
• In connection with a sale or business transaction.
  • We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

Data Integrity and Purpose Limitation

We take reasonable steps to ensure that the personal data that it processes is: (i) relevant for the purposes for which it is to be used, (ii) reliable for its intended use, and (iii) accurate, complete and current.

Rights under the GDPR

We offer you the opportunity to access, rectify, erase, restrict processing of, acquire, or object to any of your data that we have collected. You have the right to:

• Withdraw your consent to the processing of your Personal Information at any time
• Access your Personal Information and have it corrected, amended or deleted
• Receive a copy of your personal data
• At any time, to object to our processing of your Personal Information which we will comply with unless we demonstrate a compelling legitimate grounds for processing such that overrides your rights; and
• If you believe your Personal Information is inaccurate, unlawful, no longer necessary for our business purposes, or if you object to our processing of your Personal Information, you also have the right to instruct us to restrict the processing of your data pending our investigation and/or verification of your claim.

You may contact us regarding the company’s use or disclosure of your personal data at any time. Recipients of our communications may unsubscribe or manage communication preferences at any time by emailing us at [email protected]. If you wish to raise a complaint and initiate an investigation on how we have handled your personal data, or request a copy of your Personal Information, please email us at [email protected].

Disclosure of Personal Information

We do not sell your personal data to third parties. We may share your information with service providers under contract and confidentiality agreement who help us operate our business. We may also share your information with our Business Customers in connection with your and our Business Customers’ use of our Services. In rare circumstances, we may use and/or disclose your information, including your Personally Identifiable Information, in the following circumstances:

• To enforce, and/or investigate violations of, our site Terms of Use and/or this Policy.
• Although unlikely, your Personal Information may be disclosed to the governments, courts, law enforcement or regulatory agencies under a lawful order in a jurisdiction where you are located and/or where your Personal Information is stored and/or processed. You cannot opt out of disclosure of your Personal Information if required by lawful order.

We engage third party subprocessors to provide infrastructure that helps with the delivery of our services, for example storage services. Prior to using any third party subprocessor, We evaluate their privacy, security, and confidentiality practices to ensure compliance with our security certifications. Additional information about the subprocessors we use can be found in our list of subprocessors.

Cookies and Similar Technologies

The cookies and/or other similar technologies on the Site may also collect information. These include information collected through:

• Your browser or device.
  • Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version. We use this information to ensure that the Site functions properly.
• Cookies.
  • Cookies are pieces of information stored directly on the computer that you are using. Cookies allow us to collect information such as browser type, time spent on the Site, pages visited, language preferences, and other traffic data. We use the information for security purposes, to facilitate navigation, to display information more effectively, and to personalize your experience. We also gather statistical information about use of the Site in order to continually improve their design and functionality, understand how they are used, and assist us with resolving questions regarding them. Site activity is tracked using Google Analytics to identify trends and analyze site traffic, but not in any way to identify individual personal use of the Site. We do not currently respond to browser do-not-track signals. If you do not want information collected through the use of cookies, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular Site. You may also wish to refer to http://www.allaboutcookies.org/manage-cookies/index.html. If, however, you do not accept cookies, you may experience some inconvenience in your use of the Site.
• Pixel tags and other similar technologies.
  • Pixel tags. Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of our services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of our services and response rates.
  • Online data partners. When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email. We (or service providers on our behalf) may then send communications and marketing to these emails. You may opt out of receiving this advertising by visiting https://app.retention.com/optout. You also have the option to opt out of the collection of your personal data in compliance with GDPR. To exercise this option, please visit https://www.rb2b.com/rb2b-gdpr-opt-out.
  • Analytics. We use analytics providers, including Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the Site and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google’s practices by going to https://policies.google.com/privacy, and exercise the opt-out provided by Google by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

How We Protect Your Information

We seek to use reasonable organizational, technical, physical, and administrative measures to protect Personal Information within our organization from loss, misuse, and unauthorized access, disclosure, alternation, and destruction. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contacting Us” section below.

Hyperlinks and Other Websites

Our Site may contain links to websites operated by others. This Privacy Policy only applies to this Site. Privacy policies for these third-party sites and services may be different from our Privacy Policy. You access these third-party sites and services at your own risk so when you link to other websites, you should read their privacy policies.

Retention Period

We securely store your data in Azure. Data is logically segregated between clients, including data encryption at rest and in transit. We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.

The criteria used to determine our retention periods include:

• The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
• Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them);
• Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

Once the retention period has expired, we will delete your data.

Third-Party Services

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Site does not imply endorsement of the linked site or service by us.

In addition, we are not responsible for the information collection, use, disclosure, or security policies or practices of other organizations, such as Business Customers, Meta, Apple, Google, Microsoft, RIM, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer.

Jurisdiction and Cross-Border Transfer

Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services or otherwise interacting with us you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.

Sensitive Information

Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through the Services or otherwise to us.

Third-Party Payment Services

The developer website may provide functionality allowing you to make payments to the Company using third-party payment services with which you have created your own account. When you use such a service to make a payment to us, your Personal Information will be collected by such third party and not by us, and will be subject to the third party’s privacy policy, rather than this Privacy Policy. We have no control over, and are not responsible for, this third party’s collection, use, and disclosure of your Personal Information.

End-User

This Privacy Policy does not apply to our processing of Personal Information of end-users of our Business Customers’ products or services (“End-User”). If you are an End-User, we will only process your Personal Information on behalf of our Business Customer where required to provide our Services (e.g., to facilitate a transaction). The Business Customer is responsible for the processing of your Personal Information and we act as a service provider in this context. This means that we will only process your Personal Information based on our Business Customer’s instructions.

Please consult the relevant Business Customer’s privacy policy for information about how they process your Personal Information. If you have questions or want to exercise rights in relation to your Personal Information, please contact the relevant Business Customer.

What do we do with your information when you terminate your relationship with us?

In general, we will only retain your information for the time necessary to realize our legitimate business purposes and to comply with the law. However, we may continue to store anonymous or anonymized information, such as website visits, without identifiers, in order to improve our services.

Updates to This Privacy Policy

The “LAST UPDATED” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Site.

Contacting Us or Our Data Protection Officer

To contact our Data Protection Officer, or if you have general questions or comments regarding our privacy policy and practice, please email us at [email protected] or by using the contact details below:

United States Contact:

Mesh Connect, Inc.

Attn: [email protected]

2325 3rd Street, Suite 210 San Francisco, CA 94107

---

EU Representative:

Company Name: Instant EU GDPR Representative Ltd

Name: Adam Brogden

Email: [email protected]

Tel: + 353 15 549 700

Your Reporting Link: https://meshconnectinc.gdprlocal.com/eu

EU Dublin Address: INSTANT EU GDPR REPRESENTATIVE LIMITED Office 2 12A Lower Main Street, Lucan Co. Dublin K78 X5P8 Ireland

---

UK Representative:

Company Name: GDPR Local Ltd

Name: Adam Brogden

Email: [email protected]

Tel: + 441 772 217 800

Your Reporting Link: https://meshconnectinc.gdprlocal.com/uk

UK Address: GDPR Local Ltd 1st Floor Front Suite 27-29 North Street, Brighton England BN1 1EB

Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.