Last update: March 31, 2023
At Merge, data protection is a top priority–and has been from the beginning. In order to support customers that collect and process the personal data of EU citizens, Merge has implemented a wide array of controls and procedures to comply with the obligations of a data processor under the GDPR. For more information please visit trust.merge.dev.
Gil Feig, CTO
Gil Feig, CTO
Consent: Via End Customer’s acceptance of End Customer Terms during account linking process. The End Customer can withdraw its consent by unlinking their account with Merge customer’s Service.
Contract: Via contracts with Customers which give Merge permission to process personal data for the purpose of providing the Service to Customers.
For more information, see the Merge Data Protection Agreement is available on our website (https://merge.dev/legal/data-processing-agreement).
For Customers, withdrawal of consent or opting out after initial consent/opt-in will be available via termination of their agreement with us.
For End Customers who have linked an account with Merge through a Customer Application, withdrawal of consent may be accomplished by unlinking their account on the Service where they originally linked it.
For visitors to the service, opting out can be done by emailing email@example.com.
Deletion of data for Customers is available when terminating their agreement with us. Individual linked accounts can be deleted by Customers on behalf of End Customers who have linked an account at any time via the Merge API.
Data Deletion on the website (merge.dev) for visitors can be done by contacting firstname.lastname@example.org.
Customers can access, modify and download their data directly from the dashboard. Visitors can request a copy or update of their data by emailing email@example.com.
We maintain ISO 27001 and SOC 2 Type 2 certification alongside industry best practices to keep data secure. More information about our security practices is available at trust.merge.dev.
Merge’s data breach notification process is outlined within its Incident Response Policy, and made available via our Trust Center at https://trust.merge.dev.