Meridian LogoMeridian

Privacy Policy

Last Updated: January 30, 2025

1. Introduction

This Privacy Policy explains how the Meridian Association, a blockchain-native Swiss Association created through smart contract multi-signature transaction with cryptographic birth certificate at smart contract address: 0x9F586C59EF32456Af313780C81380B9fC698f18F, collects, uses, and protects your information when you use our x402 payment verification and settlement services. We are committed to transparency about our data practices and protecting your privacy in accordance with Swiss data protection law.

2. Information We Collect

Authentication Data

  • Ethereum wallet addresses (for SIWE authentication)
  • Session IDs and authentication tokens
  • Chain IDs for blockchain network identification
  • Organization associations and memberships

Payment and Transaction Data

  • Payment signatures and cryptographic proofs
  • Transaction amounts, timestamps, and blockchain metadata
  • Payment verification results and settlement status
  • Blockchain transaction hashes and network information
  • Asset types and contract addresses (USDC, etc.)

API and Usage Data

  • API key usage and request logs
  • Service endpoint interactions and response times
  • Error logs and debugging information
  • Organization and project configuration data

3. How We Use Your Information

We use your information to:

  • Service Operation: Provide x402 payment verification and settlement services
  • Authentication: Verify wallet ownership through SIWE (Sign-In with Ethereum)
  • Transaction Processing: Verify payment signatures and process blockchain settlements
  • API Management: Generate, manage, and track API key usage for developers
  • Security: Prevent fraud, abuse, and unauthorized access to our services
  • Service Improvement: Analyze usage patterns to improve platform performance and reliability
  • Legal Compliance: Meet regulatory requirements and respond to lawful requests

4. Data Security

We implement appropriate security measures to protect your information:

  • Cryptographic Security: All payment data uses blockchain-grade cryptographic signatures
  • No Private Key Storage: We never store or have access to your private keys or seed phrases
  • Hashed API Secrets: API secret keys are cryptographically hashed and never stored in plaintext
  • Database Security: Encrypted data storage with access controls and authentication
  • Network Security: HTTPS/TLS encryption for all data transmission
  • Regular Audits: Ongoing security assessments and monitoring

5. Data Sharing

We do not sell, rent, or trade your personal information. Due to the nature of blockchain technology, some information is inherently public:

  • Public Blockchain Data: Transaction hashes, amounts, and wallet addresses are publicly visible on blockchain networks
  • Service Providers: Trusted third-party services that help us operate our platform (with appropriate data protection agreements)
  • Legal Requirements: When required by law, court order, or regulatory authority
  • Business Transfers: In the event of a merger, acquisition, or sale of assets (with user notification)
  • Consent: Other parties only with your explicit consent

Important: Blockchain transactions are permanent and publicly visible. This is inherent to blockchain technology and not specific to our service.

6. Your Rights

You have the right to:

  • Access: Request access to your personal information we have collected
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your information (subject to legal and technical limitations)
  • Portability: Receive a copy of your information in a structured, machine-readable format
  • Objection: Object to processing of your information for certain purposes
  • Restriction: Request restriction of processing under certain circumstances

Blockchain Limitations: Please note that blockchain transactions cannot be deleted or modified once confirmed. This includes transaction hashes, amounts, and wallet addresses that are permanently recorded on public blockchains.

7. Changes to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes through the Service, email, or other reasonable means. Your continued use of the Service after such modifications constitutes acceptance of the updated Privacy Policy.

8. Legal Basis and Swiss Law

As a Swiss Association, we process your personal data in accordance with Swiss Federal Act on Data Protection (FADP) and applicable European data protection regulations where relevant.

Our legal basis for processing includes:

  • Contractual Performance: Processing necessary to provide our x402 services
  • Legitimate Interests: Service improvement, security, and fraud prevention
  • Legal Compliance: Meeting Swiss regulatory and legal requirements
  • Consent: Where you have provided explicit consent for specific processing

9. Contact

Meridian Association
A blockchain-native Swiss Association
Registered Address:
Weinberghöhe 31
CH-6340 Baar
Switzerland

Smart Contract Address: 0x9F586C59EF32456Af313780C81380B9fC698f18F

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact us through our support channels. As a Swiss entity, we are committed to handling your requests in accordance with Swiss data protection law.