LEGAL & COMPLIANCE

Privacy Policy

As a bare-metal infrastructure provider delivering raw compute, we take data sovereignty seriously. This policy explains the boundaries of data we process to keep facilities running and our zero-access commitment to data on your disks.

Last revised: January 15, 2026
MESHLAUNCH LLC provides bare-metal physical machines. We treat data sovereignty with utmost seriousness. This policy explains the minimal processing required to operate the data center normally and our commitment to data you store: zero access and zero analytics.

01

01. Minimized collection

We follow a "minimum necessary" rule—we only collect what is strictly required to deliver the service and refuse collection beyond operational needs. Specifically:

  • Account credentials: The email you provide at registration and a bcrypt password hash (we cannot recover your plaintext password).
  • Payment summaries: Licensed processors such as Stripe move funds; we retain order IDs, transaction status, and amount summaries—not full card or bank account numbers.
  • Infrastructure health telemetry: Power state, network throughput, and public IP assignment records to meet SLA commitments. This sits outside your OS and is unrelated to application data.
  • Security logs: WAF logs with client IP and timestamps, retained at most 90 days, to mitigate DDoS and malicious scanning—not for behavioral analytics.

We explicitly promise:We do not collect device usage habits, application telemetry, keystrokes, or any screen content.

02

02. Data used only for operations

We limit the small amount of data we collect strictly to automated operations below; none is used for marketing analytics or third-party monetization:

  • Fully automated physical allocation, OS provisioning, and secure delivery of SSH credentials for in-stock "order and go live" experiences.
  • Periodic billing for daily, weekly, monthly, or quarterly plans, invoice generation, and renewal reminders before expiry.
  • When you open a support ticket, engineers use account metadata to verify ownership and troubleshoot network or PDU-class issues faster.
  • Detect and filter malicious traffic from compromised nodes to protect shared backbone switch quality for all customers.

We do not send user data to ad networks or analytics vendors, and we do not embed third-party trackers in the service.

Zero-Touch Policy

03. Core commitment: physical isolation and zero access

This is what separates MESHLAUNCH bare metal from virtualization. Our architecture is designed from day one for strict isolation of your data:

  • No preinstalled monitoring agents: Our macOS images contain no background monitoring agents. After delivery, you are the only party with system access—we cannot enter your operating system.
  • Network traffic is a black box: We meter aggregate bandwidth at core switches only. Deep packet inspection (DPI) and application-layer traffic analysis are prohibited—your communications are not visible to us.
  • Permanent destruction after offboarding: After a subscription ends, the system triggers APFS key destruction plus multi-pass overwrite. Prior tenant data cannot be recovered physically.
Secure Disk Wipe Protocol
> INIT_SECURE_WIPE --target [INSTANCE_DISK] --passes 3 > EXECUTING: APFS Cryptographic Erase + DoD 5220.22-M Wipe... > SUCCESS: Data unrecoverable. Hardware returned to clean pool.

This process runs automatically within 24 hours of expiry or voluntary cancellation without manual steps. Key destruction plus physical overwrite turns prior data into irrecoverable random noise, closing information-leak paths.

04

04. Extremely limited sharing

We solemnly pledge:we will never sell, rent, or trade your personal information to commercial third parties. We share only the minimum necessary data in the three strictly limited cases below:

  • Licensed payment processors: We pass order identifiers to compliant processors such as Stripe to execute charges. They cannot infer your workload or device contents.
  • On-site data center engineers: For special hardware work such as Thunderbolt 5 clustering, field engineers receive rack identifiers only—not customer accounts or identities.
  • Legal process: When we receive lawful requests for assistance, we disclose only the minimum information required and notify you as soon as the law allows.

We do not join ad networks, do not use third-party analytics SDKs, and do not embed external tracking scripts in the console.

05

05. Enterprise-grade security controls

We treat the account system as a core asset on par with the physical data center and continuously invest in:

  • All traffic between the console and API endpoints must use TLS 1.3 encryption; downgrade attempts are refused.
  • Passwords are stored with bcrypt and a high-entropy random salt using one-way hashes—even if a database were compromised, attackers cannot recover plaintext passwords.
  • Core billing databases and identity systems run inside private VPC subnets with no direct internet exposure, strict RBAC, and full audit logs for access.
  • Data centers use 24/7 video surveillance and biometric access control so unauthorized personnel cannot reach cabinets hosting your equipment.
  • We run periodic third-party security audits on infrastructure and operate a responsible disclosure program so issues receive priority response within 48 hours.
06

06. You stay in full control of your data

We believe data sovereignty belongs to you. Wherever you are, you may exercise the rights below at any time at no cost:

  • Access and export: In the console under Billing & Finance you can self-serve query and export invoices, orders, and configuration history—no ticket required.
  • Correction: Update contact email and profile details anytime in Account Settings; changes apply immediately.
  • Cancel subscription: Disable auto-renew anytime in the console. Daily plans are one-time by design with no recurring charge.
  • Account deletion and erasure: To fully delete your account, open a ticket. After all instances are released, we permanently and irreversibly purge account data from production systems within 30 days.
07

07. Updates and contact

We will update this policy as the product and regulations evolve. Material changes will be emailed to your registered address 14 days in advance. For questions or to exercise these rights, contact compliance via:

[email protected]
Console ticket -> category: [Account & Compliance]
1 / 7