Trust Center
Security & Trust at Meridian AI
Meridian processes deal-flow data for cross-border teams operating in the Gulf-US corridor. This page is the single shareable answer for your General Counsel, Compliance team, or IT Security review.
Last reviewed: May 29, 2026·For security questions: security@meridianai.fyi
1. Compliance & Certifications
Status of the regulatory frameworks customers typically ask about. “Deferred” means an intentional product decision that can be revisited; it is not an oversight.
Controls implemented; observation period begins post-first-pilot. Audit log retention configured per SOC 2 CC2.1.
Data subject access and deletion flows wired to soft-delete + audit-log infrastructure. EU data residency available on request via EU-region Vercel + Railway.
Riyadh-region data residency available on request. Cross-border transfer notice included in the standard data-processing addendum.
Controls mapped. Certification will follow SOC 2 Type II observation period.
Restricted Gmail scopes (gmail.send, gmail.readonly) requiring CASA Tier 2 assessment ($25k + 6–12 weeks) are intentionally dropped from default OAuth scope list. Email-send for Gulf customers is provided through the Microsoft Outlook integration. Re-enabling Gmail is a one-line scope-list change once revenue justifies the assessment.
2. Security Controls
Each control below is implemented in production and verified by automated tests in CI. Numbers in parentheses refer to internal spec IDs available on request.
Every authenticated query is automatically scoped to the user's organizationId via a centralized getOrgFilter helper. Defense-in-depth: cross-org leak tests pinned in CI for every entity model.
Every e-signature event is cryptographically anchored to the prior event in the deal's signature chain. Tampering with one event invalidates every subsequent signature.
All entities support deletedAt soft delete. CI enforces that every multi-table join filters on deletedAt IS NULL for the parent entity. Restoration available within retention window.
bcrypt cost 12. Owner-initiated admin unlock flow for locked accounts; rate-limited per IP + per account. No raw passwords stored anywhere.
Refresh tokens (Google, Microsoft) stored encrypted at rest via AES-256-GCM with key in environment scope. Rotated keys are version-stamped per row.
Worker ↔ app and harvester ↔ app traffic authenticated via per-environment INTERNAL_WORKER_SECRET bearer tokens. Inbound to the harvester uses a separate X-Harvester-Secret with constant-time compare.
Agents are owned by their creator's organization. The agent-execute path loads the calling user through a centralized loadAuthUserFromDb so scoping enforcement is identical between bearer-token (mobile/watch/harvester) and NextAuth-session (web) paths.
Per-organization daily AI spend caps with automatic model downgrade on approach. Every untrusted input (uploaded docs, scraped content) is sanitized through an injection-resistance step before reaching agent prompts. Output is policy-checked against a deny list.
3. Audit Trail & Retention
Written for every authenticated mutation across the platform.
Configurable per organization. Default: 7 years. Minimum 30 days; cannot be reduced below 30.
Owner role can export org-scoped audit log as JSONL or CSV at any time. Available via Settings → Compliance → Export.
Hash-chain anchoring on the e-signature audit chain ensures signature events cannot be silently modified. Other audit rows include an append-only id sequence enforced at the database layer.
4. Encryption & Key Management
TLS 1.2+ everywhere. HTTPS required on every public endpoint. Internal service-to-service uses TLS via Railway private networking and Vercel edge.
Postgres encrypted at rest by Railway (AES-256). Database backups (logical pg_dump) encrypted in transit to AWS S3 and at rest with SSE-S3.
Refresh tokens stored encrypted via AES-256-GCM with environment-scope key. Versioned key column per row so future key rotation can re-encrypt without re-prompting users.
bcrypt cost 12, stored alongside per-user random salts. Cannot be recovered, only reset.
5. Incident Response
The lifecycle of any production incident, from automatic detection to public post-mortem.
Sentry (browser + Node + Python tiers) alerts on uncaught exceptions and error-rate threshold breaches. Prometheus metrics middleware exposes per-route latency + error-rate. Real-time uptime monitoring at status.meridianai.fyi.
Initial acknowledgement within 1 hour during business hours, 4 hours overnight. Severity classified per the standard runbook (Critical / High / Medium / Low) with examples documented in docs/ops/incident-runbook.md.
Root-cause analysis with structured logs (Pino, JSON) across the request context. Per-request audit log row consulted alongside Sentry trace.
Hot-fixes shipped through the same CI pipeline as routine changes (no production-direct edits). Rollback via Vercel revert + Railway redeploy.
Affected customers notified within 4 hours of confirmed material impact. Post-mortem published to status.meridianai.fyi within 5 business days for any incident with customer impact greater than 5 minutes.
6. Operational Facts
United States (Vercel global edge for static + edge functions; Railway us-east for stateful tiers).
EU (Frankfurt) and Saudi Arabia (Riyadh) available for customer-specific data-residency requirements.
Nightly logical pg_dump to AWS S3. Verification fixture in every backup so partial corruption fails the next restore-test cron. Quarterly retention.
RPO: 24 hours (worst case — last successful nightly backup). RTO: 4 hours (worst case — full restore from latest pg_dump + redeploy from main).
security@meridianai.fyi. We respond within 24 hours. We do not take legal action against good-faith security researchers following standard disclosure practices.
Annual external pen-test post-pilot. First pen-test scheduled within 60 days of first paid customer onboarding.
7. Data Sources & Freshness
Meridian draws on a mix of live external feeds, hand-curated reference data, and subscription sources. We label each so you know what is real-time, what is periodically verified, and what is not yet connected. Meridian never fabricates: when a source is unavailable, the result is an explicit “unverified” flag for human review, not an invented answer.
SEC EDGAR full-text filings, OFAC SDN (refreshed nightly), OpenSanctions (200+ global lists), CourtListener litigation, and OpenOwnership beneficial ownership are queried live against the upstream sources at enrichment time.
GDELT global news/events is queried live across English, Arabic, and 100+ languages. Adverse-media, funding, and M&A signals are classified per run with source URLs retained for citation.
Saudi government tenders (Etimad), Saudi Press Agency + Emirates News Agency (WAM) wires, MISA filings, and the Bahrain commercial registry are crawled by a self-hosted harvester service and surfaced inside contact briefings. Active whenever the harvester is provisioned for the deployment; when it is not, no placeholder data is shown.
Listed-company board directories and free-zone registries are a hand-curated, counsel-reviewed reference covering the top issuers by market capitalization — NOT a live registry query. Every record carries an as-of / last-verified date that the agent is required to cite, and a no-match is flagged for human/counsel verification rather than guessed. Live registry scraping is on the roadmap.
LinkedIn profiles (ProxyCurl), EN+AR news (Newscatcher), company data (Crunchbase), and MENA venture data (Magnitt) activate per-organization when an API key is provisioned. Until a key is configured these sources are skipped — never simulated.
Enterprise market-data terminals require vendor contracts and are not yet integrated. They appear as 'Coming Soon' in Settings → Integrations.
8. Sub-Processors & Data Flow
The full list of third-party service providers that process customer data is maintained on a dedicated page and updated when vendors change. Material changes are announced 30 days in advance per the standard Data Processing Addendum.
View the Sub-Processors page →9. How to Reach Us
For vulnerability reports, security questionnaires, or pen-test coordination. We respond within 24 hours.
For GDPR / Saudi PDPL subject-access or deletion requests. We respond within 30 days.
For DPA negotiation, BAA inquiries, or standard contract clause questions.
Print-ready single-page overview of the platform's capabilities, suitable for sharing.