Last Updated: June 2026
This Privacy Policy describes how Mera Labs B.V. ("Mera," "Mera News," "we," "us," or "our") processes personal data in connection with the Mera News mobile application and related services.
Mera News is owned and operated by Mera Labs B.V. a company registered in the Netherlands. Mera Labs B.V. is the legal entity responsible for the service and acts as the data controller for personal data processed under this policy.
This policy is intended to explain the service's data-processing model in precise terms. Technical mechanisms such as on-device processing, confidential computing, encryption, and data minimization are described because they determine what data is processed, where processing occurs, and which parties can access it.
The data controller for personal data processed under this policy is:
Mera Labs B.V.
Location: Netherlands
Website: mera.news
Privacy contact: privacy@mera.news
Data Protection Officer: dpo@mera.news
Security contact: security@mera.news
General support: support@mera.news
This policy is prepared with reference to the General Data Protection Regulation (EU GDPR), the Dutch Implementation Act (Uitvoeringswet AVG), and applicable EU privacy rules.
Mera News separates user data into two principal categories:
The service is designed so that user facts remain on the user's device at rest. User topics are transmitted to Mera-controlled infrastructure each time the user requests news and are used to retrieve candidate news items. User topics may be transiently cached while a request is processed, but they are never persistently stored. Topic retrieval is stateless and idempotent: the server does not retain a record of which topics a user requested.
AI processing is performed in one of two ways, chosen by the user (subject to device support):
User facts, user topics, reading history, and generated suggestions are all stored on the user's device, and Mera has no access to them. Mera's servers do not store user facts, user topics, generated suggestions, reading history, notification decisions, or inference outputs.
Mera News may collect and store:
Purpose: account authentication, service access, billing, fraud prevention, and service-related communication.
Retention: until account deletion, except where legal retention obligations apply.
Mera News may collect and store:
Purpose: delivery of notifications, selection of the appropriate processing path, technical support, security, and service reliability.
Mera News does not collect device location, contacts, photos, files, or a list of installed applications.
User facts may include:
User facts are stored on the user's device at rest. They are not stored on Mera servers. Where Private Cloud Compute is used, relevant payloads are encrypted on the device before transmission and decrypted and processed only inside the secured isolated environment described in this policy.
User topics are generic topic strings derived from user facts. Examples include:
User topics are stored on the user's device, together with user facts, reading history, and generated suggestions, and Mera has no access to this stored data. User topics are transmitted to Mera-controlled infrastructure each time the user requests news. While a request is processed, they may be transiently cached (for example, in MongoDB or in memory), but they are never persistently stored. The server is stateless and idempotent with respect to user topics and does not retain a record of which topics a user requested.
Purpose: retrieval of candidate news items that may be relevant to the user.
Design objective: user topics are intended to be broad search strings rather than detailed personal profiles. They are not intended to identify a specific individual.
Mera News may collect:
Mera News does not collect:
Retention: request timestamps are deleted after 90 days. Crash logs are deleted after 30 days unless a shorter retention period is technically required or a longer period is necessary for security investigation.
The following processing occurs on the user's device:
Mera News converts user facts into user topics either on-device or through NEAR AI Private Cloud Compute.
The purpose of this step is to convert detailed local context into broader search terms. User topics are transmitted to Mera servers over encrypted connections each time the user requests news and are used for candidate retrieval. They may be transiently cached while a request is processed, but they are never persistently stored. This processing is stateless and idempotent: the server does not retain a record of which topics a user requested.
Mera infrastructure uses user topics to retrieve candidate news items. Google Cloud Platform may be used for news sourcing, indexing, candidate generation, and delivery infrastructure.
GCP is used for the news-processing pipeline. User facts are not processed on GCP.
Mera News uses AI for topic generation, relevance scoring, and suggestion generation. The user can choose between two inference paths:
Mera does not use user data to train, fine-tune, or improve AI models. Mera does not send personal data to general-purpose AI platforms such as OpenAI, Google, or Anthropic for inference.
For users on the Private Cloud Compute path, silent push notifications may trigger periodic background processing. The device prepares an encrypted payload and sends it to the Private Cloud Compute environment, where it is decrypted and processed inside a secured isolated environment. The device then determines which news, if any, should be surfaced.
For users on the local LLM path, processing occurs when the user opens the app or otherwise initiates relevant app activity. No server-side background inference is performed for user facts.
Suggestions and notification decisions are generated and stored on the device. Mera servers do not retain generated suggestions, notification decisions, or reasoning about why a particular article was relevant to a user.
Mera News processes data for the following purposes:
Where paid services are introduced or used, account and payment-related information may be processed for billing, subscription management, tax compliance, and financial recordkeeping.
Mera News may use aggregated or anonymized analytics to assess system performance, crash rates, source quality, and broad product reliability.
Mera News does not use analytics to identify individual users or build behavioral advertising profiles.
Under GDPR Article 6, Mera News processes personal data on the following legal bases:
Where processing is based on consent, the user may withdraw consent at any time. Withdrawal does not affect processing that occurred before withdrawal.
Mera servers do not store:
Mera News uses third-party service providers only for specific functions described below.
Providers: Stripe and/or PayPal
Data shared: email address, payment amount, subscription status, and transaction information required for payment processing
Purpose: payment processing, subscription management, fraud prevention, and financial recordkeeping
Policies: Stripe Privacy Policy | PayPal Privacy Policy
Provider: NEAR AI
Function: Private Cloud Compute inference for users who do not use the local LLM
Data shared: encrypted inference payloads and limited network metadata required to deliver the service
Purpose: decrypting and processing encrypted requests only inside an attested, secured isolated environment and returning encrypted results to the user's device, such that user input and LLM output are not accessible to anyone except the user
Policy: NEAR AI Privacy Policy
Mera does not intentionally provide plaintext user facts, reading history, notification decisions, or generated suggestions to NEAR AI.
Provider: Google Cloud Platform
Function: news sourcing, indexing, candidate generation, and delivery infrastructure
Data processed: news data and service infrastructure data
Data not processed: user facts, user topics, or inference payloads
Providers: Apple Push Notification Service and Firebase Cloud Messaging
Data shared: device token and notification-delivery metadata
Purpose: delivery of silent push notifications or service notifications
Data not shared: article content, user facts, user interests, notification reasoning, or generated suggestions
When the user opens an article, Mera News may direct the user to the publisher's website in an in-app web view or external browser.
The publisher controls the article page and surrounding website experience. The publisher's own terms, privacy policy, cookie practices, advertising systems, subscriptions, paywalls, and account requirements apply. Mera News does not control or receive data about the user's activity on the publisher's website.
Mera News uses AI to support:
Mera News does not use AI to make decisions that produce legal or similarly significant effects on users within the meaning of GDPR Article 22.
Users may contact privacy@mera.news to request information about AI-related processing or to object where applicable under GDPR.
Mera News applies technical and organizational measures intended to protect data against unauthorized access, loss, misuse, alteration, and disclosure.
These measures include:
No transmission or storage method can provide absolute security. If a security incident creates a notification obligation under GDPR Articles 33 or 34, Mera News will notify the competent supervisory authority and affected individuals where required.
| Data Type | Storage Location | Retention Period |
|---|---|---|
| Email address | Mera servers | Until account deletion |
| Password hash | Mera servers | Until account deletion |
| Billing records | Mera servers / payment processors | 7 years where required by Dutch law |
| Anonymous user topics | Transiently cached on Mera-controlled infrastructure during a request; never persistently stored | Not retained; discarded after the request |
| Request timestamps | Mera servers | 90 days |
| Crash logs | Mera servers | 30 days |
| User facts | User device | Until app uninstall, local data deletion, or account-related deletion flow where supported |
| User topics (device copy) | User device | Until app uninstall, local data deletion, or account-related deletion flow where supported |
| Suggestions | User device | Until app uninstall, local data deletion, or account-related deletion flow where supported |
| Reading history | User device | Until app uninstall, local data deletion, or account-related deletion flow where supported |
| Private Cloud Compute inference data | Not retained by Mera; decrypted and processed only in a secured isolated environment | Discarded after processing |
Mera News is operated from the Netherlands and is subject to EU data-protection law.
Primary storage for account data is intended to occur in EU data centers. User topics are processed transiently for candidate retrieval and are not persistently stored. Payment processors and other service providers may process data outside the European Economic Area where necessary. In such cases, appropriate safeguards, including standard contractual clauses where applicable, are used.
For Private Cloud Compute, encrypted payloads may be transmitted to NEAR AI infrastructure. Because payloads are encrypted on the device before transmission and are decrypted and processed only inside a secured isolated environment, Mera servers do not receive plaintext user facts through this processing path.
Mera News is primarily a mobile application.
The mobile application does not use browser cookies for ordinary app functionality. Local storage is used to store user facts, user topics, preferences, reading history, generated suggestions, session information, and local article state on the user's device.
The website at mera.news may use:
Mera News does not use advertising cookies, social media tracking pixels, or third-party marketing cookies.
Users can manage cookies through browser settings. Disabling essential cookies may affect website functionality.
If legally required by valid legal process, Mera News may provide data that it controls, such as:
Mera News cannot provide data it does not possess, including:
Where legally permitted, Mera News will notify affected users of legal requests. Mera News may challenge requests that appear overbroad, unlawful, or inconsistent with applicable legal standards.
Users have the following rights under GDPR and applicable Dutch law, subject to statutory conditions and limitations.
Users may request a copy of personal data processed by Mera News. This may include account information, subscription status, and request timestamps.
Mera News cannot provide user facts, reading history, generated suggestions, or a record of requested user topics, as these either exist only on the user's device or are not stored by Mera.
Users may request correction of inaccurate personal data. Certain data may be corrected directly in app settings.
Users may request deletion of their account and associated personal data. Upon valid request, Mera News will delete:
Billing records may be retained for the legally required period.
Users may request export of their personal data in a structured, commonly used, machine-readable format, where applicable.
Users may request that Mera News restrict processing in circumstances provided by GDPR.
Users may object to processing based on legitimate interests. Mera News will assess the objection in accordance with GDPR.
Users have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. Mera News does not perform such decision-making.
Where processing is based on consent, users may withdraw consent at any time.
Users may lodge a complaint with a supervisory authority. In the Netherlands, the competent authority is the Dutch Data Protection Authority:
Authority: Autoriteit Persoonsgegevens
Website: https://autoriteitpersoonsgegevens.nl
Telephone: +31 (0)70 888 8500
Address: Autoriteit Persoonsgegevens, Postbus 93374, 2509 AJ Den Haag, Netherlands
To exercise rights, contact privacy@mera.news.
Mera News will respond within 30 days where required by GDPR. In complex cases or where multiple requests are received, this period may be extended by up to two additional months. If an extension is required, Mera News will inform the user within the initial 30-day period.
Mera News may request identity verification before processing a rights request. A fee may be charged only where permitted by GDPR, such as for manifestly unfounded or excessive requests.
Mera News is not directed to individuals under 16 years of age. Mera News does not knowingly collect personal data from children under 16.
If Mera News becomes aware that a child under 16 has provided personal data, reasonable steps will be taken to delete that data. Concerns may be sent to privacy@mera.news.
If Mera Labs B.V. is involved in a merger, acquisition, reorganization, sale of assets, or other business transfer, account data and operational records may be transferred as part of that transaction. Because user topics are not persistently stored, they are not part of any such transfer.
Mera News will provide notice where required by law. User facts stored only on user devices are not part of server-side business-transfer records unless separately provided by the user or otherwise processed in a manner described in an updated policy.
Mera News may update this Privacy Policy to reflect changes in the service, data-processing practices, legal requirements, or technical implementation.
Material changes will be communicated through one or more appropriate channels, such as email, in-app notice, or notice on the website. The updated policy will apply from the date stated in the updated version.
Users who do not agree with an updated policy may stop using the service and request account deletion.
For privacy questions or data-rights requests:
Email: privacy@mera.news
For data-protection matters:
Data Protection Officer: dpo@mera.news
For security reports:
Email: security@mera.news
For general support:
Email: support@mera.news
Operator: Mera Labs B.V.
Location: Netherlands