Legal

Information we collect

This website is a static informational site. We do not operate user accounts, collect payment information, or run persistent user sessions. We may collect the following categories of information:

• Contact inquiries. If you submit an enterprise inquiry via the contact form, we collect your name, email address, and the message you provide. This information is used solely to respond to your inquiry.
• Usage data. We may collect anonymised technical data (browser type, referring URL, pages visited, approximate geographic region) through privacy-respecting analytics. We do not use cookies that track individuals across sites.
• Server logs. Our hosting infrastructure may retain standard server access logs for up to 30 days for security and operational purposes.

How we use your information

We use information we collect to:

• Respond to enterprise inquiries and evaluate potential engagements.
• Understand aggregate website usage to improve our content.
• Detect and prevent abuse, fraud, or security threats.
• Comply with applicable legal obligations.

We do not sell, rent, or share personal information with third parties for their marketing purposes. We do not use personal information to serve behavioural advertising.

Data retention

Contact inquiry data is retained for as long as necessary to manage the relevant business relationship, and then deleted or anonymised. We review retention periodically and align practices to applicable law, including the Korean Personal Information Protection Act (PIPA) and, where applicable, the GDPR.

Your rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or port personal information we hold about you, and to object to or restrict certain processing. To exercise any of these rights, contact us at the address below. We will respond within 30 days.

International transfers

Meredic is incorporated in South Korea. If you are located in the European Economic Area or United Kingdom, please be aware that any personal information you provide may be transferred to and processed in South Korea, which may have different data protection laws than your jurisdiction.

Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be indicated by an updated effective date at the top of this page. Continued use of the website after changes are posted constitutes acceptance of the revised policy.

Use of the website

You may access and use this website for lawful, informational purposes only. You agree not to:

• Attempt to gain unauthorised access to any part of the website or its underlying infrastructure.
• Scrape, crawl, or systematically extract content in a manner that disrupts the operation of the website or places unreasonable load on our servers.
• Reproduce, republish, or distribute Meredic's proprietary content (including research papers, technical specifications, and marketing copy) without prior written consent.
• Use the website to transmit malware, spam, or any harmful code.

Intellectual property

All content on this website — including but not limited to text, architecture descriptions, benchmark data, branding, and design — is the proprietary intellectual property of Meredic Research, Inc. or its licensors, and is protected by applicable intellectual property laws.

Research publications listed on this website are subject to the licence terms stated in the individual publication. Where no licence is stated, all rights are reserved.

Disclaimer of warranties

This website and its content are provided "as is" and "as available" without warranty of any kind, express or implied, including without limitation any implied warranty of merchantability, fitness for a particular purpose, or non-infringement.

Meredic does not warrant that the website will be uninterrupted, error-free, or free of viruses or other harmful components. Technical specifications and performance figures stated on the website reflect conditions at time of publication and may change.

Limitation of liability

To the fullest extent permitted by applicable law, Meredic and its officers, directors, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising out of your access to or use of (or inability to access or use) this website or its content.

Third-party links

This website contains links to third-party websites, including Latent Research (latnt.xyz). These links are provided for convenience only. Meredic does not control, endorse, or assume responsibility for the content, privacy practices, or availability of any third-party website.

Governing law

These Terms of Service are governed by and construed in accordance with the laws of the Republic of Korea, without regard to its conflict of law provisions. Any dispute arising in connection with these terms shall be subject to the exclusive jurisdiction of the courts located in Hwaseong, Gyeonggi-do, South Korea.

Changes to these terms

We reserve the right to modify these Terms of Service at any time. Updated terms will be posted on this page with a revised effective date. Your continued use of the website following such changes constitutes acceptance of the updated terms.

Scope

This policy applies to security vulnerabilities affecting:

• The meredic.com website and any subdomains.
• Publicly exposed APIs or endpoints operated by Meredic.
• Configuration or infrastructure issues that expose non-public data.

This policy does not apply to vulnerabilities in third-party services we use, or to defects in Meredic products deployed within a customer's private infrastructure — those should be reported through your enterprise support channel.

How to report

Send a written description of the vulnerability to security@meredic.com. Encrypt your report using our PGP key (available on request) if the details are sensitive. Include:

• A clear description of the issue and its potential impact.
• Steps to reproduce, including URLs, payloads, or proof-of-concept code where relevant.
• Your name or handle, and whether you wish to be credited if we publish an advisory.

Our commitments

In exchange for responsible disclosure, Meredic commits to:

• Acknowledge receipt of your report within two business days.
• Provide an initial assessment of severity and planned remediation within ten business days.
• Keep you informed of progress and notify you when the issue is resolved.
• Not pursue legal action against researchers who act in good faith and comply with this policy.
• Credit researchers (with their consent) in any public advisory we issue.

Responsible research guidelines

We ask researchers to:

• Avoid accessing, modifying, or deleting data beyond what is necessary to demonstrate the vulnerability.
• Not perform denial-of-service testing or automated high-volume scanning.
• Not disclose the vulnerability publicly until we have had a reasonable opportunity to remediate it (typically 90 days from acknowledgement, extendable by mutual agreement).
• Not use the vulnerability for personal gain or to access customer data.

Bug bounty

Meredic does not currently operate a formal bug bounty programme with monetary rewards. We may offer recognition and acknowledgement for significant findings at our discretion. We are evaluating a formal programme and will update this policy if one is introduced.