MELTY IDENTITY PRIVACY NOTICE
This notice is intentionally narrow. Melty Identity v1 is built around data minimization, storage limitation, and an explicit refusal to collect more profile data than the platform actually needs.
What Melty stores
Verified email from the identity provider.
A unique username selected during signup.
An optional profile photo URL if the user adds one on the account page.
Closed alpha or beta testing signup requests when an account holder asks for project access.
18+ attestation timestamp plus the current terms and privacy policy versions.
Provider user id, minimal status markers, and optional TOTP MFA factor metadata if the user enables authenticator-app MFA.
What Melty does not store
No local password record, phone number, date of birth, government id, or payment card data in v1.
No first name or last name is required for the Melty-side profile.
No public profile directory or bio.
No separate local user database for identity records in v1.
How data is used
To authenticate access to future account-backed features.
To manage closed testing interest, invite decisions, and later alpha or beta access for upcoming projects.
To prevent private or internal project surfaces from being exposed unintentionally.
To respect privacy requests such as export and deletion.
Jurisdiction posture
Melty Identity is privacy-first and US-first at launch.
Expansion into stricter jurisdictions should happen only after a specific legal review instead of making blanket compliance claims.
This notice is product copy, not legal advice.