Plain language, short on purpose. This policy covers what this website collects and what we do with it. Client-project data is governed separately by the Data Processing Agreement we sign per engagement.
Meridianstacks ("we") is a software development team anchored by engineering hubs in Lagos, Nairobi and Johannesburg, serving clients in the UK, Ireland, Canada, the UAE and the Nordics. Contact for anything in this policy: [email protected].
Form submissions are stored in a database on our web-hosting server and are accessible only to authorised Meridianstacks staff (via an authenticated dashboard and API). We keep enquiry and booking data for up to 24 months after last contact, then delete it — sooner on request. We do not sell or rent personal data, ever.
We are transparent about geography everywhere on this site, including here: our team works from hubs in Nigeria, Kenya and South Africa, none of which currently holds a UK or EU adequacy decision. Where we process personal data of UK/EEA individuals beyond this website's enquiry forms, we put the appropriate safeguards in place — the UK IDTA or EU Standard Contractual Clauses, plus the commitments in our DPA. For UAE clients we align with the PDPL; for Canadian clients, PIPEDA.
Depending on your jurisdiction, you can ask us to access, correct, export or delete your personal data, to restrict or object to processing, and to withdraw consent where consent is the basis. Email [email protected] — we respond within one month. UK/EEA individuals may also complain to their supervisory authority (for the UK, the ICO).
If this policy changes materially, the "last reviewed" date above changes with it, and significant changes will be noted on the legal index.