MeanderMeander

Privacy Policy

Last updated: September 19, 2025

Scope

This policy describes how Meander ("we", "us") collects and uses personal information when you visit meanderhq.com (the site) and when you use our products and services (the app).

We honor “Do Not Sell or Share” preferences as defined by applicable laws and make best efforts to respect the Global Privacy Control (GPC) signal. When GPC is detected, non‑essential cookies are off by default.

What we collect

Site: IP address, device and browser metadata, pages visited, referring URLs, and cookie identifiers. If you contact us, we collect the information you provide (e.g., name, email).

App: account profile, authentication information, usage telemetry, and content you provide for processing. We avoid collecting sensitive personal information unless necessary for the service.

CPRA categories we may collect: identifiers, internet or network activity, commercial information, professional information, and in some cases geolocation (coarse). We do not knowingly collect protected classifications unless explicitly provided for service delivery.

Purposes & lawful bases

Purposes: to operate and secure the site and app; provide and improve services; process transactions; communicate about updates; and comply with legal obligations.

GDPR lawful bases (for EEA/UK users): performance of a contract (to deliver the app); legitimate interests (to secure and improve our services and prevent fraud); consent (for analytics/marketing cookies and communications where required); and legal obligation (where applicable).

Data retention

We retain personal data only as long as necessary for the purposes described and to meet legal/accounting requirements. Unless otherwise required, typical retention is approximately 30 days for logs and telemetry, and as long as your account remains active for app content.

Sharing & subprocessors

We share information with service providers who help us operate the site and app (e.g., hosting, error monitoring). We require appropriate safeguards and do not sell personal information.

Core subprocessors include reputable cloud hosting and monitoring providers (e.g., AWS for hosting, Sentry for error monitoring). For the current list, contact us at cmannion@meanderhq.com.

International transfers

Where applicable, we rely on Standard Contractual Clauses (SCCs) and the UK IDTA for cross‑border transfers, along with technical and organizational measures.

Your rights

Subject to your location, you may have rights to access, delete, correct, or port your personal information, and to object or restrict certain processing. You may also withdraw consent at any time for non‑essential cookies.

To exercise these rights, contact us at cmannion@meanderhq.com.

Security overview

We implement defense‑in‑depth controls, including access controls, encryption in transit and at rest where applicable, auditing/logging, and regular backups.

Changes

We may update this policy to reflect changes to our practices. We will post updates here with an updated date.

Contact

Meander

Website: meanderhq.com

Email: cmannion@meanderhq.com