Privacy Policy

Meridion Health ("we", "our", "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website https://www.meridion-health.com/ or contact us directly.

Meridion Health is registered in England. Our registered address is 35 Hamilton Road, NW11 9EH, London, England, United Kingdom. You can contact us by telephone at +447466425805 or by visiting our website.

We process personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation — GDPR) and the UK GDPR as retained in domestic law by the Data Protection Act 2018.

The data controller responsible for your personal data is:

Meridion Health 35 Hamilton Road, NW11 9EH London, England United Kingdom Telephone: +447466425805 Website: https://www.meridion-health.com/

We may collect and process the following categories of personal data:

• Identity data: name, job title, professional role. • Contact data: email address, telephone number, postal address. • Communications data: messages and enquiries sent to us via WhatsApp, email or contact forms. • Technical data: IP address, browser type and version, time zone, browser plug-in types, operating system, and platform. • Usage data: information about how you use our website.

We do not intentionally collect any Special Categories of personal data (such as health, racial or ethnic origin, religious beliefs, or biometric data) unless you voluntarily provide such information and give explicit consent.

We collect personal data through:

• Direct interactions: when you contact us via WhatsApp, email, or any other communication channel. • Automated technologies: cookies, server logs, and similar technologies when you browse our website. • Third parties: publicly available sources, social media platforms, and referral partners.

We process your personal data on the following legal bases under Article 6 GDPR:

• Consent (Art. 6(1)(a)): where you have given clear consent for us to process your data for a specific purpose (e.g., marketing communications). • Contract (Art. 6(1)(b)): where processing is necessary for the performance of a contract or to take steps at your request prior to entering into a contract. • Legitimate interests (Art. 6(1)(f)): where processing is necessary for our legitimate business interests, such as improving our services, provided these interests are not overridden by your rights and interests. • Legal obligation (Art. 6(1)(c)): where we are required to process your data to comply with a legal obligation.

We use your personal data to:

• Respond to your enquiries and provide our services. • Manage our business relationship with you. • Send you marketing communications where you have consented or we have a legitimate interest to do so. • Improve and optimise our website and services. • Comply with applicable legal and regulatory obligations. • Protect our legitimate business interests.

Our website uses cookies to distinguish you from other users and to improve your browsing experience. Cookies are small data files placed on your device.

We use the following types of cookies: • Strictly necessary cookies: essential for the website to function. • Analytical/performance cookies: allow us to recognise and count visitors and see how they navigate our website. • Functionality cookies: used to recognise you when you return to our website. • Targeting cookies: record your visit and the pages you have visited to deliver more relevant advertising.

You can control and/or delete cookies at any time through your browser settings. Please note that disabling cookies may affect the functionality of our website.

We may share your personal data with:

• Service providers acting as data processors who provide IT, system administration, and marketing services. • Professional advisers including lawyers, auditors, and insurers. • Regulatory authorities, courts, and law enforcement agencies where required by law.

Where we transfer your data outside the United Kingdom or the European Economic Area (EEA), we ensure an adequate level of protection is in place, using mechanisms such as Standard Contractual Clauses approved by the European Commission, adequacy decisions, or binding corporate rules.

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, regulatory, accounting, or reporting requirements.

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process it, and whether we can achieve those purposes through other means, as well as applicable legal obligations.

In general, we retain contact and communications data for up to 3 years from the date of last contact.

Under the GDPR and UK GDPR, you have the following rights in relation to your personal data:

• Right of access (Art. 15): to request a copy of the personal data we hold about you. • Right to rectification (Art. 16): to request correction of inaccurate or incomplete data. • Right to erasure (Art. 17): to request deletion of your personal data in certain circumstances. • Right to restriction of processing (Art. 18): to request that we restrict processing of your data. • Right to data portability (Art. 20): to receive your data in a structured, commonly used, machine-readable format. • Right to object (Art. 21): to object to processing based on legitimate interests or for direct marketing. • Rights related to automated decision-making (Art. 22): not to be subject to a decision based solely on automated processing that produces legal or significant effects. • Right to withdraw consent: where processing is based on consent, to withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact us at the details provided in Section 2. We will respond within one month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at https://ico.org.uk or with the data protection authority in your country of residence within the EU.

We implement appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These include access controls, encryption in transit, and regular security assessments.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

Our website may contain links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to read the privacy policy of every website you visit.

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. Where changes are material, we will provide a more prominent notice. We encourage you to review this policy periodically.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Meridion Health 35 Hamilton Road, NW11 9EH London, England, United Kingdom Telephone: +447466425805 Website: https://www.meridion-health.com/