MeridianRoles
Fewer roles. Better fit.
Legal

Privacy Policy

Last updated: 1 June 2026

MeridianRoles (“we”, “our”, “us”) is committed to protecting your personal data. This Privacy Policy explains what we collect, why, and how you can control it.

1. What We Collect

Account data: Email address, name, and password (stored as a hash via Supabase Auth).

Profile data: Standard CV, Macro CV, Biography Statement, and the structured data parsed from them. This is the core matching signal used by the Service.

Search configuration: Your industry, geography, seniority, company preferences, and watchlist companies.

Usage data: Match history, document generation events, digest open/click data, and feature interactions.

Payment data: Stripe customer ID and subscription status. We do not store card numbers or billing addresses.

2. How We Use Your Data

We use your data solely to provide the Service: to score job listings against your profile, generate tailored documents, and deliver curated digests. We do not sell your data to any third party, including employers, recruiters, or data brokers.

We use Anthropic’s Claude API to process your profile data for job matching and document generation. Anthropic’s commercial API does not use customer data for model training.

3. Data Retention

We retain your data for as long as your account is active. You may request deletion of your account and all associated data at any time via Settings or by emailing privacy@meridianroles.com. Deletion is completed within 30 days.

Generated documents are stored for 12 months. Stripe payment records are retained as required by financial regulations.

4. Your Rights (GDPR)

If you are in the EEA, UK, or Switzerland, you have the right to access, correct, export, restrict processing of, or delete your personal data. To exercise these rights, contact privacy@meridianroles.com. We will respond within 30 days.

5. Cookies

We use strictly necessary cookies for authentication (Supabase session). We do not use advertising cookies or third-party tracking pixels. Analytics (if any) use privacy-respecting tools with IP anonymisation.

6. Third-Party Services

We share data with the following processors only to the extent required to provide the Service: Supabase (database and storage), Anthropic (AI processing), Stripe (payments), Resend (email delivery), Adzuna/Fantastic.jobs (job data). Each processor is bound by a Data Processing Agreement.

7. Security

Data is encrypted at rest (AES-256) and in transit (TLS 1.3). Row-level security is enforced at the database layer. See our Security page for full details.

8. Changes

We will notify active subscribers by email of material changes to this Policy at least 14 days before they take effect.

9. Contact

Data controller: MeridianRoles Ltd. Privacy questions: contact form or privacy@meridianroles.com.