LEGAL

Privacy Policy

Meridian Capital Holdings Limited · Last updated: June 2026

This Privacy Policy describes how Meridian Capital Holdings Limited, trading as Meridian International ("we", "us", "our"), collects, uses, stores, and protects personal data submitted through this website (meridianinternational.io) and in the course of providing our sourcing, procurement, quality control, logistics, and advisory services.

By using this website or engaging our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, you should not use this website or submit personal data to us.

1. Who We Are

The data controller responsible for your personal information is:

Meridian Capital Holdings Limited
Hong Kong Business Registration No. 76904892-001-08-25-5
Registered in Hong Kong SAR
Operating address: Guangzhou, People's Republic of China
Contact: george@meridianinternational.io

2. Information We Collect

We collect personal data only where it is necessary to respond to an inquiry or deliver our services. The categories of information we may collect include:

Identity data: your full name, business name, and job title
Contact data: your email address, telephone number, and WhatsApp handle
Business data: information about your product requirements, sourcing parameters, target markets, and order volumes
Transaction data: details of services you have engaged, invoices issued, and payments received
Communications data: records of correspondence between you and Meridian International via email, WhatsApp, or any other channel
Technical data: IP address, browser type, and basic usage data collected automatically when you visit this website

We do not collect sensitive personal data (such as health information, political opinions, or financial account credentials) and do not request such data through this website.

3. How We Collect Your Information

We collect personal data through the following means:

Inquiry forms submitted on this website
Direct email or WhatsApp correspondence
Engagement letters and service agreements signed in the course of an engagement
Payment processing platforms (including Stripe, once operational) which may collect billing and payment data subject to their own privacy policies
Automatic collection via cookies and standard web server logs when you visit this website

4. How We Use Your Information

We use the personal data we collect for the following purposes:

To respond to your inquiry and assess whether your project is a suitable fit for our services
To provide sourcing, quality control, logistics, and advisory services under a formal engagement
To issue invoices, process payments, and maintain accurate financial records
To communicate with you regarding the progress of your order or engagement
To comply with applicable legal obligations, including anti-money laundering requirements and record-keeping obligations under Hong Kong law
To improve the functionality and content of this website based on aggregate usage data

We do not use your personal data for unsolicited marketing, profiling, or any automated decision-making that produces legal or similarly significant effects.

5. Legal Basis for Processing

Where applicable data protection law requires a legal basis for processing, we rely on the following:

Contract performance: processing necessary to fulfil a service engagement you have entered into with us
Legitimate interests: responding to pre-engagement inquiries and maintaining business records, where these interests are not overridden by your rights
Legal obligation: compliance with Hong Kong law, tax obligations, and regulatory requirements
Consent: where you have expressly consented to a specific use of your data, such as receiving project updates via WhatsApp

6. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data to third parties. We may share your data in the following limited circumstances:

Suppliers and freight forwarders: where necessary to fulfil your sourcing or logistics engagement, we will share relevant product specifications and shipping instructions with verified third parties. We share only the minimum information required and do not disclose your personal contact details to suppliers without your knowledge.
Payment processors: Stripe and any other payment platform we operate will process transaction data subject to their own privacy policies and security standards.
Professional advisors: our accountants, legal advisors, and bankers where necessary for compliance and financial reporting purposes.
Law enforcement and regulators: where we are legally required to disclose information by court order, regulatory authority, or applicable law.

Any third party with whom we share your data is required to handle it securely and only for the purpose for which it was shared.

7. International Data Transfers

Meridian International operates across multiple jurisdictions including Hong Kong, mainland China, South Africa, the United Kingdom, the European Union, and other markets. In the course of delivering services, your data may be processed or accessed from these locations. Where data is transferred outside your home jurisdiction, we take reasonable steps to ensure it remains protected to a standard consistent with applicable law.

If you are located in the European Economic Area (EEA) or United Kingdom and your data is transferred internationally, we will do so only where appropriate safeguards are in place, including standard contractual clauses where required.

8. Data Retention

We retain personal data only for as long as is necessary for the purposes set out in this policy, or as required by law. Our standard retention periods are:

Inquiry data (no engagement followed): 12 months from the date of inquiry
Client engagement data: 7 years from the conclusion of the engagement, in accordance with Hong Kong Companies Ordinance and tax record-keeping requirements
Payment and transaction records: 7 years as required by applicable financial and tax law
Website usage data: up to 12 months in aggregate, anonymised form

Upon expiry of the applicable retention period, personal data is securely deleted or anonymised.

9. Your Rights

Depending on your jurisdiction, you may have the following rights in relation to your personal data:

Access: the right to request a copy of the personal data we hold about you
Correction: the right to request correction of inaccurate or incomplete data
Erasure: the right to request deletion of your data, subject to our legal retention obligations
Restriction: the right to request that we limit the processing of your data in certain circumstances
Portability: the right to receive your data in a structured, commonly used format
Objection: the right to object to processing based on legitimate interests
Withdrawal of consent: where processing is based on consent, the right to withdraw that consent at any time without affecting the lawfulness of prior processing

To exercise any of these rights, contact us at george@meridianinternational.io. We will respond within 30 days. We may need to verify your identity before processing your request.

10. Cookies and Website Tracking

This website uses minimal cookies necessary for basic functionality, including session management. We do not currently use third-party advertising or tracking cookies. If this changes, this policy will be updated and a cookie consent mechanism will be implemented. Standard web server logs recording IP addresses and page visits are retained for up to 12 months for security and diagnostic purposes.

11. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These include encrypted email communications, secure cloud storage with access controls, and limited internal access to personal data on a need-to-know basis. While we take reasonable precautions, no method of electronic transmission or storage is entirely secure, and we cannot guarantee absolute security.

12. Third-Party Websites

This website may contain links to third-party websites, including LinkedIn, WhatsApp, and payment platforms. We are not responsible for the privacy practices of those websites and encourage you to review their privacy policies before submitting personal data to them.

13. Children

Our services are directed exclusively at business clients and are not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. The date of the most recent revision is displayed at the top of this page. Your continued use of this website following any update constitutes acceptance of the revised policy. For material changes, we will make reasonable efforts to notify active clients directly.

15. Complaints

If you have a concern about how we have handled your personal data, we ask that you contact us in the first instance so that we may address it directly. If you remain unsatisfied, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.

Privacy enquiries

For any questions regarding this Privacy Policy or our data practices, contact us at george@meridianinternational.io. We aim to respond to all privacy-related enquiries within five business days.