Privacy Policy

This Privacy Policy explains how MERIDIAN collects, uses, stores, and protects your personal data when you visit our store, place an order, or contact us. We are committed to handling your data lawfully, fairly, and transparently in accordance with the EU General Data Protection Regulation (GDPR) and applicable Danish data-protection law. Please read it alongside our Terms and Conditions.

Who we are (data controller)

The data controller responsible for your personal data is:

• Company: [Your registered company name]
• Address: [Your registered address — Aalborg, Denmark]
• VAT number: [Your VAT / CVR number]
• Email: support@meridian-supplements.com

If you have any questions about this policy or about how we process your data, please contact us using the details above.

What personal data we collect

We collect only the data we need to fulfil your order, provide support, and operate our store. Depending on how you interact with us, this may include:

• Order and shipping details — your name, postal/shipping address, country, and the items you order, so we can ship your products and meet our legal record-keeping obligations.
• Contact details — your email address, used to send order confirmations and transactional updates and to respond to your enquiries.
• Support messages — the content of any messages you send us by email, including any information you choose to provide.
• Technical data — limited information generated automatically when you use the site (such as IP address and basic request logs) that is necessary to deliver the website securely and prevent abuse.

What we do NOT collect or store

We want to be clear about payment data:

• We do not store card data — in fact, we do not accept card or PayPal payments at all.
• Our store currently accepts cryptocurrency only (Bitcoin, Ethereum, USDT, Monero and 300+ coins), processed through our payment processor NOWPayments. You pay a crypto invoice, and your order is confirmed once the payment is confirmed on-chain.
• Cryptocurrency payments are pseudonymous: we receive confirmation that an invoice has been paid, but we do not collect or hold your wallet credentials, private keys, or banking information. We do not build a financial profile of you from your payment method.

Lawful bases for processing

We process your personal data only where we have a lawful basis to do so under Article 6 of the GDPR:

• Performance of a contract — to process and ship your order, confirm payment, and provide customer support relating to your purchase.
• Legal obligation — to retain transaction and accounting records as required by Danish bookkeeping and tax law.
• Legitimate interests — to keep our website and orders secure, prevent fraud and abuse, and respond to your enquiries, where these interests are not overridden by your rights.
• Consent — where required, for any non-essential cookies or analytics technologies. You can withdraw consent at any time.

Sub-processors and recipients

We do not sell your personal data. We share it only with service providers who help us run the store, each acting under appropriate data-processing terms:

• Cloudflare — website hosting, content delivery (CDN), and security/abuse protection.
• NOWPayments — cryptocurrency payment processing (handling the crypto invoice and on-chain confirmation).
• Our email provider — sending transactional email such as order confirmations and support replies.

We may also disclose data where required by law or to protect our legal rights.

Cookies and similar technologies

We use essential cookies and similar technologies only to make the site work — for example, to keep your shopping cart and maintain security. These do not require consent because the service cannot function without them.

Any analytics or non-essential technologies are only loaded with your prior consent. You can manage or withdraw your consent at any time, and declining does not affect your ability to shop with us.

Data retention

We keep personal data only for as long as necessary for the purpose it was collected, or as required by law:

• Order and transaction records are retained for the period required by Danish accounting and tax legislation (generally up to five years from the end of the relevant financial year).
• Support correspondence is kept for as long as needed to handle your request and a reasonable period afterwards, then deleted.
• Technical/security logs are retained for a short period and then deleted or anonymised.

When data is no longer needed, we securely delete or anonymise it.

International data transfers

Some of our service providers may process data outside the European Economic Area (EEA). Where this happens, we ensure an appropriate level of protection through recognised safeguards, such as European Commission adequacy decisions or Standard Contractual Clauses, together with additional technical and organisational measures where appropriate. You may contact us for more information about these safeguards.

Your rights

Under the GDPR, you have the following rights in relation to your personal data:

• Access — to obtain confirmation of whether we process your data and a copy of it.
• Rectification — to have inaccurate or incomplete data corrected.
• Erasure — to request deletion of your data where there is no overriding reason to keep it (note: we may need to retain certain records to meet legal obligations).
• Portability — to receive certain data in a structured, commonly used, machine-readable format.
• Restriction — to ask us to limit how we use your data in certain circumstances.
• Objection — to object to processing based on our legitimate interests.

To exercise any of these rights, contact us at support@meridian-supplements.com. We will respond within the timeframes required by law. Where we have relied on your consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

Right to complain

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet), or with the supervisory authority in your country of residence. We would, however, appreciate the chance to address your concerns first — please contact us at support@meridian-supplements.com.

Security measures

We apply appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These include encryption of data in transit (HTTPS/TLS), access controls limiting who can view your data, the use of reputable service providers, and the principle of collecting only the data we genuinely need. No method of transmission or storage is completely secure, but we work continuously to safeguard your information.

Children

Our store and products are intended for adults. Our service is not directed to anyone under the age of 18, and we do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us so we can delete it.

Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised date. We encourage you to review it periodically.

How to contact us

For any privacy questions, requests, or to exercise your rights, contact:

• [Your registered company name]
• [Your registered address — Aalborg, Denmark]
• support@meridian-supplements.com

Disclaimer: Information on this website about our products, including dietary supplements and research-grade peptides, is provided for general and educational purposes only and is not medical advice. Our products are not intended to diagnose, treat, cure, or prevent any disease. Always consult a qualified healthcare professional before using any supplement. Research-grade peptides are sold on the basis that the customer is solely responsible for lawful use in their own jurisdiction.

Last updated: 26 June 2026