Skip to content

Meridian Privacy Policy

1. Sources and Types of Information Collected

Meridian Institute committed itself to protecting the privacy of the data we collected from you when visiting or using the services we provided through our website, or when you otherwise contacted or interacted with us.

We recognized personal data as any information related to an identified or identifiable individual.

This policy covers information collected through this website, including ‘personal data’ from website visitors, individuals who subscribed to our newsletter, and project participants or partner organizations.  These categories of data subjects included individuals who reside outside the United States in the European Economic Area (EEA).

Please note that Meridian Institute has ceased operations and will be fully closed as of August 31, 2025. In an effort to make our resources available past that date and to honor the legacy of Meridian’s work, we have arranged for this site to remain in place for two years post-closure in a locked state, as of July 2025. Consequently, this policy has been modified to reflect the limited nature of information that is collected. All resources are provided as-is with no warranty or support for accuracy or management.  No personal data will be collected or processed by Meridian Institute after its closing date.

Sources and Types of information we collect:

Information Collected Automatically: There is other information that may be collected automatically by third-parties when you visit this site, through the use of cookies, pixel tags, or similar technologies.

2. Use of Information: Purposes and Legal Basis

The purpose for which Meridian Institute collected and used your personal data varied depending on the type of relationship you had with us: whether you were a project participant, a newsletter subscriber, an employee or fellow, or a vendor.

3. Disclosures to Third Parties

At times, Meridian Institute engaged third party contractors, service providers, and other vendors to help us accomplish the objectives of our organization. There are other circumstances where we were required by law to disclose personal data to third parties such as public bodies or judicial authorities.

We engaged with our contractors, and other third parties for the following services: such as email communications. If the engagement involved the transmission of personal data, we required the service provider to treat that data consistent with this Policy.

Due to the closure of the organization, no future disclosures will be made.

4. International Transfers of Personal Data

If you are located outside the United States and you interacted with Meridian Institute’s website, then your personal data may have been transferred to the United States.

We transferred personal data to the United States whenever you interacted with us. The US has not sought, nor obtained adequacy status from the European Union. The level of protection of your personal data is not deemed equivalent to the one in the EEA, unless the receiving organization is self-certified under the EU-US Privacy Shield. As a not-for-profit organization, we are not eligible to adhere to the EU-US Privacy Shield Principles.

For any project with European clients, we signed standard contractual clauses. When this was not possible, we transferred your personal data based on the derogations in Article 49 GDPR.

As a safeguard, we directly applied the GDPR provisions to your personal data. We did not engage in any onward transfers regarding your data, beyond the access that our processors have to your data, as a principle. We also carefully selected our processors and required that they provide equivalent safeguard mechanisms. After Meridian’s closure, we do not anticipate the transfer of any personal data for former Meridian employees to support their transition to non-Meridian employment.

5. Retention Periods

Meridian Institute retained personal data in our records only for the length of time required to fulfill the purpose for which the data was collected.

According to our retention policy, we only kept personal data in our records as long as they were necessary for the purposes they have been processed. The retention period depends on the context in which we processed data.

6. Your European Privacy Rights

If you reside or otherwise find yourself in the European Economic Area (EEA), Meridian Institute committed itself to processing your personal data lawfully and to facilitate the exercise of your data protection rights granted by European data protection law.

Privacy rights under the European regulation:

We published this privacy notice for greater transparency.

7. Data Security

Meridian Institute committed itself to reasonable security, confidentiality and integrity principles. We took commercially reasonable precautions to keep all information obtained from our online visitors secure against unauthorized access and use.

This site contains links to other sites. Meridian Institute intended to link only to sites that shared our high standards and respect for privacy.

No guarantee is provided or implied for the privacy practices employed by other sites.