Meridian’s

Legal

Privacy Policy

Last updated: 14 May 2026

1. Who we are

Meridian's Fine Art Marketplace (“Meridian's,” “we,” “us,” “our”) operates the online art marketplace at Meridian's-art.vercel.app. This Privacy Policy explains how we collect, use, and protect your personal information when you use our platform.

2. Information we collect

We collect information you provide directly:

  • Account information: name, email address, password (stored as a bcrypt hash — we never see your plain-text password), and account role.
  • Profile information: display name, bio, location, website URL, and gallery avatar (sellers only).
  • Listing information: artwork title, description, images, provenance, dimensions, and asking price.
  • Transaction information: offer amounts and messages exchanged between buyers and sellers.
  • Enquiry information: messages sent to sellers via the enquiry form.

We also collect information automatically:

  • Log data: IP addresses, browser type, pages visited, and timestamps — used for security and rate-limiting purposes.
  • Session data: a JWT session cookie to keep you logged in.

3. How we use your information

  • To provide and operate the marketplace (create accounts, display listings, process offers).
  • To send transactional emails: email verification, password resets, offer notifications, and enquiry forwarding.
  • To moderate listings and enforce our Terms of Service.
  • To improve the platform through aggregate, anonymised analytics.
  • To protect against fraud and abuse (rate limiting, IP blocking).

We do not sell your personal data to third parties. We do not use your data for advertising.

4. Data sharing

We share your data only as necessary:

  • Between buyers and sellers: when a buyer submits an enquiry, their name and email are visible to the seller so they can reply. Offer amounts and messages are visible to both parties.
  • Service providers: we use Neon (PostgreSQL hosting), Vercel (infrastructure and blob storage), and Resend (transactional email). These providers process data only as necessary to provide their services.
  • Legal requirements: we may disclose information if required to do so by law or in response to valid requests from public authorities.

5. Data retention

We retain your account data for as long as your account is active. If you close your account, we will delete your personal information within 30 days, except where we are required by law to retain it. Artwork images stored in Vercel Blob are deleted when a listing is removed.

6. Security

We implement reasonable technical and organisational measures to protect your data, including password hashing (bcrypt), HTTPS, rate limiting on sensitive endpoints, and JWT-based session management. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

7. Your rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data (“right to be forgotten”).
  • Object to or restrict certain processing.
  • Data portability.

To exercise any of these rights, contact us at support@Meridian's.art.

8. Cookies

Meridian's uses a single session cookie to keep you logged in. We do not use third-party tracking cookies or advertising pixels. No cookie consent banner is required for purely functional cookies.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email. Continued use of Meridian's after changes take effect constitutes acceptance of the revised policy.

10. Contact

For privacy questions or data requests, contact us at support@Meridian's.art.