Security & Compliance
Public-site security, privacy, and operating-control posture for Meridian.
Public-site posture
Meridian’s public website uses Web3Forms for public request capture. Public forms warn against sending restricted data. Client deployments may use different messaging or logging providers, but those are deployment-specific and client-approved.
What Meridian claims publicly
- Designed around human review and approvals
- Consent-aware messaging posture
- Retention and provider details disclosed as public-site defaults or deployment-specific decisions
What Meridian does not claim
- No blanket compliance certification claims
- No full compliance guarantee
- No zero-risk promise
Public forms
Web3Forms receives submitted request content
Do not send medical records, legal strategy, payment cards, passwords, or emergency requests
Deployment messaging
Provider is client-approved and deployment-specific
Where SMS is used, consent and STOP handling are required
Incident posture
Meridian will notify affected clients under agreed deployment terms if a Meridian-controlled incident requires notice
Exact timelines are set in client agreements