Privacy Notice

Last updated April 13, 2026

Meridian is built by Saunter Works (collectively referred to as "We"). This notice explains how we ("Saunter Works") process your data.

What we collect (and what we don't)

We collect only what we need to give you visa guidance: your email or phone number for authentication, nationality and travel details for visa lookups, and documents you upload for review.

We also collect anonymised usage data (for example, which assessment steps you complete and which destinations you compare) to improve our tools. This data contains no personal data and cannot be linked back to you.

We don't collect browsing history. We don't build advertising profiles, nor use your data for advertising purposes. We don't sell your data. We never will.

How we use your data

Provide personalised visa guidance based on your profile.
Improve our accuracy by learning which visa rules change.
Send you updates if you opt in (email or WhatsApp).
Understand how people use Meridian through anonymised usage analytics (e.g. which steps are completed), so we can improve it.

Where our knowledge comes from

Meridian combines three sources: AI models trained on public information, community contributions from visa experts who share real-world experience, and official government sources. We cross-reference these to give you accurate, up-to-date guidance.

How we protect your data

Privacy is in our architecture, not just our notice.

Personal data removal; Before AI models process your data, we remove any personal data and render it anonymised. Specifically, we remove passport numbers, dates of birth, bank account numbers, phone numbers, and other identifiers.
Encryption at rest; Your answers to the assessment, any extracted document text, and other identifiers are encrypted in our database using ActiveRecord encryption.
Error tracking; Sentry personal data collection is explicitly disabled. Errors are tracked without personal data.
Log filtering; Over 15 patterns (emails, phone numbers, passport numbers) are filtered from server logs.
Document storage; Documents you upload are stored with encryption at rest and limited access. Temporary copies sent to AI for text extraction are deleted immediately after processing. Your uploaded files remain available in your vault until you delete them.

Third-party services

We use these services to run Meridian. Here's exactly what each one sees.

Service	Purpose	Data shared
Anthropic Claude	AI visa guidance and readiness assessment	Anonymised queries (personal data removed)
OpenAI	Document extraction and data structuring	Document content (no personal data)
Voyage AI	Semantic search over visa rules	No personal data
Jina AI	Web content extraction for visa requirements	No personal data
Meta WhatsApp Cloud API	Messaging	Phone number, message content
Resend	Email	Email address
Plausible (EU)	Privacy-first analytics	Anonymised usage events (e.g. assessment steps completed). No cookies, no personal data
Sentry	Error tracking	Personal data collection disabled
Cloudflare R2 (Documents)	Document storage	Uploaded files (encrypted at rest, limited access, deletable on request)
Cloudflare R2 (ML models)	ML model storage	No personal data
Scalable	Hosting	Standard server logs

Your rights

Under GDPR and similar privacy laws, you have the right to:

Access; Request a copy of all data we hold about you.
Deletion; Ask us to delete your account and all associated data.
Export; Download your data in a portable format.
Correction; Update or fix inaccurate information.

To exercise these rights, email us at founders@usemeridian.app.

Cookies

We use essential session cookies only; the minimum needed to keep you logged in. No tracking cookies, no advertising cookies. Our analytics provider (Plausible) is entirely cookie-free.

Contact

Questions about your privacy? Reach us at founders@usemeridian.app.