Privacy policy

This Privacy Policy explains how Meron ("Meron," "we," "us," or "our") collects, uses, and shares personal information when you visit meron.design (the "Site"), place an order, or otherwise engage with us.

To exercise any of the privacy rights outlined in this policy, please visit our Privacy Hub, which provides region-specific request forms for customers in the United States, European Union, United Kingdom, Canada, Brazil, South Africa, Japan, Thailand, Australia, New Zealand, and other regions. You may also reach us at support@meron.design — both methods are fully supported.

1. Personal Information We Collect

We collect the following categories of personal information:

• Contact and order details — name, email address, phone number, billing and shipping address, and information about the products you purchase. We refer to this collectively as "Order Information." We do not store complete payment card numbers; these are handled directly by our payment processors.
• Account details — if you register for an account, your login credentials and saved preferences.
• Communications — messages you send us via email, contact forms, or customer support, along with our responses.
• Device and browsing data — IP address, browser type, time zone, operating system, referring URLs, pages visited, and how you interact with the Site, gathered automatically through cookies, log files, web beacons, tags, and pixels. We refer to this collectively as "Device Information."
• Marketing and SMS preferences — your subscription status and consent for email and SMS marketing.

When we refer to "Personal Information" throughout this Privacy Policy, we mean Order Information, Device Information, and any other data that identifies or relates to you.

Sources of Personal Information

We gather Personal Information from the following sources:

• Directly from you — when you place an order, create an account, contact us, or subscribe to marketing.
• Automatically from your device — via cookies, pixels, and similar technologies when you browse the Site.
• Service providers — including Shopify, payment processors, shipping carriers, customer support tools, and review/UGC platforms operating on our behalf.
• Advertising and analytics partners — such as Meta and Google, who supply reporting, audience-matching, and ad-performance data.
• Fraud-prevention and risk vendors — including Shopify's built-in fraud analysis, which provides risk signals about transactions.

2. How We Use Personal Information

We use Personal Information to:

• Process and fulfill your orders, including payment, shipping, returns, and customer invoices or confirmations.
• Create and manage your account.
• Provide customer support and respond to your inquiries.
• Send transactional communications (order confirmations, shipping updates, receipts).
• Send marketing communications, including cart reminder messages, where you have opted in. You may opt out at any time.
• Screen orders for potential risk or fraud (in particular using your IP address and device information). All fraud-related decisions are reviewed by a human before any action affecting your order is taken.
• Personalize your experience and display relevant products and offers.
• Measure and improve the Site's performance, content, and advertising.
• Comply with legal obligations and enforce our terms.

3. Legal Bases for Processing (UK/EU)

If you are located in the United Kingdom, European Economic Area, or Switzerland, we rely on the following legal bases under the UK GDPR and EU GDPR:

• Contract — to process your orders and deliver the services you request.
• Consent — for marketing communications, SMS messages, and non-essential cookies. You may withdraw consent at any time.
• Legitimate interests — to operate and improve our business, secure the Site, and prevent fraud, where our interests do not override your rights.
• Legal obligation — to comply with tax, accounting, consumer protection, and other applicable laws.

4. Cookies and Tracking Technologies

We use cookies and similar technologies (pixels, tags, log files, local storage) for essential site functionality, analytics, personalization, and advertising. You can manage your preferences at any time through the cookie banner on our Site or by selecting "Your Privacy Choices" in our footer.

We honor Global Privacy Control (GPC) browser signals as a valid opt-out of the sale and sharing of personal information for U.S. visitors. We do not currently respond to generic "Do Not Track" signals, as they are not standardized.

5. SMS and Messaging

If you opt in to receive SMS messages from us, we collect and use your phone number and related consent information to send you updates, cart reminders, and promotional messages. We will not share your opt-in to an SMS campaign with any third party for purposes unrelated to providing you with the services of that campaign. We may share your personal data, including your SMS opt-in or consent status, with third parties that help us deliver our messaging services (platform providers, phone companies, and vendors who assist in text message delivery). Text messaging originator opt-in data and consent will not be shared with any third parties for unrelated purposes. You can opt out at any time by replying STOP.

6. Financial Incentives

From time to time we may offer a discount or other benefit (for example, a one-time discount code, free shipping, or a gift) in exchange for subscribing to our marketing email or SMS list. The specific offer may vary and will be described at the point of signup.

The personal information collected through these programs (your email address, phone number, and consent status) has value to us in the form of repeat purchases and reduced marketing acquisition costs. We have estimated this value based on the discount or benefit offered and historical engagement and purchase rates of our subscribers.

Participation in any incentive program is entirely voluntary. You may withdraw at any time by unsubscribing from our marketing emails (link in every email) or by replying STOP to any SMS message, and we will not penalize you or deny you goods or services for doing so. Any discount code or benefit you have already received remains valid in accordance with its stated terms.

7. How We Share Personal Information

We share Personal Information with the following categories of recipients:

• Shopify (e-commerce platform and host) — receives Order Information, Account Information, Communications, and Device Information necessary to host the Site and process orders.
• Payment processors (e.g., Shopify Payments) — receive name, billing address, email, and payment card details directly from you at checkout. We do not store full card numbers.
• Shipping carriers and fulfillment partners — receive name, shipping address, phone number, and order details necessary to deliver and, where applicable, return your order.
• Email and SMS providers (e.g., Klaviyo) — receive name, email, phone number, marketing/SMS consent status, purchase history, and engagement data to send transactional and marketing messages on our behalf.
• Customer support tools — receive name, email, order details, and the contents of any messages you send us, in order to assist with your inquiry.
• Reviews and user-generated-content platforms — receive name, email, and order details to invite you to leave a review and to publish reviews you choose to submit.
• Meta (Facebook/Instagram) — receives hashed email, IP address, and event data (e.g., page view, add-to-cart, purchase value) for ad delivery, measurement, and audience matching.
• Google (Ads and Analytics) — receives hashed email, IP address, device identifiers, and event data for analytics, ad delivery, and measurement.
• Fraud-prevention vendors — including Shopify's built-in fraud analysis, which receives IP address, device information, and order details to provide risk signals about transactions.
• Professional advisors — accountants, lawyers, and insurers where necessary.
• Authorities — where required by law, subpoena, court order, or to protect our rights, safety, or property or that of others.
• Business transfers — in connection with a merger, acquisition, reorganization, financing, or sale of all or part of our business.

We may also engage additional service providers from time to time (for example, hosting, analytics, or operational tools); where we do, we contractually require them to process Personal Information only on our instructions and in accordance with this policy.

We do not sell Personal Information for monetary consideration. Some of our advertising-related sharing may qualify as a "sale" or "sharing" under California and other U.S. state laws; you can opt out via our Do Not Sell or Share My Personal Information page (see also "U.S. State Privacy Rights" below).

Google AdSense: Third-party vendors, including Google, use cookies to serve ads based on your prior visits to our Site or other websites. Google's use of advertising cookies enables it and its partners to serve ads to you based on your visit to our Site and/or other sites on the Internet. You may opt out of personalized advertising by visiting Google Ads Settings.

You can learn more about how Google uses your personal information at policies.google.com/privacy and opt out of Google Analytics at tools.google.com/dlpage/gaoptout. For general targeted-advertising opt-outs across other third-party vendors, visit the Digital Advertising Alliance's portal at optout.aboutads.info and the Network Advertising Initiative at networkadvertising.org.

8. International Data Transfers

We are based in the United States, and Personal Information we collect may be transferred to, stored, and processed in other countries. Where required, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, and the EU-U.S. Data Privacy Framework.

9. Data Retention

We retain Personal Information for as long as necessary to provide our services, comply with our legal obligations (including tax and accounting requirements), resolve disputes, and enforce our agreements. When Personal Information is no longer needed, we delete or anonymize it.

10. Security

We maintain reasonable administrative, technical, and physical safeguards designed to protect Personal Information. No system is perfectly secure, however, and we cannot guarantee the absolute security of information transmitted to or from the Site.

11. Your Privacy Rights

Depending on where you reside, you may have the following rights:

• The right to access and obtain a copy of your Personal Information.
• The right to correct inaccurate Personal Information.
• The right to delete your Personal Information.
• The right to data portability.
• The right to object to or restrict certain processing, including direct marketing.
• The right to withdraw consent at any time.
• The right to opt out of the sale or sharing of your Personal Information and of targeted advertising.
• The right to limit the use and disclosure of sensitive Personal Information (California). We do not currently use or disclose sensitive Personal Information for purposes other than those permitted under the CPRA (e.g., providing the services you request, security, and short-term transient use), so this right does not currently apply, but we will update this policy if our practices change.
• The right to non-discrimination for exercising these rights.
• The right to lodge a complaint with your local data protection authority.

To submit a request, you may use either of two equally supported methods: (1) the appropriate form on our Privacy Hub, or (2) email us at support@meron.design with "Privacy Request" in the subject line. We will verify your identity before responding and will reply within the timeframes required by applicable law. You may designate an authorized agent to submit a request on your behalf.

United Kingdom, European Economic Area, and Switzerland

Submit requests via our Privacy Rights (GDPR) page or by emailing support@meron.design. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ico.org.uk) or your EEA national data protection authority.

U.S. State Privacy Rights

Residents of California, Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, Delaware, New Jersey, New Hampshire, Iowa, Indiana, Tennessee, Nebraska, Minnesota, Maryland, Kentucky, Rhode Island, and other states with comprehensive privacy laws have the rights described above, including the right to opt out of the sale or sharing of Personal Information and of targeted advertising. Exercise these rights via:

• Your Privacy Choices — for access, deletion, correction, and similar requests.
• Do Not Sell or Share My Personal Information — to opt out of sale, sharing, and targeted advertising.
• support@meron.design — to submit any of the above requests by email.

We honor Global Privacy Control (GPC) browser signals as a valid opt-out.

California "Shine the Light" law. California residents may request a list of third parties to whom we have disclosed Personal Information for those third parties' direct marketing purposes in the prior calendar year. We do not share Personal Information in this way.

Canada

Canadian residents, including Quebec residents under Law 25, may submit requests via our Privacy Rights (Canada) page or by emailing support@meron.design.

Brazil

Brazilian data subjects may exercise rights under the LGPD via our Central de Privacidade or by emailing support@meron.design.

South Africa

Residents of South Africa may exercise rights under POPIA via our POPIA Compliance page or by emailing support@meron.design.

Japan

Residents of Japan may submit requests under the APPI via our プライバシーに関する権利 (APPI) page or by emailing support@meron.design.

Thailand

Residents of Thailand may exercise rights under the PDPA via our PDPA Compliance page or by emailing support@meron.design.

Australia and New Zealand

Residents of Australia and New Zealand may submit requests via our Privacy Rights (AU/NZ) page or by emailing support@meron.design.

Other Regions

If none of the regions above apply to you, please use our general privacy request page or email support@meron.design.

12. Children's Privacy

Our Site is not directed to children under 16, and we do not knowingly collect Personal Information from children. If you believe a child has provided us with Personal Information, please contact us and we will delete it.

In addition, we do not knowingly sell or share the Personal Information of consumers under the age of 16. If we learn that we have inadvertently collected such information, we will only sell or share it with the affirmative opt-in consent required by the California Consumer Privacy Act (parental consent for consumers under 13, and the consumer's own consent for consumers aged 13 to 16).

13. Automated Decision-Making

We do not use Personal Information for automated decision-making that produces legal or similarly significant effects. Where automated systems flag a transaction as potentially high-risk (for example, fraud screening), the resulting decision is reviewed by a person before any action is taken.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on this page and update the "Last updated" date below. Material changes will be communicated more prominently where required by law.

15. Contact Us

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us:

Meron

3909 S Maryland Pkwy Ste 314 #186, Las Vegas, NV 89119, United States

Website: meron.design

Email: support@meron.design

Last updated: May 29, 2026