Privacy policy.
Meridian/V (Pty) Ltd processes pavement and asset data on behalf of registered road authorities. This page describes our current practices during the pilot phase. It is not legal advice. Final POPIA-compliant counsel-reviewed policy will replace this document before commercial launch.
1. Information we collect
For each user account: email address, full name, organisation, and role assigned by your organisation administrator. For each submission: the CSV dataset you upload, the validation findings produced by the rule engine, and the audit trail of actions performed against it.
2. How we use information
To provide the validation service: parsing submissions, running rule checks, generating certificates, displaying audit trails, and notifying users. Submission file bytes are hashed (SHA-256) at certification time and the hash is published as part of the certificate. We do not use customer data for advertising or model training.
3. Data residency
Pilot infrastructure is currently hosted in AWS us-east-1 for cost reasons. We will migrate to AWS af-south-1 (Cape Town) before commercial launch so that customer data resides within South Africa, consistent with POPIA expectations for sensitive public-sector data.
4. Sub-processors
We rely on these third-party services to operate the platform:
- Amazon Web Services (AWS) — RDS PostgreSQL (data), S3 (file storage), Cognito (authentication), SES (transactional email).
- Vercel — application hosting and CDN.
We do not currently use any analytics, advertising, or tracking sub-processors.
5. Your rights
You can request access to or deletion of your account data by emailing privacy@tmh18.com. Submission data deletion is subject to your organisation's retention policy and may require admin authorisation.
6. Contact
Questions: privacy@tmh18.com.
Security disclosures: security@tmh18.com.
General: hello@tmh18.com.