We recommend professional legal review before you rely on this policy for paid services or large-scale processing. It is written to reflect our current understanding of MeshX products in development.
1. Who we are
MeshX Software Ltd is the controller of personal data collected through meshx.uk and related software services:
MeshX Create, MeshX Shop Manager, and MeshX Print Network.
This policy describes how we collect, use, store, and share personal data when you visit our website or use our services, and your rights under UK GDPR / GDPR where applicable.
3. Data we may process
Account and profile: for example name, email, company name, and authentication identifiers.
Service content: designs, catalogue and listing-related data, order and fulfilment data where applicable, logs, and support communications.
Connected marketplaces: if you connect shops (e.g. Etsy, eBay, TikTok Shop, Amazon), we process tokens and shop data needed to provide the features you turn on, in line with each platform’s terms and APIs.
Technical data: such as IP address, device and browser type, and cookies as described in our Cookie policy.
Billing: when paid plans launch, payment details are typically collected by a payment processor; we may hold limited billing records. We will name the processor in this policy when that goes live.
4. Lawful bases
Depending on the activity, we may rely on:
Performance of a contract (providing the services you use).
Legitimate interests (for example security, abuse prevention, and improving the service), where these are not overridden by your rights.
Consent, where required (for example certain non-essential cookies or marketing).
Legal obligation, where applicable.
5. Purposes
Provide, maintain, and improve MeshX Create, MeshX Shop Manager, and MeshX Print Network.
Authenticate users and apply subscription or access rules.
Communicate about the service, security, and (where relevant) billing.
Comply with law and respond to lawful requests.
6. Subprocessors and international transfers
We use third-party providers for hosting, databases, storage, email, analytics (if enabled), and similar functions.
A current list of subprocessors with short descriptions is available on request from
privacy@meshx.uk.
Where data is processed outside the UK/EEA, we use appropriate safeguards (such as the UK IDTA or EU Standard Contractual Clauses) where required.
7. Retention
We keep personal data only as long as needed for the purposes above, including legal, accounting, or reporting requirements.
Retention periods vary by data type; you can ask us for more detail in relation to your account.
8. Your rights
You may have rights to access, rectify, erase, restrict, or object to processing, and to data portability, and to withdraw consent where we rely on consent.
You may complain to the ICO (UK) or your local supervisory authority.
9. Children
Our services are aimed at businesses and adults, not children. We do not knowingly collect data from anyone under 16.
10. Changes
We will update this policy when our practices change and revise the “Last updated” date below.