Privacy policy

Last updated: 21 February 2026

The short version: I only collect the information I need to run my design business, work with you properly, and meet legal requirements. I don’t sell your data, and I treat your information with care.

The longer version below explains what that means in practice.

Table of contents

H2

Introduction

Meika is committed to protecting your privacy and handling personal information responsibly. This policy explains how personal data is collected, used, and protected when you visit my website or work with me.

This policy applies to www.meika.studio and any related services operated by Meika.

1. Who I am

Meika ("I", "me", "my") is a UK-based design studio operated as a sole trader.

I am the data controller responsible for your personal data.

Email: compliance@studiomeika.com

Business address:

Meika

First Floor, Swan Buildings

20 Swan Street

Manchester

M4 5JW

2. What this policy covers

This policy explains how I collect, use, store, and protect personal data when you:

  • Visit my website (www.meika.studio).
  • Contact me.
  • Work with me as a client.

3. What information I collect

I only collect information that is needed to run my business and provide my services.

3.1. Information you provide

This may include:

  • Your name and email address.
  • Company name and contact details.
  • Project briefs, messages, and feedback.
  • Design files and materials you supply.
  • Billing and payment information.

3.1.1. Design files and personal data

Design materials you provide may include personal data (for example, images of people or business identifiers).

I process these materials only to deliver your project and in line with my agreement with you.

3.2. Information collected automatically

3.2.1. Information needed for this website to work

To make sure this website is secure, loads quickly, and works properly for everyone, it uses basic infrastructure services.

When you visit, these services may automatically receive limited technical information about your connection, such as:

  • Your device's IP address (to establish a secure connection).
  • Your browser type and device (so the site displays correctly).
  • If a page fails to load (to identify and fix errors).

This site is hosted on Webflow and delivered/secured via the Cloudflare network. They process this minimal technical data under strict contracts to provide their services. You can read their privacy policies for more detail.

3.2.2. Website analytics

This site uses GoatCounter for privacy-friendly web analytics:

  • No cookies: GoatCounter doesn’t use cookies or browser storage for tracking.
  • No personal data: IP addresses, User-Agent strings, and other identifying information are not stored.
  • Basic metrics only: page views, referrers, and browser/OS statistics, recorded in a way that does not identify individual visitors. For example, I can see things like "15 people visited this page today," but I have no way of knowing who those people are.
  • Open-source: fully transparent and auditable code.
  • Privacy-first: designed to comply with GDPR and CCPA without requiring a consent banner.

4. How I use your information

I use personal data to:

  • Deliver design services and manage projects.
  • Communicate with you.
  • Process payments and maintain records.
  • Respond to enquiries.
  • Improve my services and website.

4.1. Legal basis for processing

Under UK GDPR, I rely on the following legal bases:

  • Contract: to provide the services you’ve engaged me for.
  • Legitimate interests: to operate and improve my business.
  • Legal obligations: such as tax and accounting requirements.
  • Consent: where required, for example for marketing or portfolio use. You can withdraw consent in line with our agreement. This does not affect the lawfulness of processing carried out before consent was withdrawn.

You have the right to object to processing based on legitimate interests.

4.2. How business tools handle your data

Some personal data is handled by external services that I use to run my business (for example: email, invoicing, and project management tools).

These services act as data processors on my behalf and are selected for their compliance with data protection laws. They are contractually required to process personal data only for the purposes of providing their services, to keep it secure, and to comply with UK GDPR.

I do not sell personal data.

A list of my current service providers is available on request.

4.2.1. Working in your apps

If you invite me to join your team in apps or platforms (like Slack, Figma, or other collaboration tools), I will only access and use the data needed to complete the work we’ve agreed on. You remain in control of your data at all times, and it’s up to you to manage what is shared in these tools.

4.3. Portfolio use

I may showcase your project in my portfolio or marketing materials as agreed upon in our MSA. Any specific restrictions (such as launch delays or confidentiality requirements) defined in the contract will be strictly honored.

4.4. International data transfers

Some of the service providers I use may process data outside the UK (for example, in the EU or United States). Where this happens, I ensure that appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data in line with UK GDPR requirements. Your personal data will not be transferred to countries without adequate data protection safeguards unless necessary and lawful.

5. How long I keep your data

I only keep personal information for as long as I need it to provide my services, meet legal obligations, or for portfolio use. Here’s a simple breakdown of how that works:

For people who get in touch (prospects)

  • If we don’t end up working together, I delete your information within 1 to 3 months after no further engagement is expected.

While we’re working together

  • I keep everything I need for our active work, such as your contact details, messages, project files, and feedback.
  • As we complete individual tasks (like approving a design proof or finishing a round of feedback), I archive or delete the materials and cards for that specific task, usually within 7 to 30 days.

After our project is completely finished

  • Once our entire project is done, paid for, and you’ve accepted the final work, I begin winding down the main project files. The exact timeline is covered in our contract.

If we put our project on hold

  • I’ll keep the project files for a limited time in case we restart, after which I will delete them. The specific timelines are covered in our contract.

For my portfolio and to promote my work

  • My ability to showcase our work in my portfolio and to list you as a client is detailed in my standard contract.

For legal and financial records

  • UK law requires me to keep documents such as invoices and contracts for up to 6 years for tax and accounting purposes.

I regularly review the information I hold and delete it when it’s no longer needed.

6. Your rights

Under data protection law, you have rights including:

  • Access: you have the right to ask me for copies of your personal information.
  • Rectification: you have the right to ask me to rectify information you think is inaccurate. You also have the right to ask me to complete information you think is incomplete.
  • Erasure: you have the right to ask me to erase your personal information in certain circumstances. This does not include any data I am obliged to keep for administrative, legal, or security purposes.
  • Restriction of processing: you have the right to ask me to restrict the processing of your information in certain circumstances.
  • Object to processing: you have the right to object to the processing of your personal data in certain circumstances.
  • Data portability: you have the right to ask that I transfer the information you gave me to another organisation, or to you, in certain circumstances.

If you make a request, I have one month to respond to you.

Please contact me by email if you wish to make a request.

Email: compliance@studiomeika.com

7. Data security

I take reasonable technical and organisational measures to protect personal data, including secure systems, restricted access, encrypted connections where available, and trusted providers.

8. Children’s privacy

My services are not directed to children under 18, and I do not knowingly collect personal data from children.

If I become aware that I have collected personal data from a child under 18, I will delete that information as soon as reasonably possible. If you believe that a child has provided me with personal data, please contact me so I can take appropriate action.

9. Complaints

If you have concerns about how your data is handled, please contact me first.

Email: compliance@studiomeika.com

You also have the right to complain to the UK Information Commissioner’s Office (ICO): https://ico.org.uk/make-a-complaint/

10. Changes to this policy

This policy may be updated from time to time. The latest version will always be available on Meika’s website.

Dream Retainer
Dream Project
Why Meika
Portfolio
Privacy policy
Accessibility

Brand and website by Meika. Built from scratch, because dreams don't come in templates ;)

Launch exceptional work, faster

Meika
First Floor, Swan Buildings
20 Swan Street
Manchester
M4 5JW