top of page

Privacy Policy

Last Updated: November 14, 2025

 

Meta Sessions (“we,” “our,” or “us”) is committed to protecting your personal information. Meta Sessions is the Data Controller for personal data processed through this website and during service delivery. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you interact with our website, https://www.metasessions.org, and when we provide services. This Policy complies with United States privacy requirements, including the California Consumer Privacy Act (CCPA/CPRA) and the California Online Privacy Protection Act (CalOPPA), as well as Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and the European Union and United Kingdom (GDPR).

1. Information We Collect

Meta Sessions collects limited personal information necessary to deliver services, operate our website, and meet legal obligations.

 

We may collect personal information such as your name, email address, and payment details when you submit forms, sign contracts, or complete transactions through secure third-party processors. We also collect technical information automatically through our website platform, including IP address, browser type, and device information. Our hosting platform provides integrated analytics that record aggregated and anonymized data such as page visits, device categories, performance metrics, and load times. These analytics are essential for site functionality and security, cannot be disabled, and are not used for behavioral tracking or advertising.

 

Any additional information you choose to provide—such as details shared through communication, intake forms, questionnaires, or project materials—may also be collected and stored as part of our service relationship.

 

Meta Sessions does not intentionally collect data from individuals under the age of 16 and does not request or process sensitive personal categories unless required for contractual purposes and done with full consent.

 

For GDPR purposes, Meta Sessions is the Data Controller of all personal data processed through this website and during service delivery.

​

2. How We Collect Information

We collect information directly from you when you submit forms, enter into service agreements, communicate with us, or complete payments. We also receive information from third-party providers used for CRM management, contract execution, and secure payment processing. Additionally, our website platform automatically collects functional technical data and analytics necessary for site operation and security.

 

When visiting our website from the EU, UK, or other regions governed by data-protection laws, collection and processing of information occurs under the lawful bases permitted by GDPR, including performance of a contract, legitimate interest, explicit consent (where required), and compliance with legal or financial obligations.

 

If we transfer personal data outside of the European Union or United Kingdom—including transfers to the United States—such transfers are conducted using legally recognized mechanisms such as Standard Contractual Clauses or other appropriate safeguards required under GDPR.

3. How We Use Your Information

We use your personal information to deliver our consultancy services, communicate about projects or inquiries, manage invoicing and contracts, maintain accurate records, and meet legal, financial, or compliance obligations. Data may also be used for internal operational improvements, administrative purposes, or regulatory requirements.

 

For individuals located in the EU or UK, all processing is carried out under GDPR-compliant lawful bases, including:

 

  • Performance of a contract when delivering or preparing to deliver services.

  • Legitimate interest when improving operations, maintaining website functionality, or communicating essential project information.

  • Explicit consent when required by law, such as for optional mailing lists or additional communications.

  • Legal obligation when processing records for tax, accounting, or regulatory compliance.

 

We do not sell, rent, or share personal data for advertising or marketing purposes.

4. Data Sharing and Third Parties

We may share personal information with trusted service providers who assist in delivering our work, including CRM platforms, payment processors, e-signature services, and operational contractors. These parties are permitted to access data only for the purpose of performing assigned functions and are contractually obligated to maintain confidentiality.

 

When information is transferred to processors located outside the EU/UK, we ensure the transfer complies with GDPR requirements through approved legal safeguards such as Standard Contractual Clauses or equivalent protections.

 

Meta Sessions does not sell, trade, or disclose your information to third parties for marketing or promotional use.

5. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected or as required to comply with legal, financial, or contractual obligations.

 

In general:

 

  • Contract and project records may be retained for up to six years.

  • Financial and invoicing records may be retained for seven years to satisfy tax and compliance laws.

  • Email communications and general inquiries may be retained for up to twenty-four months unless needed longer for ongoing service work.

  • Platform-generated analytics may be stored according to the policies of our website hosting provider.

 

When data is no longer needed, it will be securely deleted, anonymized, or archived in accordance with applicable regulations.

6. Your Rights

You have the right to request information about the personal data we collect and how it is used. You may request correction of inaccurate data, deletion of data where legally permissible, access to your information, or withdrawal of consent where processing is based on consent. You may also request details about whether your data is shared with third parties.

 

Meta Sessions does not sell or share data for advertising purposes.

 

For individuals in the EU or UK, GDPR provides additional rights, including the right to restrict certain types of processing, the right to object to processing based on legitimate interest, and the right to request data portability when technically feasible. You may also lodge a complaint with your local Data Protection Authority if you believe your rights have been violated.

 

All requests may be submitted to contact@metasessions.org, and we will respond within 30 days. In some cases, verification of identity may be required before fulfilling a request. Extensions may be applied when requests are complex or numerous, as permitted by GDPR.

​

7. Cookies and Tracking

Meta Sessions uses only functional cookies that are essential to website operation. These cookies support security, performance, and accessibility.

 

Our hosting platform provides integrated analytics that collect limited, anonymized, and aggregated data such as device type, page load performance, and basic interaction metrics. These analytics are built into the system and are not configurable by Meta Sessions. They are not used for behavioral tracking, profiling, or advertising.

 

If additional analytics, marketing tools, or optional cookies are implemented in the future, this Policy will be updated and consent mechanisms will be provided where required under GDPR and other regulations.

 

Meta Sessions does not engage in automated decision-making or profiling.

8. Data Security

Meta Sessions takes reasonable measures to protect personal information using administrative and procedural safeguards. Access to client data is limited to employees and contractors directly involved in service delivery.

 

While certain advanced technical safeguards such as encryption are not currently implemented, we are working toward enhanced cybersecurity measures. Data transfers to third-party processors are conducted securely and in compliance with applicable data-protection laws, including GDPR requirements for cross-border transfers.

​

9. Jurisdiction-Specific Disclosures

Meta Sessions complies with applicable privacy laws in the United States, including CCPA/CPRA, CalOPPA, and relevant federal standards, as well as Canada’s PIPEDA and the European Union and United Kingdom General Data Protection Regulation (GDPR/UK-GDPR).

 

Meta Sessions does not sell personal information, share personal information for advertising, or engage in automated decision-making or profiling.

 

Individuals in the EU or UK may lodge complaints with their national Data Protection Authority. Meta Sessions may update this Policy to reflect changes in laws, practices, or operational requirements.

10. Contact and Requests

For questions about this Policy or to submit a privacy-related request, contact:

contact@metasessions.org

We will respond to all privacy-related inquiries within 30 days, in accordance with applicable laws.

11. Changes to This Privacy Policy

This Policy may be updated periodically to reflect changes in practices or legal requirements. Updates will appear with a new “Last Updated” date.

12. Contact Information

Meta Sessions

Durham, NC, United States

contact@metasessions.org

https://www.metasessions.org

bottom of page