Subprocessor Disclosure
Published for transparency and procurement review. For all inquiries, email security@meridianverity.com.
Meridian Verity Group LLC Subprocessor Disclosure Statement
| Document ID | MVG-SUBPROCESSORS-1.0.0 |
|---|---|
| Version | 1.0.0 |
| Effective date | 2026-02-06 |
| Status | Public |
| Classification | Procurement / privacy transparency (public-safe; request-based details) |
| Primary contact | privacy@meridianverity.com |
1. What this is
This one-page statement explains how Meridian Verity Group LLC (“MVG”) uses subprocessors and how customers can obtain the current Subprocessor List.
2. Definitions
“Subprocessor” means a third party engaged by MVG to process Customer Personal Data on behalf of a Customer in providing the Services.
“Subprocessor List” means the list of currently authorized Subprocessors for the applicable Service and region.
“Customer Personal Data” has the meaning in MVG’s Data Processing Addendum (DPA).
3. Disclosure posture (public-safe + procurement-friendly)
MVG maintains a current Subprocessor List and associated change-control records.
Because Subprocessors may vary by product, deployment model, and region, MVG provides the authoritative list on request (and/or under NDA where appropriate). A current summary list may also be published at a public URL; details available upon request or NDA.
Where a Customer is covered by a DPA, Subprocessor change-notice and objection rights are governed by the DPA.
4. How to request the current Subprocessor List A current summary list may also be published at a public URL; details available upon request or NDA.
Email: security@meridianverity.com
To accelerate turnaround, include:
Your organization name and contact details,
Which MVG product / service you are evaluating (or the relevant Order Form / pilot name),
Region(s) of intended processing (e.g., US, EU/EEA, UK, Korea, global),
Whether you require an NDA prior to receiving the list.
MVG will provide the current Subprocessor List in a reasonable format (typically a one-page list or a schedule that can be attached to a DPA) and will identify which Subprocessors process Customer Personal Data versus purely operational metadata. Nothing in this Statement creates an obligation to use or continue using any specific Subprocessor.
5. Categories of subprocessors (high-level)
Depending on configuration and customer choices, MVG may use subprocessors in the following categories:
Infrastructure hosting / compute / storage
CDN and DDoS / abuse protection
Email delivery and customer communications (business-only)
Customer support tooling (if enabled)
Security monitoring and alerting
Professional services subcontractors (if contracted; human access is controlled)
6. Change control and customer notice
MVG performs due diligence on subprocessors appropriate to the risk and data type.
MVG requires confidentiality and data protection obligations from subprocessors.
MVG provides notice of material subprocessor changes to DPA-covered customers and permits reasonable objection on data-protection grounds (per the DPA).
7. Website publication guidance
Recommended placement: /subprocessors or /legal/subprocessors.
This statement is public-safe. The actual Subprocessor List may be provided on request and may be covered by NDA depending on the procurement context. A current summary list may also be published at a public URL; details available upon request or NDA.
Change log
v1.0.0 - Initial publication (request-based disclosure).