Privacy and Cookie Policy

Privacy and Cookie Policy

Effective Date: 24 March 2025

Welcome to Mesh Performance Ltd ("we," "our," or "us"). We’re dedicated to safeguarding your privacy and data as we provide remote dietetic consultations to clients and collaborate with practitioners both in the UK and worldwide. This Privacy and Cookie Policy explains how we collect, process, and protect your personal data when you use our website (https://mesh-performance.com) and our services (collectively, "Services"). By engaging with us, you agree to the terms below.

1. Our Services and Data Collection

We offer remote dietetic consultations, nutritional analysis (e.g., menu assessments), sports nutrition including ISAK skinfold anthropometry, monthly coaching packages, blogs and video content hosted on our website, charity project work, and university lecturing/coaching. Our practitioners and clients may be located inside or outside the UK, such as in Asia. To deliver these Services effectively, we collect:

  • Device Information: Web browser details, IP address, time zone, and cookies used on your device.

  • Usage Data: Pages viewed, referral sites, and interactions with our website, including video content and third-party links.

  • Personal Data: Name, address, payment details, and information you share during registration, inquiries, or coaching sign-ups.

  • Health Data: Medical history, dietary habits, blood test results, or anthropometric measurements, only if you provide them voluntarily (with explicit consent) via automated pre-appointment forms for consultations, assessments, or coaching.

2. How We Use Your Data

We use your data to:

  • Deliver remote dietetic consultations, nutritional analysis, and sports nutrition services, connecting you with practitioners wherever you or they are located, including Asia.

  • Manage appointments, process payments, and provide monthly coaching support.

  • Improve our website, blogs, videos, and overall user experience.

  • Detect and prevent fraud or misuse of our Services.

  • Communicate about your care, updates, or promotions (only if you opt in during registration or via account settings; you can opt out anytime via email unsubscribe links or by contacting us).

  • Meet legal obligations in the UK and other jurisdictions where our clients or practitioners reside.

3. Your Rights

Your rights depend on your location:

  • UK Residents: Under UK GDPR, you can:

    • Be informed about data collection and use.

    • Access, correct, or erase your data.

    • Restrict or object to processing.

    • Request data portability.

    • Withdraw consent anytime.

    • Complain to the UK ICO (www.ico.org.uk, 0303 123 1113).

  • Outside the UK: You may have similar rights under local laws (e.g., EU GDPR, Thailand’s PDPA, Vietnam’s data protection rules). We’ll honour these where applicable—contact us for details.
    Email info@mesh-performance.com to exercise your rights; we’ll respond within 30 days or as required by law.

4. Data Minimization and Retention

We collect only what’s essential for your care and delete unneeded data securely, following UK guidelines:

  • Personal Data: Kept for 6 years after our last interaction, per UK tax law, unless local regulations require adjustment.

  • Health Data: Retained for 2 years post-service (e.g., consultation, coaching) unless you consent to longer storage or laws dictate otherwise.

  • Usage/Device Data: Held for up to 12 months for analytics, then anonymized or deleted.

5. Data Transfers

As a remote, cloud-based service with clients and practitioners globally (e.g., UK, Asia—Thailand, Vietnam, Bali), your data may be processed outside your country. We ensure its protection using:

  • Proton Business Suite: Includes Proton VPN (encrypts network transfers) and ProtonMail (secures email), adhering to Swiss privacy standards.

  • Cliniko: Stores client data securely in the cloud, compliant with GDPR and HIPAA, with servers potentially in multiple regions.

  • Safeguards: UK-approved Standard Contractual Clauses for transfers from the UK, plus compliance with local laws (e.g., Thailand’s PDPA) where applicable.

6. Data Security

We rely on cloud-based tools to store and transmit your data securely. These platforms use encryption for data in transit and at rest, limit access to trained staff (UK and global), and undergo regular security updates. While no online system is fully secure, we take every reasonable step to protect your information across borders.

7. Cookies and Tracking

What Are Cookies?
Cookies are small files on your device that help our website function, track usage, and enhance your remote experience, including video content and interactions with third-party links.

Why We Use Them

  • Ensure website security and smooth operation across time zones.

  • Analyze usage of our site, blogs, videos, and linked content to improve Services.

  • Personalize your experience (e.g., login preferences).

  • Track marketing effectiveness (if you opt in).

Types of Cookies

  • Essential Cookies: Needed for site functionality (e.g., navigation).

  • Analytical Cookies: Measure usage (e.g., Google Analytics).

  • Marketing Cookies: Tailor ads (e.g., Facebook Pixel), with your consent.

  • Session Cookies: Expire when you close your browser.

  • Persistent Cookies: Stay up to 12 months unless deleted.

Managing Cookies


Adjust preferences via our on-site cookie banner anytime or use your browser settings. Blocking cookies may affect site features, especially for remote access, video playback, or third-party link functionality.

Third-Party Cookies and Links


Partners like Google Analytics, Facebook Pixel, and Meta (for WhatsApp-related analytics) may set cookies for analytics or ads, accessible globally. Our website may include third-party links (e.g., to external resources or partners). Clicking these links takes you to sites we don’t control—their privacy policies apply, and we’re not responsible for their data practices. See their policies at policies.google.com, facebook.com/privacy, and whatsapp.com/legal.

8. Third-Party Tools

Our core tools Proton Business Suite and Cliniko (are cloud-based and selected for GDPR/HIPAA compliance and international reliability. We also use:

  • Meta/WhatsApp: For informal conversations and reminders.

  • MyFood24: Nutritional analysis.

  • Heidi Health: Consultation support.

All have their own privacy policies applicable to cross-border data flows. Third-party links on our website are separate and governed by their respective policies.

9. Communication

  • Secure Channels: Clinical or sensitive info is shared via end-to-end encryption for remote care.

  • WhatsApp (Meta): Used for informal check-ins or reminders (e.g., “See you tomorrow!”), not sensitive data—please use secure options for health matters. We will not be liable for any personal data sent by “you” via these platforms.

10. Complaints

Concerned about your data? Email support@mesh-performance.com within 24 hours of an issue. We’ll acknowledge it within 72 hours and aim to resolve it within 7-14 business days, respecting your location’s laws. If unsatisfied:

  • UK clients can escalate to the ICO (details above).

  • Non-UK clients can contact their local data authority—we’ll provide assistance.

11. Changes to This Policy

We may update this policy as our global, cloud-based Services evolve. Significant changes will be emailed or posted on our site. Continued use after updates means you accept them.

12. Contact Us

Questions? Reach us at info@mesh-performance.com