Privacy Policy

Introduction

NeonArchitect SARL ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, and protect the data we collect from users of our website and services. We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws.

By using our website and services, you consent to the data practices described in this policy. If you do not agree with these practices, please do not use our website or services.

Data Controller Information

Data Collection

The data we collect includes personal information that you voluntarily provide to us and technical information that is automatically collected when you visit our website. We are transparent about what data we collect and why we collect it, ensuring that all collection is lawful and necessary for our legitimate business interests.

Information You Provide

• Contact information (name, email address, phone number) when you contact us or request our services
• Service preferences and requirements when you enquire about supplement analysis
• Communication content when you send us messages or participate in consultations
• Payment information when you purchase our services (processed securely through third-party payment processors)
• Feedback and survey responses when you choose to provide them

Automatically Collected Information

• Website usage data (pages visited, time spent, click patterns)
• Technical information (IP address, browser type, device information, operating system)
• Cookies and similar tracking technologies (as described in our Cookie Policy)
• Referral sources and search terms that led you to our website

How We Use Your Information

We use your personal data for specific purposes based on legal grounds under GDPR. How we use your information depends on the type of data and the context in which we collected it. We process your data fairly and transparently, ensuring that our use aligns with your expectations and our legitimate business interests.

Primary Uses

• Providing supplement comparison and analysis services as requested
• Communicating with you about your enquiries and our services
• Processing payments and managing billing for our services
• Improving our website functionality and user experience
• Conducting research to enhance our analysis methodologies
• Complying with legal obligations and regulatory requirements

Marketing and Communication

With your consent, we may use your contact information to send you updates about our services, industry insights, and relevant supplement research. You can opt out of marketing communications at any time by following the unsubscribe instructions in our emails or contacting us directly.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, their purposes, and how to control them, please refer to our comprehensive Cookie Policy.

Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We may share your data only in the following limited circumstances, and always with appropriate safeguards in place:

• Service Providers: Trusted third-party companies that help us operate our business (hosting, payment processing, email services)
• Legal Requirements: When required by law, regulation, or legal process
• Business Transfers: In the event of a merger, acquisition, or sale of business assets
• Protection: To protect our rights, property, or safety, or that of our users or others

All third-party service providers are required to maintain appropriate security measures and use your data only for the purposes we specify.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Our data retention practices are designed to balance your privacy rights with our legitimate business needs and legal obligations.

• Contact Information: Retained for the duration of our business relationship plus 3 years for potential future services
• Service Data: Analysis reports and related information retained for 7 years for quality assurance and legal compliance
• Website Analytics: Anonymised usage data retained for 26 months for website improvement purposes
• Marketing Data: Retained until you withdraw consent or 2 years of inactivity

When data is no longer needed, we securely delete or anonymise it in accordance with our data retention schedule and applicable regulations.

Your Rights

Under GDPR and other applicable data protection laws, you have specific rights regarding your personal data. We are committed to facilitating the exercise of these rights and will respond to your requests within the required timeframes.

• Right of Access: Request a copy of the personal data we hold about you
• Right of Rectification: Request correction of inaccurate or incomplete data
• Right of Erasure: Request deletion of your personal data under certain circumstances
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Request transfer of your data to another service provider
• Right to Object: Object to certain types of processing, including direct marketing
• Right to Withdraw Consent: Withdraw consent for processing based on consent

To exercise any of these rights, please contact us at privacy@neonarchitect.pro or +352 28756346. You also have the right to lodge a complaint with your local data protection authority.

Data Security

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security practices are regularly reviewed and updated to address emerging threats and maintain the highest standards of data protection.

• Encryption of data in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection and security
• Incident response procedures and breach notification protocols

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.

International Transfers

As a Luxembourg-based company, we primarily process data within the European Economic Area (EEA). However, some of our service providers may be located outside the EEA. When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard Contractual Clauses approved by the European Commission
• Binding Corporate Rules for multinational companies
• Certification schemes and codes of conduct

Children's Privacy

Our services are not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete such information promptly.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

We encourage you to review this policy periodically to stay informed about how we protect your privacy and handle your personal data.

Contact Information

If you have any questions about this Privacy Policy, need to exercise your rights, or want to contact us about your personal data, please reach out to us using the following contact information: