Privacy Policy

1. Personal Data We Collect

We collect various types of information (referred to collectively as "personal data") for different purposes:

• Information You Provide Directly: When you engage with NeoStats (e.g. by creating an account, signing up for newsletters, requesting a demo or consulting service, or contacting us), you may provide personal data. This can include your name, business contact details (email address, phone number, job title, company name), login credentials (such as username and password for an account on our platform), billing or payment information, and any data you choose to upload to our platform for analysis. We also keep records of communications you send us, such as support requests or feedback.
• Usage & Device Data: We collect data about how you and your users interact with our Services. This includes log files and analytics data: your IP address, approximate location, device type, browser type, operating system, unique device identifiers, and usage information such as pages visited, features used, time spent on our site, and error logs. We use cookies and similar technologies (see our Cookie Policy) to gather some of this data.
• Automatically Collected Data: We maintain telemetry and diagnostic data from our software and platform. This includes system logs, error or performance reports, and instrumentation data that help us troubleshoot issues and improve our Services.
• Information from Third Parties: With your consent or as part of specific features, we may receive information from third-party sources. For instance, if you integrate a third-party service or database with our platform, we will collect and process the data from that source as needed to provide the integration. We may also obtain business contact information or demographic data about prospective clients from reputable providers for marketing and sales purposes, but only where permitted by law.

We do not knowingly collect personal data from children under 16 years of age, nor are our Services intended for minors. If you are a parent or guardian and believe your child has provided us with personal information without consent, please contact us so we can delete it.

2. How We Use Personal Data

We use the personal data we collect for the following purposes (in accordance with applicable law):

• To Provide and Operate the Services: We use personal data to deliver the features and functionality of our platform and services you request. This includes using contact information to create and manage user accounts, processing data you upload to generate analytics results, and providing customer support or professional services as needed.
• To Improve and Develop the Services: We analyze usage and telemetry data to understand performance, fix bugs, and enhance our Services. For example, we might track how often certain features are used to guide product improvements, or review error logs to improve stability and security.
• To Communicate with You: We use your contact details to send service-related communications (account confirmations, technical or security alerts, legal/policy updates) and, where permitted, marketing communications such as newsletters, product updates, event invitations, or special offers we think may interest you. If required by law, we will obtain your consent for marketing communications. You can opt out of marketing messages at any time (see "Your Rights & Choices" below).
• For Security and Fraud Prevention: We use personal and usage data to monitor, prevent, and address fraud, unauthorized access, security breaches, and other harmful or unlawful activities. This may involve using automated systems to detect anomalous behaviour or potential security incidents on our platform and taking appropriate action.
• For Legal Compliance: We may process personal data to comply with our legal or regulatory obligations. For example, we may retain certain records for financial reporting or to comply with laws, or use information to respond to lawful requests by public authorities (including to meet national security or law enforcement requirements).

Lawful Bases for Processing (EEA/UK and Similar Jurisdictions): For personal data subject to European or similar laws, we ensure each use has a lawful basis. Our primary legal grounds for processing include: (a) Contractual necessity (to provide the Services and fulfill our contracts with you); (b) Legitimate interests (such as improving our Services, securing our platform, or direct communication, balanced against your privacy rights); (c) Consent (for example, for optional cookies or direct marketing – you can withdraw consent at any time); and (d) Legal obligation (complying with laws and regulations). We will identify the specific legal basis when required by law.

3. How We Share Personal Data

We understand the importance of your data and share personal data only in the following circumstances:

• With Service Providers (Processors): We employ trusted third-party companies and individuals to support our Services – for instance, cloud infrastructure providers, data center hosts, analytics providers, payment processors, CRM or email communication tools, and customer support platforms. These third parties may process personal data on our behalf for the purposes described in this Policy (for example, storing data on secure servers, processing payments, or sending emails to you). They are bound by contractual obligations to keep personal data confidential and use it only for the contracted services.
• Within Our Corporate Group: If NeoStats has affiliates or subsidiaries, we may share personal data within our corporate family to support and provide the Services (for example, if certain operations or support are provided by our affiliate in another region). All group entities will uphold the privacy protections described in this Policy.
• In Business Transactions: If we are involved in a merger, acquisition, restructuring, or sale of assets, personal data may be transferred to a successor or affiliate as part of that transaction. We will ensure the recipient of personal data commits to privacy protections consistent with this Policy.
• For Legal or Safety Reasons: We may disclose personal data as required to comply with applicable laws or respond to valid legal processes (such as subpoenas or court orders). Additionally, if necessary, we may disclose data when we believe in good faith that it's appropriate to protect the rights, property, or safety of NeoStats, our users, or others, or to enforce our Terms of Service.
• With Consent: We will share personal data with third parties when we have your explicit consent to do so. For example, if you agree to allow us to share your testimonial on our website or to share your contact info with a partner, we will do so in accordance with your agreement.

We do not sell your personal information. We may share aggregated or anonymized data (which cannot identify you personally) for purposes such as industry analysis, research, or marketing – in such cases, the information will not identify you.

4. Cookies & Tracking Technologies

NeoStats uses cookies and similar tracking technologies on our Site and Services. Cookies are small text files placed on your device to store information. These technologies help us operate, analyze, and personalize our Services (for full detail, see our Cookie Policy). In summary:

• Essential Cookies: These are necessary for our Site's core functionality – e.g., to remember your login, provide secure authentication, and maintain your session. We cannot provide our Services without them, and they are generally active by default (they do not typically require consent as they are strictly needed).
• Functional Cookies: These remember user preferences and enhance usability – for example, keeping track of your chosen language or interface settings to improve your experience.
• Analytics Cookies: These collect data about how visitors use our Site (such as pages visited and links clicked) to help us understand performance and improve our Services. We may use third-party analytics (like Google Analytics) with such cookies, configured to anonymise data as required.
• Advertising Cookies: We currently do not use third-party advertising cookies on neostats.ai. If we introduce advertising or targeted marketing cookies in the future, we will update our Cookie Policy and request any necessary consents.

Our use of cookies might vary based on region: where required by law (e.g., in the EU/UK), we will obtain your consent before using any non-essential cookies. You can manage or disable cookies at any time (see our Cookie Policy and Your Choices below).

5. Data Security

NeoStats implements industry-standard security measures to protect personal data from loss, misuse, and unauthorized access or disclosure. These measures include encryption of data in transit and at rest (where appropriate), access controls and authentication measures to limit access to your data, network and infrastructure security technologies (such as firewalls and intrusion detection systems), and regular security assessments and training for our staff. We also have internal policies and procedures to manage data securely and to respond to any potential incidents.

However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials safe. If you believe your account or data may have been compromised, please contact us immediately.

6. Data Retention

We retain personal data only as long as necessary for the purposes described in this Policy, or as required by law. This means we will keep your data for as long as you have an account or an ongoing relationship with us, and thereafter for the period needed for us to comply with legal obligations (such as maintaining business or financial records), resolve disputes, or enforce our agreements. We may retain some usage data in a de-identified or aggregated form for longer to help us improve and understand our services, but not in a way that identifies any individual. When personal data is no longer required, we will delete or anonymize it in a secure manner.

7. International Data Transfers

NeoStats is a global provider. By using our Services or providing us with personal data, you acknowledge that your data may be transferred to and stored on servers outside of your country, including in the United Arab Emirates and other jurisdictions. We comply with legal requirements for cross-border data transfers. For example, if you reside in the European Economic Area (EEA), United Kingdom, or other regions with data transfer restrictions, we ensure appropriate safeguards are in place for transferring your data outside of those regions. These safeguards may include signing Standard Contractual Clauses (SCCs) approved by the European Commission, relying on adequacy decisions, or obtaining your consent where required. We also comply with applicable legal requirements for cross-border transfers under the UAE PDPL (which may include seeking regulatory approval for certain data transfers if required by law). For more information about our transfer safeguards, you can contact us (see Contact Us below).

8. Your Rights & Choices

8.1 Access, Correction, Deletion, and Other Rights.

Depending on your location and applicable laws, you may have certain rights regarding your personal data. These may include:

• Access: You can request confirmation of whether we are processing your personal data, and obtain a copy of the personal data we hold about you.
• Correction: You can ask us to correct or update inaccurate or incomplete personal data.
• Deletion: You can request deletion of certain personal data we hold about you (for example, if it is no longer needed for the purposes for which it was collected), subject to some exceptions (such as if we are legally required to keep it).
• Objection & Restriction: You can object to certain processing (like direct marketing), or ask us to restrict processing of your data in certain circumstances (for instance, if you contest its accuracy or lawfulness).
• Portability: Where applicable, you can request an electronic copy of personal data that you provided to us, for your own re-use.
• Withdraw Consent: If you have given consent to any data processing (for example, to receive marketing emails or for optional cookies), you have the right to withdraw your consent at any time. This will not affect the legality of any processing that occurred before you withdrew consent.

To exercise these rights, please see Contact Us below. We will verify your identity and respond within the timeframe required by law. Some rights may be limited by local law (for example, we might not be able to provide certain data if it involves the privacy of another individual or if we are legally prevented from disclosing it).

8.2 Privacy Rights Specific to Certain Jurisdictions:

• California (CCPA/CPRA): If you are a California resident, you have the right to know what personal information we collect, the right to request deletion or correction of your information (with certain exceptions), and the right to opt out of the "sale" or "sharing" of personal information. While NeoStats does not sell personal information for monetary compensation, some data sharing for interest-based advertising might be considered a "sale" or "sharing" under California law. In such cases, we will provide a "Do Not Sell or Share My Personal Information" link on our website to allow you to opt out. We will also recognise Global Privacy Control (GPC) signals from supported browsers as a valid request to opt-out of sale/sharing for California residents. We will not discriminate against you for exercising your CCPA/CPRA rights.
• EU/UK (GDPR): If you are in the EEA, UK, or similar jurisdictions, you have all the data subject rights outlined above (access, correction, erasure, objection, restriction, portability, and the right not to be subject to certain automated decision-making). You also have the right to lodge a complaint with your supervisory authority (e.g., your country's data protection regulator or the UK's Information Commissioner's Office) if you believe we have violated your data protection rights. We ask that you give us the chance to address your concerns first.

8.3 Managing Communication Preferences.

You can opt out of marketing emails at any time by clicking the "unsubscribe" link in those emails or by contacting us. Please note, even if you opt out of marketing, we may still send you transactional or service-related messages (such as password resets or security alerts) as these are necessary for the operation of the Services.

9. Updates to this Policy

We may update this Privacy Policy occasionally to reflect changes in our practices or for legal reasons. If we make material changes, we will notify you by posting an updated Policy on our Site and updating the "Effective Date" above. In some cases, we may provide additional notice (e.g., by email or a pop-up notification). Your continued use of the Services after this Policy is updated will constitute acceptance of the changes. We encourage you to review this page periodically for the latest information on our privacy practices.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please get in touch with us:

• Email: sales@theneostats.com
• Postal Address: Data Protection Officer – NeoStats Analytics Solutions, 710 B, The Ibn Battuta Gate Offices, Jabal Ali, Dubai, U.A.E

We will respond to your inquiries or requests within a reasonable timeframe and in accordance with applicable law. We are committed to working with you to resolve any privacy concerns.