PRIVACY POLICY
NEOLIXUM

Effective Date: 06.06.2024

This Privacy Policy (hereinafter – the “Privacy Policy”) outlines how the Neolixum platform (hereinafter – the “Neolixum”, “we”, “us”, “our”) collects, uses, processes, stores, and discloses information from users of our website neolixum.com (“Website”) in order to provide you with our Services. We are committed to respecting the privacy of all users and ensuring that their Personal Data is treated confidentially and in accordance with applicable laws and regulations, including the EU General Data Protection Regulation (GDPR), ePrivacy Directive, and The Data Protection Act.

This Privacy Policy applies to the Website, the Services, and products offered by Neolixum (whenever you use Services through the Website or by corresponding with us - for example, by e-mail or by filling a messaging form on the Website). We assume that you have carefully read this document and accepted it.

By using the Website, our Services, and products offered by Neolixum contacting us you express your consent to the terms of this Privacy Policy. By clicking the send-checkbox while filling a messaging form on the Platform you provide us with your explicit consent to the terms of this Privacy Policy and all the data practices described in this Privacy Policy and in the Terms of Use including the processing, storage, and usage of your Personal Data. If you disagree with this Privacy Policy, then you should refrain from using our Website, and/or Services. This Privacy Policy is an integral part of our Terms of Use.

1. What is personal data and why we process it:

Personal data, according to the GDPR, refers to any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier, such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

At Neolixum, we process personal data for various reasons, depending on the context of the collection. The primary purpose of collecting and processing personal data is to provide you with the best possible experience and to deliver the services you have requested.

Here are some reasons why we process personal data:
  • Delivering Services: we process your personal data to provide you with the services you have requested, such as responding to your inquiries, offering support, and processing transactions (GDPR Art. 6.1.b).
  • Marketing and Promotional Communications: with your consent, we process your personal data to send you marketing or promotional materials, such as newsletters, updates, and special offers (GDPR Art. 6.1.a).
  • Platform Analysis: we process your personal data to analyze the efficiency of our platform, identify areas for improvement, and optimize the user experience (GDPR Art. 6.1.f).
  • Legal Obligations: we process your personal data to comply with our legal and regulatory obligations, such as KYC/AML requirements and responding to court orders or subpoenas (GDPR Art. 6.1.c).

Neolixum will only process your personal data for the purposes outlined in this Privacy Policy, and we will not process it for any other purpose without your consent.

2. Personal data we process:

As part of providing Services and creating our creative solutions, Neolixum may process the following categories of personal data:
  • Identifying information, such as your title, name, surname, date of birth, birth number, and ID card number
  • Contact information, such as your permanent residence address, email address, and telephone number
  • Information related to your employment, such as your employee number
  • If you are a sole proprietor, we may also process your personal data, such as your business ID, tax ID, VAT ID, business name, and place of business
  • Information about individuals acting on behalf of legal entities, such as personal data about managers, members of the board of directors, authorized or proxy holders
  • Video or audio recordings of calls with customers
  • Photographs sent us by customers
  • Information related to the use of our websites, such as cookies
  • Information about IP address allocation
  • Information from publicly accessible sources, such as information provided on social media (e.g., your Facebook and Instagram profiles) or information you have posted on websites or mobile applications that provide services focused on business and employment (e.g., LinkedIn)

3. To whom we disclose personal data:

In some cases, it may be necessary for Neolixum to share your personal data with third parties. We assure you that we only do so when it is necessary and that we take steps to ensure that the third parties process the data in accordance with GDPR and the Law.

Here are the categories of recipients of your personal data:
  • Authorized employees within our company who have access to your personal data are bound by confidentiality and their obligation continues after the end of their employment with us
  • Our contractual partners who process your personal data on our behalf to the extent necessary for the specified purpose. We have taken steps to ensure that our contractual partners provide sufficient security, technical, organizational, and personnel measures to ensure the protection of your rights.
  • Our contractual partners who process your personal data on the instructions of the controller, with whom we have concluded a contract for the processing of personal data as an intermediary, to the extent necessary for the specified purpose.
  • Law enforcement authorities, courts, executors, and other authorities to fulfill our legal obligations or to respond to their requests.

Neolixum may update this list of recipients from time to time, depending on the specific purpose of processing your personal data.

4. Purposes of processing personal data:

Neolixum only collects and processes personal data for specific, predetermined purposes. Our services are diverse, and we may collect personal data for a variety of reasons, including:

  • To provide our services to you: we may collect personal data such as your name, contact details, and other identifying information to enable us to deliver our services to you. This may be a requirement for the conclusion of a contract with us, and failure to provide this information may result in our inability to provide services to you.
  • Invoicing and payment processing: we may process personal data such as your name, contact details, and bank account information to enable us to issue invoices and process payments. This is a legal requirement for us to be able to conduct business.
  • Communication with you: we may process your personal data to enable us to communicate with you regarding our services, updates, and other relevant information. This may be a requirement for the performance of a contract with you or for our legitimate business interests.
  • Direct marketing: we may process your personal data to send you marketing materials, such as newsletters, promotions, and special offers. This will only be done with your explicit consent, and you may withdraw this consent at any time.
  • Event planning and management: we may process your personal data to enable us to plan and manage events, including verifying attendance, arranging accommodation, and processing competition entries. This may be a requirement for the performance of a contract with you or for our legitimate business interests.
  • Recruitment: we may process your personal data to enable us to evaluate your suitability for a role with us and to communicate with you regarding the recruitment process. This may be a requirement for the performance of a contract with you or for our legitimate business interests.
  • For other purposes arising from our contracts with our partners: we may process your personal data for other purposes as required by our contracts with our partners. This will only be done in accordance with applicable data protection laws and regulations.

5. Duration of retention of personal data:

Neolixum is committed to processing personal data only for the necessary period of time and always in compliance with applicable laws. The length of retention of personal data depends on the purpose for which we process the data.

Personal data provided to us for the purpose of performing a contract with you as the data subject will be stored for the entire duration of the contract and after the termination of the contractual relationship until the expiry of any limitation periods relating to the rights and obligations related to the customer contract. This is typically for a period of 10 years from the end of the contractual relationship.

In the event that the data subject makes any claim against us, or in the event of any judicial, administrative, or other proceedings relating to the contract or the service provided under it, we will process the necessary personal data of the data subject until the full and final settlement of all disputed claims or until a final and binding decision has been made that puts an end to the relevant proceedings, and the expiry of the limitation period for the enforcement of the relevant final decision reached in the proceedings.

If the processing of personal data is based on your consent, we will process the data until you withdraw your consent. For example, personal data collected for marketing purposes or through cookies will be processed for as long as this consent is valid for marketing purposes/consent to the use of cookies.

We regularly review our retention periods to ensure that we are not retaining personal data for longer than necessary.

6. International data transfers

Neolixum confirms that all Personal data is stored on Neolixum’s or third party servers located in the EU/EEA and/or subject to any national localisation requirements in the respective countries, where such requirements exist.

If necessary for service provision or to ensure convenient and reliable communication with data subjects, Neolixum transfers personal data outside of the EU/EEA, the UK, or other jurisdictions (if applicable) to the third-parties and recipients.

When transferring personal data outside the EEA or the UK, Neolixum implements appropriate safeguards as set out in Chapter V of the EU GDPR or UK GDPR, such as transferring based on an EU Adequacy Decision (or UK Adequacy Regulations) or by concluding Standard Contractual Clauses.

In cases of international data transfers from other jurisdictions (when we provide services on behalf of companies outside of Europe), we either transfer personal data to countries with an adequate level of protection or using data transfer tools provided for in applicable laws, such as appropriate contractual measures.

7. Security:

Neolixum prioritizes the security of your personal data and handles it in compliance with applicable laws and regulations, including the GDPR and the Data Protection Act. We have implemented appropriate security, technical, organizational, and personnel measures to protect your personal data against any damage, destruction, loss, or other misuse.

We store your personal data in electronic form in databases and systems that are secured and monitored. Access to your personal data is limited to authorized personnel who need to process it for the purposes specified in this policy. We regularly review and improve the quality of our security measures to ensure the highest level of protection for your personal data.

8. Processing of children's personal data:

Neolixum can only process the personal data of children, who are individuals under the age of majority as per the national laws of the client's country, when the client confirms that the person with parental responsibility for the child has given their consent. Alternatively, the child can also give their consent according to national laws without the need for parental consent.

In case Neolixum unintentionally receives a child's personal data, it will be promptly deleted.

9. Cookies on Our Website

We utilize cookies on our website to enhance your browsing experience. Cookies are small text files that are stored in your browser's memory and contain information about your visit to the website. These files are anonymous and contain data such as language, browser, and other settings when you view the page.

Some cookies are sent by your browser to us to analyze site traffic. The cookies that your browser sends to us are used to analyze the flow of information, personalize services, content, and advertising, measure the effectiveness of promotions, and promote trust and security. These data are anonymous, aggregated, and do not harm your device. We use Google Analytics to analyze the data.

Consent to Use Cookies

By clicking on the appropriate "I agree" box that appears on our website, you consent to the use of cookies.

Changing Cookie Settings

You can change the cookie settings within your internet browser. By deleting or blocking cookies, you will be able to visit our website, but some features may not work properly.

10. Your data protection rights:

As a data subject, you have the following rights under the GDPR and the Data Protection Act:
  • Right of access to personal data: you have the right to request confirmation of whether we are processing your personal data, and if so, you have the right to obtain access to that personal data. You will be provided with a copy of the personal data that is being processed. For any further copies that you request, a reasonable fee may be charged corresponding to the administrative costs.
  • Right to rectification you have the right to have us rectify inaccurate personal data concerning you without undue delay. With regard to the purposes of the processing, you have the right to have incomplete personal data completed, including by providing a supplementary declaration.
  • Right to erasure ("right to be forgotten"): you have the right to have your personal data erased and to stop being processed if:
    (a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
    (b) you have withdrawn your consent or objected to the processing of personal data concerning you; or
    (c) the processing of your personal data is not in accordance with the GDPR or the Data Protection Act for other reasons.
  • Right to restrict processing: you have the right to have us restrict processing if:
    (a) you contest the accuracy of the personal data, for a period enabling us to verify the accuracy of the personal data;
    (b) the processing is unlawful, and you oppose the erasure of the personal data and request the restriction of its use instead; or
    (c) we no longer need the personal data for the purposes of the processing, but you require it for the establishment, exercise, or defense of legal claims. If you have obtained a restriction of processing, we will inform you before the restriction is lifted.
  • Right to data portability: if the processing of personal data is carried out by automated means, you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, machine-readable, and interoperable format. You also have the right to request us to transmit your personal data to another controller that you choose.
  • Right to object: you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you
  • Right to withdraw consent (if applicable): you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on consent given before its withdrawal.
  • Right to lodge a complaint with a supervisory authority: if you believe that we are processing your personal data in breach of applicable law, you have the right to lodge a complaint with the national data protection supervisory authority. In Latvia, this is the Data State Inspectorate of Latvia.

You can exercise your rights by sending us an email to [email protected] with the subject line "Personal Data Protection."

11. Changes to this Privacy Policy

This Privacy Policy is constantly reviewed and amended to comply with the relevant data protection laws.

Neolixum reserves the right to amend this Policy at any time and for any reason. Any amendments will be effective immediately upon us posting the updated Privacy Policy on our Website. You are invited to review this Privacy Policy anytime to stay informed about updates.