Your GDPR Rights
Effective date: 24 January 2026
Last updated: 24 January 2026
At NEONOW, we are committed to protecting your personal data and ensuring transparency in how we process it. As a resident of the European Union, you have specific rights under the General Data Protection Regulation (GDPR). This page explains those rights and how you can exercise them.
1. Overview of Your GDPR Rights
Under GDPR, you have the following rights regarding your personal data:
| Right | Description | What It Means |
|---|---|---|
| Right of Access | Article 15 GDPR | Request a copy of all personal data we hold about you |
| Right to Rectification | Article 16 GDPR | Correct inaccurate or incomplete personal data |
| Right to Erasure | Article 17 GDPR | Request deletion of your data (“right to be forgotten”) |
| Right to Restriction | Article 18 GDPR | Limit how we use your data in certain circumstances |
| Right to Data Portability | Article 20 GDPR | Receive your data in structured, machine-readable format |
| Right to Object | Article 21 GDPR | Object to processing based on legitimate interests |
| Right to Withdraw Consent | Article 7(3) GDPR | Withdraw marketing consent at any time |
2. How to Exercise Your Rights
To exercise any of your GDPR rights, please follow these steps:
2.1 Submit a Request
Email us at: [email protected] with the subject line: “GDPR Request – [Your Name]”
Your email must include:
- Full Name: As it appears in our records
- Email Address: Used for your account or purchases
- Specific Right: Which GDPR right you wish to exercise
- Details: Explanation of your request
- Verification: We’ll provide instructions for identity verification
2.2 Verification Process
For security purposes, we must verify your identity before processing any GDPR request. We may ask for:
- Copy of government-issued ID (with sensitive information redacted)
- Confirmation of recent purchases or account activity
- Additional information to confirm your identity
All verification documents are processed securely and deleted after verification.
3. Response Timeline & Process
| Step | Timeline | What Happens |
|---|---|---|
| 1. Acknowledgement | Within 24 hours | We confirm receipt of your request |
| 2. Identity Verification | 1-3 days | We verify your identity and authority |
| 3. Request Processing | Up to 30 days | We gather and prepare your data |
| 4. Delivery/Completion | Within 30 days total | We provide the requested information or confirmation |
Note: In complex cases, we may extend the response period by an additional 2 months, but we will inform you within the first 30 days if an extension is needed.
4. Data We Process About You
When you make a GDPR request, we may provide the following types of data:
- Account Information: Name, email, account creation date
- Purchase History: Orders, transaction IDs, purchase dates
- Communication Records: Emails, support tickets, messages
- Consent Records: Cookie consents, marketing preferences
- Technical Data: IP addresses (anonymized), device information
- Usage Data: Website interactions, download history
5. Fees & Charges
Standard Requests: Free of charge for reasonable requests
Excessive Requests: We may charge a reasonable administrative fee for:
– Repeated requests for the same information
– Manifestly unfounded or excessive requests
– Additional copies after the first free copy
If we intend to charge a fee, we will inform you in advance.
6. Limitations & Exceptions
In certain circumstances, we may not be able to fulfill your request due to:
| Situation | GDPR Exception | Explanation |
|---|---|---|
| Legal Obligations | Article 17(3)(b) | We must retain certain data for tax or legal compliance |
| Contractual Necessity | Article 17(3)(e) | Data needed to fulfill ongoing contractual obligations |
| Public Interest | Article 17(3)(d) | Scientific, historical, or statistical research purposes |
| Legal Claims | Article |