Privacy Policy
Effective date: 24 January 2026
Last updated: 24 January 2026
This Privacy Policy explains how NEONOW (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit our website or interact with our services. We comply with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.
1. Information We Collect
When you use our website, we may collect the following information:
- Personal Information: Name, email address, billing details (processed securely via third-party payment providers)
- Order Information: Products purchased, transaction ID, purchase date, billing address
- Newsletter Subscriptions: Email address, subscription date, consent timestamp, preferences
- Technical Data: IP address (anonymized), browser type, device information, operating system, pages visited, time spent on site
- Consent Records: Your cookie preferences, marketing consent status, consent timestamps
We do not store credit card details on our servers. All payments are processed by PCI-DSS compliant third-party providers.
2. How We Use Your Information
We use your information only for the following purposes:
- Process and deliver digital products (logo systems, visual identity packages)
- Communicate with you about your order and provide customer support
- Send newsletter updates about new system releases, branding insights, and company updates (only with your explicit consent)
- Improve website performance, usability, and user experience through analytics
- Comply with legal, tax, and accounting obligations
- Prevent fraud and ensure website security
- Personalize your experience (with your consent)
We do not sell, rent, or trade your personal data to third parties for marketing purposes.
3. Legal Basis for Processing (GDPR Compliance)
We process your personal data based on the following legal grounds:
- Contractual Necessity: To fulfill your purchase and deliver ordered products
- Consent: For newsletter communications and non-essential cookies (you can withdraw at any time)
- Legal Obligations: For accounting, tax records, and regulatory compliance
- Legitimate Interests: For website security, basic analytics, and fraud prevention
4. Data Storage & Security
Your data is protected through multiple security layers:
- Data is stored on encrypted servers with limited access
- Industry-standard SSL/TLS encryption for data transmission
- Regular security audits and vulnerability assessments
- Access limited to authorized personnel with confidentiality agreements
- Secure payment processing through PCI-DSS compliant providers
We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law.
5. Third-Party Services
We use trusted third-party services that may process your data:
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Google Analytics 4 | Website analytics, performance tracking | Anonymized IP, usage statistics, device info | Google Privacy |
| Facebook Pixel | Conversion tracking, audience insights | Pseudonymized data, page views | Facebook Data Policy |
| Mailchimp | Email marketing, newsletter management | Email address, name, consent status | Mailchimp Privacy |
| Stripe | Secure payment processing | Order details, billing information, payment data | Stripe Privacy Policy |
| PayPal | Secure payment processing | Order details, billing information, payment data | PayPal Privacy Policy |
| Hosting Provider | Website infrastructure | Technical logs, backup data | Hostinger Privacy |
All providers have signed Data Processing Agreements (DPA) with us and comply with GDPR requirements.
6. International Data Transfers
As we use services based in the United States (Google, Facebook, Mailchimp, Stripe, PayPal), your data may be transferred outside the European Economic Area (EEA). These transfers are protected by:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions where applicable
- Additional safeguards including encryption, pseudonymization, and strict access controls
You can request details about specific transfer mechanisms by contacting us.
7. Data Retention Periods
We retain personal data only as long as necessary:
| Data Type | Retention Period | Legal Basis |
|---|---|---|
| Newsletter subscribers | Until unsubscribe request | Consent |
| Purchase records | 10 years from transaction | Legal obligation (tax) |
| Google Analytics data | 14 months | Legitimate interest |
| Contact form inquiries | 3 years from last contact | Legitimate interest |
| Cookie consent records | 6 months | Legal compliance |
| Financial records | 10 years | Legal obligation |
| Backups containing personal data | 30 days | Legitimate interest |
After these periods, data is either anonymized (for statistical purposes) or securely deleted.
8. Your GDPR Rights
As an EU resident, you have the following rights under GDPR:
- Right of Access – Request a copy of your personal data we hold
- Right to Rectification – Correct inaccurate or incomplete data
- Right to Erasure – Request deletion of your data (with exceptions)
- Right to Restriction – Limit processing in certain circumstances
- Right to Data Portability – Receive your data in structured, machine-readable format
- Right to Object – Object to processing based on legitimate interests
- Right to Withdraw Consent – Withdraw marketing consent at any time
- Right to Lodge a Complaint – File a complaint with your national supervisory authority
9. How to Exercise Your Rights
To exercise any of your rights, contact us at: [email protected]
Please include:
- Your full name
- Email address used with our service
- Specific right you wish to exercise
- Details of your request
- Copy of ID (for verification purposes only)
Response Time: We will respond within 30 days of receiving your verified request.
Cost: All reasonable requests are free of charge.
10. Cookies & Tracking Technologies
We use cookies and similar technologies:
- Essential Cookies: Required for website functionality (always active)
- Analytics Cookies: Google Analytics (optional, requires consent)
- Marketing Cookies: Facebook Pixel (optional, requires consent)
You can manage cookie preferences through:
- Our cookie banner (first visit)
- Browser settings
- Google Analytics opt-out browser add-on
- Facebook ad preferences
For detailed information about all cookies we use, see the table below.
10.1 Detailed Cookie Information
| Cookie Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| _ga | Google Analytics | Distinguishes users | 2 years | Analytics |
| _gid | Google Analytics | Distinguishes users | 24 hours | Analytics |
| _fbp | Facebook Pixel | Conversion tracking | 3 months | Marketing |
| cookie_consent | NEONOW | Remembers cookie preferences | 6 months | Necessary |
| PHPSESSID | NEONOW | Maintains user session | Session | Necessary |
| mailchimp_landing_site | Mailchimp | Newsletter signup tracking | 1 month | Marketing |
10.2 How to Control Cookies
You can control and/or delete cookies as you wish:
- Browser Controls: Most browsers allow you to refuse or accept cookies. See your browser’s help section for instructions.
- Third-Party Tools: Use privacy-focused browser extensions to manage cookies.
- Mobile Devices: Check your device settings for cookie controls.
- Do Not Track: We respect Do Not Track (DNT) signals. If enabled, analytics and marketing cookies are automatically disabled.
11. Automated Decision-Making & Profiling
We do not:
- Use fully automated decision-making processes
- Create detailed individual user profiles
- Make decisions that significantly affect you based solely on automated processing
Any analytics are used for aggregated insights and website improvement, not individual profiling.
12. Children’s Privacy
Our website and services are not directed at children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
13. Changes to This Policy
We may update this Privacy Policy periodically. Significant changes will be:
- Posted on this page with updated “Last updated” date
- Communicated via email to subscribers (if material changes)
- Highlighted on our website for 30 days
We encourage you to review this policy regularly.
14. Contact Information
For GDPR requests and privacy concerns:
Email: [email protected]
For general inquiries:
Email: [email protected]
Our commitment: We take your privacy seriously and are committed to protecting your personal data in accordance with GDPR and best practices.
15. Supervisory Authority
If you believe we’re not processing your data lawfully, you have the right to lodge a complaint with your national data protection authority. Find your authority:
List of EU Data Protection Authorities
Your GDPR Rights
To learn more about your rights and how to exercise them, visit our GDPR Rights page.