Privacy Policy

Introduction

This privacy policy defines the principles and commitments of NeuriaLabs regarding the protection of personal data. In accordance with applicable legislation, notably the General Data Protection Regulation (GDPR - EU Regulation 2016/679), the California Consumer Privacy Act (CCPA), as well as various national laws governing data protection, NeuriaLabs ensures that any collection, use, storage, and sharing of personal data is carried out in strict compliance with legal obligations and international standards regarding security and privacy.

Objectives of the Policy

This privacy policy applies to anyone interacting with NeuriaLabs, whether through its website, its professional services, its digital platforms, or within the framework of contractual and institutional relationships.

Data Collected and Purposes of Processing

NeuriaLabs only collects data necessary for its activities, in the context of professional and institutional relationships, and ensures that it never engages in excessive or disproportionate collection of information. Collected data may include:

Identification and contact information, such as first name, last name, job title, company, professional email address, and phone number.

Information related to professional exchanges, including communications made with our teams, information requests, and contractual interactions.

Technical and browsing information on our site, such as IP address, browser type, analytical data, and activity logs, exclusively for security and service improvement purposes.

Any other data voluntarily provided by stakeholders as part of their interactions with NeuriaLabs.

Purposes of Processing

These data are collected to enable:

  • The management and monitoring of professional and institutional relationships.

  • The fulfillment of contractual obligations and the services offered.

  • The security of digital interactions and the prevention of cyber threats.

  • The compliance with legal and regulatory obligations.

Legal Basis for Processing

Any collection and processing of personal data carried out by NeuriaLabs is based on strictly defined legal bases:

  • The consent of the data subject when required for certain types of interactions.

  • The execution of a contract or a mission requiring the use of data to fulfill professional obligations.

  • The compliance with a legal or regulatory obligation imposing the retention or transmission of certain information.

  • The legitimate interest of NeuriaLabs in ensuring the effective management of its services, the protection of its information systems, and the optimization of the user experience.

Right to Withdraw Consent

Data subjects have the right to withdraw consent when it constitutes the basis for processing.

Sharing and Transfer of Data

NeuriaLabs is committed to never selling or renting personal data. However, certain information may be shared with third parties under specific and regulated circumstances.

Data may be shared with strategic partners and technical service providers acting as subcontractors, exclusively within the framework of contractual executions and subject to strict constraints by confidentiality clauses and compliance with applicable regulations.

Competent authorities when a legal obligation requires the communication of information within the framework of administrative, judicial, or regulatory procedures.

Third-party institutions in the context of mergers, acquisitions, or restructurings, provided that data protection commitments are maintained and respected.

Transfer of Data Outside the EEA

In case of data transfer outside the European Economic Area or to a jurisdiction with a distinct legal framework, NeuriaLabs guarantees the implementation of adequate protection measures, notably through the adoption of standard contractual clauses recognized by the European Commission or other applicable compliance mechanisms.

Data Security and Protection

NeuriaLabs implements strict security measures to protect personal data against unauthorized access, alteration, loss, or disclosure.

  • The application of advanced encryption protocols for the protection of communications and databases.

  • The establishment of a strengthened authentication system and access control to sensitive information.

  • Continuous monitoring of digital infrastructures to detect and neutralize any attempts at intrusion or malicious exploitation.

  • Regular cybersecurity audits and penetration testing to evaluate the effectiveness of protection measures.

Security Incident Notification

In case of a security incident that has a potential impact on the rights and freedoms of data subjects, NeuriaLabs commits to notifying the competent authorities within regulatory deadlines and informing affected individuals when required.

Data Retention Period

Personal data collected by NeuriaLabs is retained only for the duration necessary for the purposes for which it was obtained and in compliance with legal requirements regarding document retention.

  • The necessity to ensure monitoring of professional and contractual relationships.

  • Regulatory obligations requiring a minimum retention period.

  • Needs for risk management, compliance, and archiving.

Data Deletion

After these periods, the data are either permanently deleted or anonymized for purely analytical purposes.

Rights of Data Subjects and Methods for Exercising Them

Anyone whose data is collected and processed by NeuriaLabs benefits from rights guaranteed by applicable regulations.

  • The right of access allowing obtaining a copy of the data held.

  • The right of rectification in case of inaccuracies or necessary amendments to the information.

  • The right to erasure (“right to be forgotten”) allowing for the deletion of data under certain conditions defined by law.

  • The right to restrict processing allowing for the temporary limitation of data use.

  • The right to object allowing to contest processing based on legitimate interests.

  • The right to data portability allowing to retrieve data in a usable format and transfer it to a third party.

Exercising Rights

To exercise these rights, a written and signed request must be sent to the dedicated email address: contact@neurialabs.com. Any request will be processed within a maximum period of 30 days from its receipt, unless exceptional circumstances require additional time, in which case a notification will be sent to the concerned person.

Cookies and Tracking Technologies

Use of Cookies and Similar Technologies

NeuriaLabs uses cookies and other tracking technologies to ensure the security of digital interactions, optimize the user experience, and ensure compliance with the technical and regulatory requirements of our website and online services. These technologies allow us to analyze the performance of our platform, tailor content according to user preferences, and enhance connection security.

Categories of Cookies Used

The cookies we use are divided into several categories:

  • Strictly Necessary Cookies: These cookies are essential for the proper functioning of our site and the security of digital exchanges. They cannot be disabled as they ensure the stability and protection of the data transmitted through our platforms.

  • Analytical and Performance Cookies: These cookies allow us to evaluate the effectiveness of our site, analyze visitor behavior, and optimize the ergonomics of digital interfaces. All data collected is anonymized and does not allow for personal identification of users.

  • Personalization Cookies: These cookies enhance the user experience by remembering certain preferences, such as display language and browsing settings.

  • Security and Fraud Detection Cookies: These cookies help us prevent intrusion attempts, detect unauthorized access, and ensure enhanced protection against cyber threats.

Management and Configuration of Cookies

Users have the option to manage their cookie preferences via:

  • The consent banner displayed during the first visit to our site, allowing to accept, refuse, or customize the cookies used.

  • The browser settings, which allow blocking or deleting certain cookies.

  • A preferences management module, accessible at any time on our site, to modify settings related to cookies and tracking technologies.

Modifications and Updates of the Privacy Policy

Update Principle

NeuriaLabs commits to keeping this privacy policy up to date to reflect legislative developments, technological advancements, and the latest cybersecurity practices. These updates aim to ensure total transparency regarding methods of processing personal data and guarantee ongoing compliance with international standards regarding data protection.

Notification of Changes

Changes to this policy will be notified in the following ways:

  • Publication of an update notice on our website, mentioning the effective date of the changes.

  • Sending a notification by email, only if the changes directly affect the rights and obligations of the data subjects.

  • Highlighting new provisions in our preferences management module, allowing users to review changes before continuing to use our services.

Contact and Exercising Rights

Contact Point for Any Request Related to Personal Data

NeuriaLabs provides a unique contact point for any question or request related to the management of personal data. Requests can be addressed to the dedicated email address: contact@neurialabs.com. Requests must be accompanied by valid proof of identity to ensure the security of exchanges and to prevent any unauthorized access to personal information.

Right to Lodge a Complaint with Data Protection Authorities

If a data subject believes their data protection rights are not being respected or that the processing carried out by NeuriaLabs violates applicable regulations, they have the right to lodge a complaint with the competent authority in their country of residence or the country where NeuriaLabs is headquartered.

This privacy policy is designed to ensure total transparency, strict compliance with international regulations, and optimal protection of personal data processed by NeuriaLabs. We are committed to maintaining the highest standards of security and privacy and to strictly respecting the rights of data subjects. Anyone using our services is encouraged to regularly review this policy to be fully informed of the evolution of our practices and the measures put in place to ensure the protection of their data.