GDPR Compliance
Last updated: 18 June 2026
1. Overview
Neurivox is committed to protecting the personal data of users in the European Union and European Economic Area in accordance with the General Data Protection Regulation (GDPR) β Regulation (EU) 2016/679. This page explains your rights and how we comply with GDPR requirements.
2. Data Controller
The data controller responsible for your personal data is Neurivox. Contact: hello@neurivoxs.com. For all data protection enquiries, including requests to exercise your rights, please use this email address.
3. Personal Data We Process
We process the following categories of personal data: (a) Contact information you submit via our contact form β name, email address, company name, country, industry, and message content; (b) Analytics data β anonymised page views, device type, and geographic region collected via Google Analytics 4 and Microsoft Clarity. We do not process special categories of personal data (Article 9 GDPR).
4. Legal Bases for Processing
We rely on the following legal bases under Article 6 GDPR: Article 6(1)(b) β processing necessary to take steps at your request prior to entering a contract, for contact form submissions; Article 6(1)(f) β processing necessary for our legitimate interests in improving our website and understanding user behaviour, for analytics data. We do not rely on consent for core site functionality. Where we use cookies that require consent, we obtain it via our cookie consent mechanism.
5. Your Rights Under GDPR
As a data subject in the EU/EEA, you have the following rights: (a) Right of access (Article 15) β request a copy of the personal data we hold about you; (b) Right to rectification (Article 16) β request correction of inaccurate data; (c) Right to erasure (Article 17) β request deletion of your personal data; (d) Right to restriction of processing (Article 18) β request that we limit how we use your data; (e) Right to data portability (Article 20) β receive your data in a machine-readable format; (f) Right to object (Article 21) β object to processing based on legitimate interests; (g) Rights related to automated decision-making (Article 22) β we do not carry out automated decision-making with legal or significant effects. To exercise any of these rights, contact us at hello@neurivoxs.com. We will respond within 30 days.
6. Data Retention
Contact form data is retained for 36 months from the date of submission unless a longer retention period is required to fulfil contractual obligations. Analytics data is retained in accordance with the default retention settings of Google Analytics 4 (14 months) and Microsoft Clarity (30 days for session recordings). You may request deletion of your personal data at any time.
7. International Data Transfers
We use Google Analytics 4 (Google LLC, USA) and Microsoft Clarity (Microsoft Corporation, USA). Both providers transfer data outside the EEA. These transfers are covered by Standard Contractual Clauses (SCCs) approved by the European Commission. By using our website, you acknowledge that your data may be processed in the United States under these safeguards.
8. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including TLS/HTTPS encryption for all data in transit, access controls limiting data access to authorised personnel only, and regular security reviews. In the event of a personal data breach affecting EU/EEA residents, we will notify the relevant supervisory authority within 72 hours where required by Article 33 GDPR.
9. Supervisory Authority
If you are located in Germany, you have the right to lodge a complaint with the relevant German data protection authority (DatenschutzbehΓΆrde). For EU-wide complaints, you may contact the supervisory authority in your EU member state of residence or place of work.
10. Contact Us
For all GDPR-related enquiries, requests to exercise your rights, or to report a concern, contact us at: hello@neurivoxs.com. We aim to respond to all data subject requests within 30 calendar days.