neuRealities Privacy and Cookie Policy

1. Introduction

Welcome to neuRealities Inc.'s privacy policy. neuRealities is committed to safeguarding the privacy and accuracy of the Personal Data of our website visitors.

This website is not intended for children, and we do not knowingly collect data relating to children.

2. Definitions

California Consumer Protection Act (CCPA)

A state statute that enhances privacy rights and consumer protection for California residents. It gives consumers more control over their personal information, including the right to know what data is collected, the right to delete personal information, and the right to opt-out of the sale of their data. The CCPA imposes data protection duties on certain businesses and aims to regulate how they collect, use, and share personal information.

Cookies

Cookies are small file(s) stored on your device (computer, mobile device, or virtual reality headset) when browsing a website.

Data Controller

Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes and manner personal information Is processed.

Data Processors (or Service Providers)

Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller.

Data Subject (or User)

Data Subject is any living individual who is using our service [JJ2] and is the subject of Personal Data.

General Data Protection Regulation (GDPR)

Data protection legislation that governs the use, process, and storage of Personal Data (information about an identifiable, living person) in the European Union (EU). A similar piece of data protection applicable to the United Kingdom is called the “UK GDPR”. Any reference in this Privacy Notice to the GDPR applies to both the UK GDPR and EU GDPR and will remain the case so long as the UK is subject to an adequacy decision by the EU. Should there be a conflict between the two, the version that grants data subjects the greatest protection will apply.

Personally Identifiable Information Data (PII)

PII is any data that can be used to identify a person. This can take several different forms including:

a.     Contact Data—data such as your name, email address, and telephone numbers.

b.    Usage Data—includes information about how you use our website, products and services, for example, internet protocol (IP) address, your login Identifier, browser type and version, time zone setting and location.

c.     Aggregated Data—collection of multiple data types as part of statistical analysis.

d.    Marketing and Communications Data—includes your preferences in receiving marketing from us and our third parties and your communication preferences.

Personal Data

Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our

possession). It does not include data where the identity has been removed (anonymous

data).

Usage Data

Usage Data are the metrics by which a user interacts with the website (for example, the duration of a page visit, links clicked, etc.) and is collected automatically while navigating and interacting with the website.

3. What data Is collected?

Personal Data

While using our service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data").

We do not collect any special categories of Personal Data (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health data) or collect any information about criminal convictions and offences.

Usage Data

Tracking technologies are used such as beacons, tags, and scripts to collect and track information on how the website is accessed and used ("Usage Data"). This may include information such as your computer's Internet Protocol address (IP address), browser type, browser version, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Aggregated Data

We also collect, use, and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered Personal Data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this privacy policy.

4. Why do we process your Personal Data?

 We will only use your Personal Data when the law allows us and, in the following circumstances:

a.     In the performance of a contract with you

b.    The processing is in our legitimate interests, and it is not overridden by your rights

c.     To comply with applicable law

For the purpose of this Privacy Policy, neuRealities is the Data Controller of your Personal Data.

If you decline [JJ3] to provide Personal Data when requested, we may not be able to perform the

contract we have or are trying to enter with you (for example, to provide you with goods or

services). In this case, we may have to cancel a product or service. We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason compatible with the original purpose.

We do not sell your Personal Data to third parties and will not ever do so without first obtaining your consent. You have the right to opt out of any such sale at the time we notify you or at any point thereafter in the future.

5. How Is data collected? 

We collect data using the following methods:

Direct interactions. You may give us your contact data by filling in forms or corresponding with us by post, phone, email or otherwise. This includes Personal Data you provide when you:

a.     Apply for our products or services

b.    Enter a competition, promotion, or survey

c.     Give us feedback or contact us

d.    Automated technologies or interactions

e.     Third parties or publicly available sources

As you interact with our website, we will automatically collect Usage Data about your equipment, browsing actions and patterns. We collect this data by using cookies and other similar technologies. The information is used for the sole purpose of remembering your device and your interactions with our website.

Third Parties. We may receive Personal Data about you from various third parties as set out below:

a.     analytics providers

b.    advertising networks

c.     search information providers

Cookies & Tracking

We provide the ability to decline the usage of cookies except were deemed necessary for the website to remain operational. Most browsers allow you to refuse to accept cookies and to delete cookies.

Blocking all cookies will have a negative impact on the usability of many websites. If you block cookies, you will not be able to use all the features on our website. These cookies can be consented or rejected to via the use of our cookie consent manager, prominently displayed on neuRealities websites. Users are empowered to withdraw consent at any time.

Below is a table containing the current third-party cookies used on neuRealities websites.

6. Data Sharing

We may share your personal data with third-party service providers to process data as per the purposes set out in this policy. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

7. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information against unauthorized access, use, disclosure, alteration, or destruction. These measures include:

• Encryption of sensitive data in transit and at rest

• Access controls limiting who can view your information

• Regular security assessments and updates

• Secure data storage and backup procedures

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal information, we cannot guarantee absolute security. We encourage you to use strong passwords and keep your account information confidential.

In the event of a data breach that may compromise your personal information, we will notify you and relevant authorities as required by applicable law. 

8. International Transfers 

For users located in the UK or EU: We may use external third parties as part of our data processing who are based outside the European Economic Area (EEA), which may include includes Personal Data transfer outside the EEA.

Whenever we transfer your Personal Data out of the EEA, we will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

No transfer of your Personal Data will take place to an organization or country without adequate data security & privacy controls.

9. Data Retention

We will retain your Personal Data for as long as necessary for the purposes set out in this Privacy Policy and to the extent of compliance with legal obligations. In some circumstances we will anonymise your Personal Data (so that it can no longer be associated with you) for research or statistical purposes.

10. Data Protection Rights 

Your principal rights under GDPR, CCPA, and other data protection laws, are summarised as the rights to:

• Request access to your Personal Data.

• Request correction of your Personal Data.

• Request erasure of your Personal Data.

• Object to processing of your Personal Data.

• Request restriction of processing your Personal Data

• Request transfer of your Personal Data.

• Right to withdraw consent. Please note. If you withdraw your consent, we may not be able to provide certain products or services to you.

• If applicable, the right to opt out of the sale of your business information.

• Not be discriminated against for exercise any CCPA rights.

To exercise your rights above, please contact us as described in the next section.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

You have the right to lodge a complaint with a data protection supervisory authority in the UK or in the EU Member State where you live, work, or where you believe a violation has occurred. If you believe we have not complied with this privacy policy or California privacy laws, you may file a complaint with the California Privacy Protection Agency at cppa.ca.gov. We would, however, appreciate the chance to deal with your concerns before you approach an oversight body, so we ask that you please contact us in the first instance before approaching those regulators.

11. Contact Details

Our representatives with respect to our obligations under data protection law are as follows:

In the United States or Canada:

privacy@neurealities.com