Privacy Policy

Our comprehensive commitment to protecting your personal data and maintaining your privacy rights.

Data Protection Commitment

Neural Forge Cyprus is committed to protecting and respecting your privacy. This privacy policy explains how we collect, use, store, and protect your personal information when you visit our website or engage with our machine learning engineering services.

We operate in full compliance with the General Data Protection Regulation (GDPR), Cyprus Data Protection Law, and other applicable privacy regulations. Your trust is fundamental to our business relationships, and we take our responsibility to protect your data seriously.

Data Collection and Processing

Information We Collect

We collect information that you provide directly to us, information we obtain automatically when you use our services, and information from third parties in limited circumstances.

Direct Information Provided by You

  • • Contact form submissions including name and project details
  • • Professional inquiries and service requests
  • • Communication preferences and feedback
  • • Business requirements and technical specifications

Automatically Collected Information

  • • Website usage data and navigation patterns
  • • Device information and browser specifications
  • • IP addresses and geographical location data
  • • Performance metrics and technical diagnostics

How We Use Your Information

We process your personal data only for specific, legitimate purposes that are clearly communicated to you. Our data processing activities are governed by strict internal policies and procedures.

Primary Processing Purposes

  • • Responding to your inquiries and service requests
  • • Providing machine learning engineering consultations
  • • Developing custom solutions based on your requirements
  • • Maintaining ongoing client relationships and support

Secondary Processing Activities

  • • Website performance optimization and improvement
  • • Security monitoring and fraud prevention
  • • Legal compliance and regulatory reporting
  • • Internal research and development initiatives

Data Protection and Security Measures

We implement comprehensive technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

Technical Security Measures

  • • End-to-end encryption for data transmission and storage
  • • Multi-factor authentication and access controls
  • • Regular security audits and penetration testing
  • • Automated backup systems and disaster recovery protocols

Organizational Security Measures

  • • Staff training on data protection and privacy procedures
  • • Strict access controls and need-to-know principles
  • • Regular policy reviews and compliance assessments
  • • Incident response procedures and breach notification protocols

Data Sharing and Third-Party Services

We do not sell, trade, or otherwise transfer your personal information to outside parties except as described in this policy. Any third-party services we use are carefully vetted for their privacy and security practices.

Authorized Data Sharing

  • • Trusted service providers supporting our operations
  • • Legal authorities when required by applicable law
  • • Professional advisors bound by confidentiality agreements
  • • Business partners for joint service delivery (with your consent)

Data Processing Safeguards

  • • Contractual data protection obligations for all processors
  • • Regular compliance monitoring and audit requirements
  • • Data minimization principles and purpose limitation
  • • Transparent notification of any processing changes

Your Rights and Data Management

Under GDPR and other applicable privacy laws, you have comprehensive rights regarding your personal data. We are committed to facilitating the exercise of these rights in a timely and transparent manner.

Individual Data Rights

Right of Access

Request confirmation of data processing and obtain copies of your personal data.

Right to Rectification

Request correction of inaccurate or incomplete personal information.

Right to Erasure

Request deletion of your personal data under specific circumstances.

Right to Portability

Receive your data in a structured, machine-readable format.

Data Retention and Deletion

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, and protect our legitimate interests.

Contact Form Data 24 Months
Client Project Data 7 Years
Website Analytics 26 Months
Marketing Communications Until Withdrawn

Exercising Your Rights

To exercise any of your data protection rights, please contact us through our website contact form. We will respond to all legitimate requests within 30 days and provide clear information about any actions taken.

Important: We may need to verify your identity before processing certain requests to ensure the security of your personal data. This verification process is designed to protect you from unauthorized access to your information.

International Data Transfers and Legal Basis

Legal Basis for Processing

Legitimate Interests

Processing necessary for our legitimate business interests, balanced against your rights and freedoms.

Contract Performance

Processing necessary to perform our contractual obligations and deliver requested services.

Legal Compliance

Processing required to comply with applicable legal and regulatory obligations.

Consent

Processing based on your explicit consent, which you can withdraw at any time.

International Data Protection

When we transfer data internationally, we ensure appropriate safeguards are in place to protect your personal information in accordance with applicable data protection laws.

Adequacy Decisions Recognition
Standard Contractual Clauses
Binding Corporate Rules
Certification Schemes

Policy Updates and Contact Information

Privacy Policy Updates

We regularly review and update this privacy policy to ensure it remains current with evolving privacy laws, technology changes, and our business practices. Material changes will be communicated through our website and direct notification where appropriate.

We encourage you to review this privacy policy periodically to stay informed about how we protect your personal information. Your continued use of our services after any modifications indicates your acceptance of the updated policy.

Data Protection Officer and Complaints

If you have concerns about our data processing activities or wish to file a complaint, you have the right to contact the relevant supervisory authority. However, we encourage you to contact us first so we can address your concerns directly.

Last Updated: January 2025
Next Review: July 2025
Policy Version: 2.1
Jurisdiction: Cyprus, European Union