Privacy Policy

Last updated: July 8, 2026

This page explains how we process and protect personal data across the NeuroCheckout website and services.

This document is a standard baseline and may be adjusted to your contractual setup and applicable jurisdiction.

Contact details and responsible entity

Responsible entity
NeuroCheckout
Contact email
contact@neurocheckout.com

1. Scope of this policy

This policy explains how NeuroCheckout uses and protects personal data.

We operate a B2B service and primarily process professional contact, account, and security data, with limited direct collection.

2. Data we collect directly

We collect only the data needed to run the service, provide support, and keep the platform secure.

  • Business contact data: name, email, company, phone (if provided).
  • Account data: login identifier, hashed password, language, login history.
  • Technical and security data: IP, technical logs, browser, anti-abuse diagnostics.
  • Support data: contact form content (including Talk to an expert), optional attachments, resolution tracking.
  • Contractual and billing data: minimum data required by payment providers.

3. Customer store data and roles

When a merchant connects a store, NeuroCheckout processes the e-commerce data required to run AI agents: customers, carts, orders, products, browsing events, campaigns, emails, and conversion signals.

This data is used to generate recommendations, recovery emails, segments, alerts, and performance metrics for the connected store.

  • The merchant remains the controller for its store data and end-customer data.
  • NeuroCheckout acts as a processor/service provider under contract, enabled features, and merchant instructions.
  • We limit processing to data needed by enabled agents and result measurement.
  • We do not sell this data and do not contact end customers outside actions authorized by the store.

4. Purposes of processing

We use personal data to:

  • Create and administer accounts.
  • Deliver SaaS features and customer support.
  • Protect the platform (fraud prevention, abuse prevention, and incident response).
  • Measure and improve service quality in a proportionate way.
  • Comply with contractual and legal obligations.

5. Legal grounds

Depending on the situation, processing is based on:

  • Contract performance or pre-contractual steps.
  • Legitimate interests (security, abuse prevention, service quality).
  • Consent where required (for example non-essential cookies).
  • Compliance with legal obligations.

6. Data sharing

We do not sell personal data. Sharing is limited to technical and operational needs.

  • Hosting, security, authentication, support, and messaging providers.
  • Payment and billing providers where relevant.
  • Competent authorities when legally required or to protect rights.

7. Data retention

We retain data for a reasonable period aligned with the purposes described, then delete or anonymize it.

  • Active accounts: for the duration of the contractual relationship, then limited retention.
  • Contact and support requests: for the time needed to process them, then a limited archive period.
  • Legal and accounting records: statutory retention periods where applicable.

8. Data security

We apply safeguards designed to protect confidentiality, integrity, and availability of account, store, end-customer, and order data.

Data from connected stores is processed in a controlled environment, with access restricted to technical, support, or security needs.

  • Encryption in transit, access controls, logging, and traceability for sensitive processing.
  • Logical separation by store, environment segmentation, and least-privilege access model.
  • Human access limited to support, supervision, maintenance, or security needs.
  • Security monitoring, backups, incident response procedures, and progressive minimization of data no longer needed.

9. Your rights

Depending on your jurisdiction, you may exercise rights of access, correction, deletion, objection, restriction, and where applicable portability.

For end-customer data from a connected merchant store, the first contact point is generally that merchant.

We support our customers in handling these requests when required under contract.

10. Cookies and similar technologies

We primarily use essential technical cookies required for website operation.

Limited analytics cookies may be used depending on configuration and applicable consent rules.

11. Children data

Services are not intended for direct use by children.

If child data is reported as collected inappropriately, we will take appropriate action.

12. Updates and contact

This policy may be updated to reflect legal, technical, or operational changes.

For any question or request regarding personal data, please contact us at: contact@neurocheckout.com.

We will handle requests within a reasonable timeframe in line with applicable legal requirements.