Privacy policy

โ€‹Last Updated: 2025.07.11โ€‹

โ€‹1. INTRODUCTIONโ€‹
NeoLux ("we," "us," or "our") operates the NeoLux platform (neo4lux.com), specializing in global cross-border sales of apparel, footwear, and accessories. We take your privacy seriously, and this statement explains how we collect, use, share, and process your information in compliance with global data protection regulations (GDPR, CCPA, PIPL, etc.).

โ€‹2. COLLECTION AND USE OF PERSONAL DATAโ€‹
โ€‹Personal Dataโ€‹ refers to information that can directly or indirectly identify you, including:

  • โ€‹Direct identifiers: Name, email, shipping address, payment details
  • โ€‹Indirect identifiers: Device IP, purchase history, location data
    Excludes irreversibly anonymized or aggregated data.

โ€‹2.1 Data Collection Sourcesโ€‹

โ€‹Categoryโ€‹ โ€‹Examplesโ€‹ โ€‹Purposeโ€‹
โ€‹Provided by Youโ€‹ Account registration, payment details (card number, billing address), survey responses Order processing, customer service, personalization
โ€‹Automated Collectionโ€‹ Device type, IP address, browser type, GPS location (approximate), usage patterns Fraud prevention, service optimization, marketing analytics
โ€‹Third Partiesโ€‹ Shipping carriers (e.g., DHL, FedEx), payment gateways (e.g., Stripe, PayPal) Order fulfillment, transaction verification

โ€‹3. LEGAL BASES FOR PROCESSINGโ€‹
We process data based on:

  • โ€‹Contractual necessity: To fulfill orders and deliver products
  • โ€‹Legitimate interests: Fraud monitoring, service improvement (e.g., optimizing website via usage analytics)
  • โ€‹Consent: For marketing communications (opt-in required)
  • โ€‹Legal obligations: Tax compliance, fraud investigations

โ€‹4. DATA SECURITY MEASURESโ€‹
We implement technical and administrative safeguards aligned with Neon’s inherent stability principles:

  • โ€‹Encryption: AES-256 for payment data, TLS 1.3 for data transmission
  • โ€‹Access controls: Role-based permissions, multi-factor authentication
  • โ€‹Audits: Quarterly penetration testing, PCI-DSS compliance
  • โ€‹Data minimization: Retention limited to 3 years post-last activity unless legal requirements apply

โ€‹5. INTERNATIONAL DATA TRANSFERSโ€‹
As a cross-border platform:

  • โ€‹EU/UK transfers: Rely on Standard Contractual Clauses (SCCs)
  • โ€‹China compliance: Adhere to PIPL requirements for Chinese user data
  • โ€‹Third-country partners: Bound by data processing agreements (DPAs)

โ€‹6. COOKIES AND TRACKING TECHNOLOGIESโ€‹

โ€‹Typeโ€‹ โ€‹Functionโ€‹ โ€‹Examplesโ€‹
Essential Order processing, account security Session cookies
Analytics Site optimization, feature testing Google Analytics (anonymized IP)
Marketing Ad personalization (opt-out via preference center) Meta Pixel, TikTok Ads

โ€‹7. USER RIGHTSโ€‹
You may:

  • โ€‹Access/portability: Request copy of your data in machine-readable format
  • โ€‹Correction: Update inaccuracies via account settings
  • โ€‹Deletion: Request erasure (excludes data required for legal compliance)
  • โ€‹Consent withdrawal: Unsubscribe marketing emails via link or contact us
    Requests processed within 30 days; verify identity required.

โ€‹8. CHILDREN’S PRIVACYโ€‹
Consistent with Neon’s non-reactive nature:

  • โ€‹Age restriction: Services not intended for users under 16
  • โ€‹Proactive screening: Age verification at account creation
  • โ€‹Deletion protocol: Immediate removal of underage data upon discovery

โ€‹9. THIRD-PARTY DISCLOSURESโ€‹
Data shared only for:

  • โ€‹Partners necessary for operations: Payment processors, logistics providers (e.g., Shoptop Inc.)
  • โ€‹Legal requirements: Authorities under applicable law (e.g., customs declarations)
  • โ€‹Business transfers: Merger/acquisition scenarios (notified in advance)

โ€‹10. CONTACT INFORMATIONโ€‹
For privacy inquiries or rights requests:

  • โ€‹Data Protection Officer: Attn: Privacy Team
  • โ€‹Email: demi@neo4lux.com