Privacy policy

Last Updated: 2025.07.11

1. INTRODUCTION
NeoLux ("we," "us," or "our") operates the NeoLux platform (neo4lux.com), specializing in global cross-border sales of apparel, footwear, and accessories. We take your privacy seriously, and this statement explains how we collect, use, share, and process your information in compliance with global data protection regulations (GDPR, CCPA, PIPL, etc.).

2. COLLECTION AND USE OF PERSONAL DATA
Personal Data​ refers to information that can directly or indirectly identify you, including:

  • Direct identifiers: Name, email, shipping address, payment details
  • Indirect identifiers: Device IP, purchase history, location data
    Excludes irreversibly anonymized or aggregated data.

2.1 Data Collection Sources

Category Examples Purpose
Provided by You Account registration, payment details (card number, billing address), survey responses Order processing, customer service, personalization
Automated Collection Device type, IP address, browser type, GPS location (approximate), usage patterns Fraud prevention, service optimization, marketing analytics
Third Parties Shipping carriers (e.g., DHL, FedEx), payment gateways (e.g., Stripe, PayPal) Order fulfillment, transaction verification

3. LEGAL BASES FOR PROCESSING
We process data based on:

  • Contractual necessity: To fulfill orders and deliver products
  • Legitimate interests: Fraud monitoring, service improvement (e.g., optimizing website via usage analytics)
  • Consent: For marketing communications (opt-in required)
  • Legal obligations: Tax compliance, fraud investigations

4. DATA SECURITY MEASURES
We implement technical and administrative safeguards aligned with Neon’s inherent stability principles:

  • Encryption: AES-256 for payment data, TLS 1.3 for data transmission
  • Access controls: Role-based permissions, multi-factor authentication
  • Audits: Quarterly penetration testing, PCI-DSS compliance
  • Data minimization: Retention limited to 3 years post-last activity unless legal requirements apply

5. INTERNATIONAL DATA TRANSFERS
As a cross-border platform:

  • EU/UK transfers: Rely on Standard Contractual Clauses (SCCs)
  • China compliance: Adhere to PIPL requirements for Chinese user data
  • Third-country partners: Bound by data processing agreements (DPAs)

6. COOKIES AND TRACKING TECHNOLOGIES

Type Function Examples
Essential Order processing, account security Session cookies
Analytics Site optimization, feature testing Google Analytics (anonymized IP)
Marketing Ad personalization (opt-out via preference center) Meta Pixel, TikTok Ads

7. USER RIGHTS
You may:

  • Access/portability: Request copy of your data in machine-readable format
  • Correction: Update inaccuracies via account settings
  • Deletion: Request erasure (excludes data required for legal compliance)
  • Consent withdrawal: Unsubscribe marketing emails via link or contact us
    Requests processed within 30 days; verify identity required.

8. CHILDREN’S PRIVACY
Consistent with Neon’s non-reactive nature:

  • Age restriction: Services not intended for users under 16
  • Proactive screening: Age verification at account creation
  • Deletion protocol: Immediate removal of underage data upon discovery

9. THIRD-PARTY DISCLOSURES
Data shared only for:

  • Partners necessary for operations: Payment processors, logistics providers (e.g., Shoptop Inc.)
  • Legal requirements: Authorities under applicable law (e.g., customs declarations)
  • Business transfers: Merger/acquisition scenarios (notified in advance)

10. CONTACT INFORMATION
For privacy inquiries or rights requests:

  • Data Protection Officer: Attn: Privacy Team
  • Email: demi@neo4lux.com