Privacy Policy

This Privacy Notice explains how Neo Reach collects, uses, stores, shares, and protects personal information when you visit our website, contact us, purchase services from us, or otherwise interact with our business.

Contact Details

For the purposes of UK data protection law, Neo Reach acts as the data controller in relation to the personal information described in this Privacy Notice.

Information We Collect

Information You Provide Directly

• Full name
• Email address
• Telephone number
• Billing address
• Company or business information
• Enquiry details
• Project information and communications
• Payment and transaction information
• Marketing preferences
• Any other information voluntarily provided to us

Technical and Usage Information

• IP address
• Browser type and version
• Device identifiers
• Operating system information
• Website usage and interaction data
• Referral URLs
• Session and diagnostic information
• Traffic logs
• Security and monitoring information

Website Maintenance and Technical Access Information

Where necessary to provide technical services, support, hosting, maintenance, or troubleshooting, we may process website or platform login credentials, hosting or server configuration information, CMS administrative access details, API keys or access tokens, technical diagnostic data, and infrastructure and system information. We only access this information where reasonably necessary to provide requested services or maintain system security and functionality.

How We Use Personal Information

• Providing website development, maintenance, hosting, and digital services
• Responding to enquiries and communications
• Managing projects and ongoing client relationships
• Processing invoices and payments
• Delivering technical support and maintenance services
• Maintaining website, platform, and infrastructure security
• Monitoring and improving website functionality, performance, and reliability
• Detecting, preventing, investigating, or responding to fraud, abuse, unauthorised access, cyber threats, or security incidents
• Sending important service-related notices and operational communications
• Sending marketing communications where legally permitted
• Maintaining internal business records
• Complying with legal, regulatory, tax, and accounting obligations
• Establishing, exercising, or defending legal claims

Lawful Bases for Processing

Under UK data protection law, we rely on the following lawful bases depending on the nature of the processing activity:

Contract

Processing is necessary to perform a contract with you or to take steps at your request before entering into a contract — including providing requested services, managing projects, processing payments, and delivering support or maintenance services.

Legitimate Interests

We may process personal information where necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. These include operating and improving our services, maintaining security, preventing fraud and abuse, managing client relationships, and system administration.

Legal Obligation

We may process personal information where necessary to comply with legal or regulatory obligations, including tax, accounting, fraud prevention, and law enforcement requirements.

Consent

Where required by law, we rely on consent for marketing communications, certain analytics technologies, and non-essential cookies or tracking technologies. You may withdraw consent at any time.

Cookies and Similar Technologies

Our website may use cookies, analytics technologies, server logs, and similar technologies to maintain website functionality, improve user experience, monitor performance, analyse traffic, and maintain security.

Non-essential cookies and similar technologies will only be used where you have provided consent through our cookie banner or preference management tools, where required by applicable law. You may manage or disable cookies through your browser settings, though disabling certain cookies may affect website functionality.

Who We Share Information With

We may share personal information with trusted third-party service providers where reasonably necessary to operate our business and deliver services, including:

• Website hosting and cloud infrastructure providers
• Domain and DNS providers
• Content delivery network (CDN) providers
• Payment processors
• Email and communication providers
• Analytics and monitoring providers
• Project management and collaboration platforms
• IT support providers
• Professional advisers, accountants, insurers, or legal representatives

We may also disclose personal information where required by law, to comply with legal obligations, to protect rights, property, or safety, or to investigate fraud, abuse, or security incidents.

International Data Transfers

Some third-party providers we use may process personal information outside the United Kingdom. Where international transfers occur, we take appropriate steps to ensure personal information remains protected in accordance with UK data protection law, including transfers to countries recognised as providing adequate protection, the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or other legally recognised transfer safeguards where applicable.

Data Retention

We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Notice, including operational, contractual, legal, accounting, tax, security, backup, audit, dispute resolution, and record-keeping requirements.

Data Security

We implement appropriate technical and organisational measures designed to protect personal information against unauthorised access, misuse, disclosure, alteration, destruction, or loss. These measures include access controls, encrypted communications, firewall protections, monitoring systems, and restricted system access.

No method of transmission, storage, or electronic processing is completely secure, and we cannot guarantee absolute security.

Your Data Protection Rights

Under UK data protection law, you may have the following rights, subject to certain legal limitations:

• Right of access — Request access to your personal information
• Right to rectification — Request correction of inaccurate or incomplete information
• Right to erasure — Request deletion of personal information in certain circumstances
• Right to restrict processing — Request restriction of processing in certain circumstances
• Right to object — Object to certain types of processing
• Right to data portability — Request transfer of your information to another provider
• Right to withdraw consent — Withdraw consent where processing relies on consent

Requests may be submitted by email to: team@neoreach.uk. We may request verification of identity before responding to certain requests.

Third-Party Websites and Services

Our website or communications may contain links to third-party websites, tools, integrations, or services. We are not responsible for the privacy practices, security, availability, or content of third-party websites or services.

Children's Privacy

Our services and website are not intended for children, and we do not knowingly collect personal information from individuals under the age of 18. If we become aware that personal information has been collected from a child unlawfully, we will take appropriate steps to delete that information.

Changes to This Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in legal requirements, technology, security practices, or business operations. Updated versions will be published on this page with a revised "Last Updated" date.

How to Complain

If you have concerns about how we handle personal information, please contact us first at team@neoreach.uk.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe your data protection rights have been breached.