RU ESP
ENGLISH VERSION
Privacy Policy
Effective Date: 07.07.2025
Version: 1.0
1. General Provisions
1.1. This Privacy Policy (“Policy”) governs the processing of personal data by NEUROLAND INFORMATION TECHNOLOGY L.L.C (Dubai, UAE) via https://neuro-infotech.com (“Website”).
1.2. Legal Framework:
  • UAE Federal DecreeLaw No. 45 of 2021
  • GDPR (Regulation (EU) 2016/679) for data subjects in the EU [GDP]
  • ISO/IEC 27001, PCI DSS
2. Data Categories & Legal Grounds [GDPR]

Category

Examples

Legal Basis

Retention Period

Identifiers

Name, email, phone

Art 6(1)(b) – Contract

3 years postinactivity

Technical Data

Anonymized IP, cookies, device

Art 6(1)(a) – Consent

26 months

Payment Data

Stripe tokens, transaction logs

Art 6(1)(c) – Legal Obligation

7 years (tax records)

User Content

Form submissions, course progress

Art 6(1)(f) – Legitimate Interest (LIA documented)

2 years

No specialcategory data (health, race, political opinion) are processed unless voluntarily provided with explicit consent.
3. Consent Management & Logging [GDPR]
3.1. We use Cookiebot (ID: 3b116ad1-1b23-4a89-ab39-c97faf7dd4e9) for granular consent.
3.2. All consent actions (timestamp, device, anonymized IP) are securely logged and retained for 3 years to demonstrate compliance with Art 7.
3.3. Users may change cookie preferences at any time via the “Cookie Settings” link on the Website.
4. EU Representative & DPO [GDPR]
4.1. EU Representative (Art 27):
Rabie Maydaa
Email: info@neuro-infotech.com
4.2. Data Protection Officer (Art 37):
Not appointed (annual datasubject count < 50 000).
5. International Data Transfers [GDPR]

Recipient

Location

Transfer Mechanism

Security Measures

Thinkific

USA

SCCs Module 2 (2021/914)

AES256 encryption

Stripe

USA

SCCs (autoenabled)

PCI DSS Level 1

Tilda

Netherlands

IntraEU transfer (no SCCs needed)

GDPRcompliant hosting

EU data subjects may enforce SCCs through courts in their Member State.
6. Data Subject Rights [GDPR]
You have the right to:
  • Access (Art 15)
  • Rectification (Art 16)
  • Erasure (Art 17)
  • Restriction (Art 18)
  • Portability (Art 20)
  • Object (Art 21)
  • Lodge a complaint with a supervisory authority (Art 77)
How to exercise:
  1. Email info@neuro-infotech.com
  2. Verify identity via registered email or other proof
  3. Receive response within 30 days of verification
7. Breach Notification [GDPR]
  • Notify supervisory authority within 72 hours of breach discovery (Art 33).
  • Inform affected data subjects without undue delay if high risk to rights/freedoms (Art 34).
8. Policy Updates
8.1. All changes are published on the Website with effective date and version.
8.2. Material changes will be communicated by email 30 days in advance.
9. Contact Information
Data Controller:
NEUROLAND INFORMATION TECHNOLOGY L.L.C
Office 40806, Al Barsha 1, Dubai, UAE
Email: info@neuro-infotech.com
EU Representative & Data Protection Lead:
Rabie Maydaa
Email: info@neuro-infotech.com
10. Compliance Verification Checklist
  • GDPR Articles Covered: Art 5–7, Art 12–22, Art 27, Art 30, Art 33–34, Art 44–49
  • UAE Requirements: Federal DecreeLaw 45/2021 compliance
  • Operational Controls:
  • Cookie consent logging (Art 7)
  • LIA documentation (Art 6(1)(f))
  • Breach procedures (Art 33–34)
  • SCCs for transfers (Art 46)
  • Rights request workflow (Art 12)
На главную