Legal

Privacy Policy

Last updated: 5 March 2026

1. Who we are

Neo Analytica (“we”, “us”, “our”) is a data engineering consultancy registered in England and Wales, operating from London, UK. We are the data controller responsible for your personal data collected through this website (neoanalytica.co.uk).

Contact: For any privacy-related enquiries, please email us at privacy@neoanalytica.co.uk.

2. What data we collect and why

We collect personal data in the following circumstances:

Discovery call enquiries

When you submit a discovery call request, we collect your full name, work email address, company name, job title, preferred date, and the details you share about your data engineering challenges. We use this information solely to respond to your enquiry and arrange a consultation call.

Newsletter subscriptions

If you subscribe to our newsletter, we collect your email address to send you updates about data engineering, our services, and relevant industry content. You may unsubscribe at any time using the link in any email we send.

Website analytics

We use Google Analytics (GA4) to understand how visitors interact with our website. This collects anonymised data including pages visited, time spent on the site, approximate geographic location (country/city level), and device type. Google Analytics uses cookies. No personally identifiable information is shared with Google through this service.

Contact and correspondence

If you contact us by email, we will retain that correspondence including any personal information you provide in order to respond to your enquiry.

3. Legal basis for processing (UK GDPR Article 6)

We rely on the following lawful bases to process your personal data:

  • Legitimate interests (Article 6(1)(f)): Processing enquiry and contact form data to respond to business enquiries and assess potential client relationships.
  • Consent (Article 6(1)(a)): Newsletter subscriptions and analytics cookies, where you have given clear consent. You may withdraw consent at any time.
  • Contract (Article 6(1)(b)): Where we have entered into a services agreement, processing is necessary to perform that contract.
  • Legal obligation (Article 6(1)(c)): Where we are required to retain certain records to comply with applicable law (e.g. financial and tax records).

4. How we store and protect your data

Your data is stored securely in cloud infrastructure located within the European Economic Area (EEA) or the United Kingdom. We use industry-standard encryption in transit (TLS) and at rest. Access to personal data is restricted to those with a legitimate need.

Enquiry data submitted via our website is stored in a PostgreSQL database hosted on Neon (EU West region). Email communications are processed via Resend, a transactional email provider.

5. Data retention

  • Enquiry data: Retained for 24 months from the date of submission, or until you request deletion, whichever is sooner.
  • Client project data: Retained for 6 years following project completion in accordance with UK tax and accounting obligations.
  • Newsletter subscribers: Retained until you unsubscribe or request deletion.
  • Analytics data: Governed by Google Analytics’ data retention settings (14 months by default).

6. Third parties we share data with

We do not sell or rent your personal data. We share it only with the following service providers, under appropriate data processing agreements:

  • Resend — transactional email delivery
  • Neon — PostgreSQL database hosting (EU West)
  • Vercel — website hosting and deployment (EU region)
  • Google Analytics (GA4) — anonymised website analytics

We may also disclose personal data if required to do so by law or in response to a valid request by a public authority.

7. Cookies

We use the following cookies on our website:

  • Analytics cookies (Google Analytics): Used to collect anonymised data about how visitors use our site. These are only set with your consent.
  • Strictly necessary cookies: Essential for the website to function correctly (e.g. session authentication for our admin dashboard). These do not require consent under UK PECR.

You can control and delete cookies through your browser settings at any time.

8. Your rights under UK GDPR

You have the following rights in relation to your personal data:

  • Right of access — to request a copy of the data we hold about you
  • Right to rectification — to request correction of inaccurate data
  • Right to erasure — to request deletion of your data (“right to be forgotten”)
  • Right to restriction — to request that we limit how we use your data
  • Right to data portability — to receive your data in a structured, machine-readable format
  • Right to object — to object to processing based on legitimate interests
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, please contact us at privacy@neoanalytica.co.uk. We will respond within 30 days in accordance with UK GDPR requirements.

9. Right to complain

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office (ICO):

We would, however, appreciate the opportunity to address your concerns before you contact the ICO.

10. Changes to this policy

We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated date at the top. We encourage you to review this policy periodically.