Privacy Policy | Neuro Union

top of page

Neuro Union

A Legal Disclaimer

Effective Date: 01.08.2024
Last Updated: 13.08.2024

Neuro Union spółka z ograniczoną odpowiedzialnością

with its registered office at: ul. Kazimierza Morawskiego 5/127, 30-102 Kraków,
registered in the National Court Register (KRS),
NIP (Tax Identification Number): 9542765956,
represented by Ms. Zhanna Savchuk – CEO, acting pursuant to the Articles of Association.

1. Introduction

This Privacy Policy explains how Neuro Union spółka z ograniczoną odpowiedzialnością, a company registered in Poland at Kraków, Kazimierza Morawskiego 5, 127, 30-102 ("we", "our", "us") collects, uses, stores, and shares personal data when you interact with our website, services, or participate in our neuromarketing research studies. We are fully committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) (EU) 2016/679 and relevant national data protection laws of Poland.

Our primary activities involve:

Conducting neuromarketing and behavioral research using biometric and cognitive tools;

We conduct public opinion research and other forms of marketing research.

Developing insights and analytics based on collected data;
Reselling anonymized research outcomes and analytical reports to clients.
By using our website or participating in our services, you acknowledge and accept this Privacy Policy.

2. Data Controller Contact Information

Company Name Neuro Union spółka z ograniczoną odpowiedzialnością

Company Address Kazimierza Morawskiego 5, 127, 30-102

REGON: 364573981, NIP: 9542765956
Email: neuro@neuro-union.com

For all questions regarding data protection, you may contact our Data Protection Officer (DPO) at: neuro@neuro-union.com

3. Types of Personal Data We Collect

We may collect the following categories of personal data, depending on your interaction with us:

a. From Website Users:

IP address and device identifiers;
Browser type and settings;
Cookies and usage logs;
Location data (approximate);

b. From Clients or Business Partners:

Full name, company name;
Email address, telephone number;
Job position and professional contact data;
Billing and payment information;

c. From Research Participants:

Contact information (name, email, phone);
Demographic information (age, gender, location, etc.);
Biometric and behavioral data;

d. From Surveys or Interviews:

Responses to open- and closed-ended questions;
User preferences, opinions, decision-making behavior;
Time stamps, interaction logs;

We take care to anonymize or pseudonymize data wherever possible, especially when used for commercial resale or advanced analysis.

4. Purpose of Processing

We process your data for the following specific purposes:

1. To conduct neuromarketing research;

2. To analyze behavior, emotion, and decision-making patterns;

3. To generate anonymized insights and reports for resale to third parties;

4. To manage user accounts and communication preferences;

5. To administer surveys and participant recruitment;

6. To process transactions and issue invoices;

7. To improve the performance and content of our website and services;

8. To comply with legal obligations;

9. To detect, investigate and prevent fraud or data breaches;

10. To defend our legal claims and ensure business continuity;

Where possible, we aggregate or anonymize data before processing for analytics or resale purposes.

5. Legal Basis for Processing

We rely on the following legal bases under the GDPR for processing personal data:

Consent (Art. 6(1)(a)) – especially for biometric data, marketing communications, and cookies;

Performance of a contract (Art. 6(1)(b)) – with clients, suppliers, or research participants;

Compliance with legal obligations (Art. 6(1)(c)) – such as tax or accounting laws;

Legitimate interest (Art. 6(1)(f)) – e.g., business improvement, fraud prevention, security, or statistical research.

6. Cookies and Tracking Technologies

We use cookies and other tracking technologies to enhance your browsing experience and gather analytical data. Types of cookies used include:

Necessary cookies (essential for website operation);

Functional cookies (to remember preferences);

Analytical cookies (to understand user interaction and improve performance);

Marketing cookies (used only with your consent);

You may manage your cookie preferences via the cookie banner or your browser settings.
For full details, refer to our separate Cookie Policy here: [Insert Link]

7. Data Sharing and Disclosure

We may share your data with the following entities, only where necessary and in line with applicable data protection laws:

Clients and business partners – Only anonymized or aggregated research findings unless otherwise contractually agreed;

Subcontractors and service providers – IT hosting, research tools, analytics platforms;

Legal and regulatory authorities – When required by law or court order;

Professional advisors – Including legal, financial, or compliance consultants;

Recruitment agencies and research panels – For participant outreach;

Technology vendors – EEG device providers, eye-tracking platforms, etc.

All third parties are bound by data processing agreements (DPAs) and confidentiality obligations.

8. Data Transfers Outside the EEA

If we transfer data outside the European Economic Area (EEA), we ensure that such transfers are lawful and protected using:

Adequacy decisions from the European Commission;

Standard Contractual Clauses (SCCs);

Binding Corporate Rules or other recognized safeguards.

You may request a copy of these safeguards at: [Insert Contact Email]

9. Data Retention

We retain personal data based on the following criteria:

Client and business contact data: up to 6 years after the end of the contract;

Participant data: for the duration of the study plus up to 5 years;

Anonymized or aggregated research data: retained indefinitely for business and scientific use;

Marketing consent records: until consent is withdrawn;

Website logs: up to 12 months for security and analytics;

Data will be securely deleted or anonymized when no longer needed.

10. Your Data Protection Rights

Under the GDPR, you have the right to:

Access your personal data;

Rectify inaccurate or incomplete data;

Request deletion of your data (“right to be forgotten”);

Restrict processing under certain conditions;

Object to processing for marketing or legitimate interests;

Withdraw consent at any time;

Request a copy of your data in a portable format (data portability);

Lodge a complaint with the Polish Data Protection Authority (UODO)

To exercise any of these rights, please contact us at: neuro@neuro-union.com

11. Security Measures

We implement appropriate technical and organizational measures to safeguard your data, including but not limited to:

Data encryption (in transit and at rest);

Pseudonymization and anonymization;

Two-factor authentication and access controls;

Regular security audits and staff training;

Secure storage of biometric and sensitive data;

Despite our efforts, no method of transmission over the internet is completely secure.
We encourage you to also protect your data when online.

12. Children’s Data

Our services and website are not intended for children under the age of 18.
We do not knowingly collect personal data from minors without verified parental consent.
If you believe we have collected data from a child, please contact us immediately.

13. Automated Decision-Making and Profiling

In some cases, we may use automated tools to analyze participant data, generate neuromarketing profiles, or suggest insights to clients. These tools do not produce legal or similarly significant effects on individuals.

You have the right to request human intervention and express your point of view if you are subject to any automated decision-making.

If you need this in Polish or want to include custom terms (e.g., license for using participant images or clause on intellectual property of research), I can help tailor it further.
Would you like that version next?

PRIVACY POLICY

bottom of page