Last updated: February 15, 2026
Pursuant to Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018 (LOPD-GDD)
Identity: Tautvydas Bagocius
NIF/CIF: X6005435C
Address: Calle Manantial, 3, 3ºB, 19208 Guadalajara
Email: soporte@neuroon.ai
Service Provision
Legal basis: Contract performance (Art. 6.1.b GDPR)
We process your data to provide semantic search, product indexing and analytics.
Billing and Payments
Legal basis: Contract performance and legal obligation (Art. 6.1.b and 6.1.c GDPR)
We process billing data to manage subscriptions and fulfil fiscal obligations.
Service Improvement
Legal basis: Legitimate interest (Art. 6.1.f GDPR)
We analyse usage data to improve service features and performance.
Marketing Communications
Legal basis: Consent (Art. 6.1.a GDPR)
We send marketing communications only if you have given your express consent.
Security and Fraud Prevention
Legal basis: Legitimate interest and legal obligation (Art. 6.1.f and 6.1.c GDPR)
We monitor suspicious activity to protect the platform and comply with regulations.
We share your data only with the following third parties necessary for the provision of the service:
Google Cloud Platform (Google LLC)
Service hosting and infrastructure — EU (europe-west1) — Within the EEA
Google Gemini API (Google LLC)
Search intent detection — US — DPF + SCCs
Google Firebase Analytics (Google LLC)
Web analytics and performance — US — DPF + SCCs
Google Cloud Speech-to-Text (Google LLC)
Voice search — US — DPF + SCCs
OpenAI (OpenAI, L.L.C.)
Product semantic embeddings — US — DPF + SCCs
Qdrant (Qdrant Solutions GmbH)
Vector database — Germany (EU) — Within the EEA
Stripe (Stripe, Inc.)
Payment processing — US/Ireland — DPF + SCCs
Vercel (Vercel Inc.)
Frontend hosting and SpeedInsights — US — DPF + SCCs
AWS SES (Amazon Web Services)
Email delivery — Ireland (EU) — Within the EEA
All aforementioned data providers have signed a Data Processing Agreement (DPA) pursuant to Art. 28 GDPR.
International Transfers: Providers located in the US (Google, OpenAI, Stripe, Vercel) operate under the EU-US Data Privacy Framework (DPF) and have signed Standard Contractual Clauses (SCCs) as an additional safeguard. Providers located in the EU (Google Cloud Platform europe-west1, Qdrant, AWS SES Ireland) process data within the European Economic Area.
Under the GDPR, you have the following rights:
✓ Right of Access
Request a copy of your personal data
✓ Right to Rectification
Correct inaccurate or incomplete data
✓ Right to Erasure ("Right to be Forgotten")
Request deletion of your personal data
✓ Right to Restriction of Processing
Restrict the processing of your data
✓ Right to Data Portability
Receive your data in a structured format and transfer it to another controller
✓ Right to Object
Object to the processing of your data in certain circumstances
✓ Right not to be subject to Automated Decisions
We do not use automated profiling that produces legal effects
✓ Right to Withdraw Consent
You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal (Art. 7.3 GDPR). For marketing consent, you can do so from Settings > Consent and Privacy. For analytics cookies, click "Configure Cookies" in the footer.
How to exercise your rights: Send an email to soporte@neuroon.ai or access your account settings. We will respond within a maximum of 30 days.
Right to complain: You may lodge a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es
Neuroon.ai uses AI systems to provide the semantic search service:
None of these systems make automated decisions with legal effects on you (Art. 22 GDPR).
We use cookies and similar technologies to improve your experience on our website. Below we explain which cookies we use and why.
Cookies are small text files stored on your device when you visit a website. They allow us to remember your preferences and improve your browsing experience.
Strictly Necessary Cookies
Essential for site functionality (authentication, session). These cookies cannot be disabled as they are required for the site to function correctly.
Legal basis: Legitimate interest (Art. 6.1.f GDPR) - Do not require consent
Analytics Cookies
Help us understand how visitors interact with the website, collecting and providing anonymous information about pages visited, time spent, etc.
Legal basis: Consent (Art. 6.1.a GDPR) - Require acceptance
| Name | Type | Purpose | Duration | Category |
|---|---|---|---|---|
| neuroon_token | localStorage | JWT authentication token | Session | Required |
| neuroon_refresh_token | localStorage | Refresh token | 30 days | Required |
| cookie_consent | localStorage | Cookie preferences (JSON) | 12 months | Required |
| neuroon_theme | localStorage | Visual theme preference | Persistent | Required |
| sidebar_collapsed | localStorage | Sidebar menu state | Persistent | Required |
| nav_expanded_groups | localStorage | Expanded navigation groups | Persistent | Required |
| neuroon_view_mode | localStorage | Results view mode | Persistent | Required |
| neuroon_recent_commands | localStorage | Recent commands (max. 5) | Persistent | Required |
| neuroon_pending_invitation | localStorage | Temporary invitation token | 2 hours | Required |
| neuroon_invitation_context | localStorage | Invitation context | 2 hours | Required |
| _ga | Cookie (GA4) | Google Analytics 4 — identifies users | 2 years | Analytics |
| _ga_<ID> | Cookie (GA4) | Google Analytics 4 — maintains session state | 2 years | Analytics |
You can manage your cookie preferences at any time:
Please note that if you disable necessary cookies, some site features may not work correctly.
For more information about cookies and how to manage them, visit: www.aboutcookies.org
We implement appropriate technical and organisational measures to protect your data:
The Service is not directed at persons under 18 years of age. We do not knowingly collect data from minors. If you discover that a minor has provided personal data, please contact us immediately for its deletion.
We may update this Privacy Policy from time to time. Substantial changes will be notified by email with 30 days' notice. Continued use of the Service after changes constitutes acceptance of the new policy.
For any queries related to data protection and GDPR compliance, you may contact us at: soporte@neuroon.ai
Persons related to the deceased by family or de facto ties, as well as their heirs, may contact soporte@neuroon.ai to request access, rectification or erasure of the deceased's data, unless the deceased person expressly prohibited this during their lifetime.
For questions about this Privacy Policy or the processing of your data: