Company
Neura Parse Ltd
UK company #16547481. We operate public website, product, support, research, and procurement channels for the Neura Parse stack.
Privacy and data protection
A clearer, product-aware notice for website visitors, customers, support contacts, research collaborators, and enterprise users of the Neura Parse stack.
Company
UK company #16547481. We operate public website, product, support, research, and procurement channels for the Neura Parse stack.
Data posture
Website and commercial data are controlled by Neura Parse. Customer workflow and integration data may be processed on behalf of the customer.
AI systems
High-impact, regulated, safety-critical, or rights-affecting workflows need documented oversight, review, and deployment controls.
01
Scope
This notice explains how Neura Parse Ltd handles personal data across the public website, product inquiries, support, research collaboration, and contracted product use.
Neura Parse Ltd is a UK company registered at Companies House under company number 16547481. For website, sales, support, security, and account administration data, Neura Parse normally acts as the controller.
For customer workflow content, integration payloads, telemetry, logs, and user data processed inside a contracted enterprise deployment, Neura Parse may act as a processor or service provider under the customer agreement, data processing addendum, or order form.
This notice does not replace a signed data processing agreement, product-specific order form, enterprise security schedule, or open-source project licence.
Controller
We decide how public-site analytics, contact forms, support requests, security reports, procurement messages, and account administration data are handled.
Processor
For contracted deployments, the customer usually controls what data enters workflows, devices, integrations, and model pipelines.
02
Data categories
The exact data depends on whether you browse the site, contact us, use a hosted product, deploy NeuralOS, or collaborate on research.
Name, work email, company, role, region, support details, billing contact, authentication metadata, and communication preferences.
Demo requests, security questionnaires, procurement notes, issue reports, audit requests, messages, and support history.
Workflow definitions, run metadata, prompts, task state, approval logs, integration configuration, API events, and operational records submitted by authorized users.
For NeuralOS or edge deployments, configured telemetry may include device identifiers, software version, health signals, logs, rollout status, and security events.
Paper correspondence, benchmark artifacts, repository access details, collaborator information, reviewer notes, and reproducibility records.
IP address, browser, approximate location, pages visited, referral source, consent preferences, and optional analytics identifiers where enabled.
We do not intentionally request special-category data on the public site. Customers must avoid sending regulated health, biometric, defence, export-controlled, or child data unless a written agreement authorizes that processing and defines the required safeguards.
03
Purpose
We use data to operate the site, provide products, secure systems, support customers, improve reliability, and meet legal obligations.
04
UK GDPR / GDPR
Where UK GDPR or EU GDPR applies, we rely on the lawful basis that matches the processing purpose.
Basis
Contract
Typical use
Providing products, accounts, support, subscriptions, order forms, customer communications, and requested services.
Basis
Legitimate interests
Typical use
Security monitoring, fraud prevention, product reliability, B2B outreach, service improvement, and non-intrusive operational analytics.
Basis
Consent
Typical use
Optional cookies, marketing subscription, certain product telemetry, research participation, and optional communications.
Basis
Legal obligation
Typical use
Tax, accounting, corporate, sanctions, export control, law enforcement, and regulatory recordkeeping.
| Basis | Typical use |
|---|---|
| Contract | Providing products, accounts, support, subscriptions, order forms, customer communications, and requested services. |
| Legitimate interests | Security monitoring, fraud prevention, product reliability, B2B outreach, service improvement, and non-intrusive operational analytics. |
| Consent | Optional cookies, marketing subscription, certain product telemetry, research participation, and optional communications. |
| Legal obligation | Tax, accounting, corporate, sanctions, export control, law enforcement, and regulatory recordkeeping. |
05
AI and autonomy
Neura Parse products are designed for governed automation, not invisible decision-making.
NowFlow and related tools may process prompts, workflow state, tool outputs, approvals, and model responses. Customers are responsible for configuring workflows with appropriate permissions, policies, human review, and rollback paths.
The public website does not make solely automated decisions that produce legal or similarly significant effects about visitors. Enterprise customers must not use our products for high-impact decisions without a lawful basis, transparency, human oversight, evaluation, and documented controls.
Where EU AI Act, sector safety, medical, defence, aviation, automotive, employment, credit, education, or biometric rules apply, the customer deployment must define roles, risk classification, documentation, testing, monitoring, and incident handling before production use.
Default stance
Workflow outputs should be reviewed where they affect rights, safety, access, eligibility, financial position, employment, health, or public services.
Evidence
Approvals, tool calls, model versions, policy checks, and run outputs should remain inspectable for debugging and governance.
06
Processors
We share data only when needed to provide, secure, improve, sell, support, or legally operate the services.
We do not sell personal data. If any future activity is treated as sharing for cross-context behavioral advertising or similar under applicable law, we will provide the required notice and opt-out mechanism.
07
Retention
We keep data only for as long as needed for the purpose collected, the customer agreement, security, audit, backup, legal obligations, or dispute handling.
Record type
Contact and inquiry records
Typical retention
Up to 24 months after the last meaningful interaction unless a longer business or legal need applies.
Record type
Customer account records
Typical retention
For the account term, then a limited post-termination period for export, audit, billing, and legal purposes.
Record type
Workflow, prompt, and integration records
Typical retention
Set by the customer plan, workspace settings, enterprise agreement, and backup deletion window.
Record type
Security logs
Typical retention
Usually 12 to 24 months, or longer for active investigations, abuse prevention, or compliance needs.
Record type
Billing, tax, and accounting records
Typical retention
Usually 6 to 7 years depending on applicable tax, accounting, and corporate rules.
Record type
Cookie consent preferences
Typical retention
Normally up to 12 months unless refreshed or deleted by the user.
| Record type | Typical retention |
|---|---|
| Contact and inquiry records | Up to 24 months after the last meaningful interaction unless a longer business or legal need applies. |
| Customer account records | For the account term, then a limited post-termination period for export, audit, billing, and legal purposes. |
| Workflow, prompt, and integration records | Set by the customer plan, workspace settings, enterprise agreement, and backup deletion window. |
| Security logs | Usually 12 to 24 months, or longer for active investigations, abuse prevention, or compliance needs. |
| Billing, tax, and accounting records | Usually 6 to 7 years depending on applicable tax, accounting, and corporate rules. |
| Cookie consent preferences | Normally up to 12 months unless refreshed or deleted by the user. |
08
International transfers
Neura Parse may use providers or infrastructure outside your country. We use transfer safeguards where required.
09
Individual rights
Depending on your location, you may have rights to access, correct, delete, restrict, object, port, or opt out of certain uses of personal data.
UK / EEA
Access, rectification, erasure, restriction, portability, objection, consent withdrawal, and rights related to automated decision-making.
California
Know, access, delete, correct, opt out of sale or sharing, limit sensitive personal information where applicable, and non-discrimination.
Enterprise users
If your account belongs to an organization, we may route requests to the customer administrator or controller.
Response
We may need to verify identity, authority, and jurisdiction before responding to a rights request.
Use the subject line Privacy Rights Request.
For GDPR, UK GDPR, DPA, or controller/processor questions.
10
Safeguards
We use administrative, technical, and organizational safeguards designed for product-grade automation and edge deployments.
11
Regulatory references
These official resources inform the structure of this notice. They are provided for transparency and do not replace legal advice.
UK privacy principles, individual rights, lawful bases, and controller obligations.
UK guidance on AI systems, data protection, transparency, fairness, and accountability.
EU AI Act framework and phased application, including obligations relevant from 2025 and 2026.
California privacy regulations, consumer rights, and opt-out mechanisms.
Contact
Send privacy rights requests, DPA questions, sub-processor inquiries, and security due-diligence routing requests to the appropriate mailbox.
Privacy rights, notices, and data handling requests.
GDPR, UK GDPR, DPA, and controller/processor questions.
Security reviews, vulnerabilities, attestations, and procurement checks.