GDPR Compliance

Last updated: June 18, 2026

neon-chip is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR). This page explains how we comply with GDPR requirements and your rights under this regulation.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: When you voluntarily provide information through our contact forms
• Contract: When processing is necessary to fulfill service agreements
• Legitimate interests: For business operations and service improvement, where your interests are not overridden
• Legal obligation: When required to comply with applicable laws

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

• Right to access: Request copies of your personal data
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data under certain circumstances
• Right to restrict processing: Request limitation of how we process your data
• Right to data portability: Receive your data in a structured, commonly used format
• Right to object: Object to processing based on legitimate interests or direct marketing
• Rights related to automated decision-making: Protection against solely automated decisions with legal effects

Data Controller

neon-chip acts as the data controller for personal information collected through our website and services. We determine the purposes and means of processing your personal data.

Data Protection Officer

For questions about data protection or to exercise your GDPR rights, contact our data protection representative at [email protected].

Data Processing Activities

We process personal data for the following purposes:

• Processing service inquiries and providing estimates
• Managing customer relationships and project delivery
• Maintaining records for business and legal purposes
• Improving our services and website functionality

International Data Transfers

Your personal data is primarily processed within the United Kingdom. If we transfer data outside the UK or European Economic Area, we ensure appropriate safeguards are in place to protect your information.

Data Retention Periods

We retain personal data only for as long as necessary:

• Inquiry data: Retained for two years from last contact
• Customer project records: Retained for seven years for business and legal purposes
• Marketing communications: Until you withdraw consent or request deletion

Data Security Measures

We implement appropriate technical and organizational security measures including:

• Encryption of data in transit and at rest
• Access controls limiting data access to authorized personnel
• Regular security assessments and updates
• Staff training on data protection requirements

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.

Exercising Your Rights

To exercise any of your GDPR rights, submit a request to [email protected]. We will respond within one month of receiving your request. In complex cases, we may extend this period by two additional months with notification.

Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection.

Updates to This Information

We may update this GDPR compliance information periodically. Significant changes will be communicated through our website.