GDPR Compliance

Last updated: May 27, 2025

Our Commitment to GDPR Compliance

NeuroLinker is committed to protecting the personal data of our users and ensuring compliance with the General Data Protection Regulation (GDPR). We have implemented comprehensive measures to safeguard your information and respect your privacy rights.

Data Controller Information

NeuroLinker acts as a data controller for the personal information we collect. You can contact our Data Protection Officer at:

  • Email: dpo@neurolinker.digit-i.com
  • Address: Dubai Digital Park, Dubai Silicon Oasis, Dubai, UAE

Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Contract fulfillment (Article 6(1)(b) GDPR)
  • Legal obligations (Article 6(1)(c) GDPR)
  • Legitimate interests (Article 6(1)(f) GDPR)
  • Consent (Article 6(1)(a) GDPR)

Your Rights Under GDPR

Under GDPR, you have the following rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

To exercise any of these rights, please contact our Data Protection Officer using the contact information provided above.

Data Processing Activities

WhatsApp Business Data

As a WhatsApp Business solution provider, we process the following types of data:

  • Message content and metadata
  • Contact information
  • Business account settings
  • Usage statistics and analytics

Account Data

For account management, we process:

  • User account information
  • Authentication data
  • Billing information
  • Usage logs

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Account data: Duration of the service agreement plus 6 months
  • WhatsApp messages: 30 days after end of conversation
  • Billing information: 7 years (legal requirement)
  • Usage logs: 90 days

International Data Transfers

When we transfer personal data outside the EEA, we ensure adequate protection through:

  • EU Standard Contractual Clauses
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules

Technical and Organizational Measures

We implement appropriate security measures including:

  • End-to-end encryption for message content
  • Regular security audits and penetration testing
  • Access control and authentication mechanisms
  • Employee training on data protection
  • Incident response procedures

Data Processing Agreements

We maintain Data Processing Agreements (DPAs) with our sub-processors and can provide a DPA to our customers upon request.

Contact Us

For any GDPR-related inquiries or to exercise your rights, please contact our Data Protection Officer:

  • Email: dpo@neurolinker.digit-i.com
  • Phone: +971 50 000 0000
  • Address: Dubai Digital Park, Dubai Silicon Oasis, Dubai, UAE

You also have the right to lodge a complaint with your local data protection authority.