Numonic AI

This Privacy Policy complies with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and other applicable data protection laws. We are committed to protecting your privacy and ensuring the security of your personal data.

1. Data Controller Information

Numonic ("we", "us", or "our") is the data controller responsible for your personal data. We are committed to protecting and respecting your privacy in compliance with the UK GDPR and EU GDPR.

Contact Details:

Email: privacy@numonic.ai

Data Protection Officer: dpo@numonic.ai

2. Information We Collect

We may collect and process the following categories of personal data:

Identity Data: First name, last name, username or similar identifier
Contact Data: Email address, telephone numbers, billing address, delivery address
Financial Data: Payment card details (processed securely through our payment processors)
Transaction Data: Details about payments to and from you and other details of products and services you have purchased from us
Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform
Profile Data: Your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses
Usage Data: Information about how you use our website, products and services
Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences

3. Legal Basis for Processing

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Contract: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into such a contract
Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests
Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject
Consent: You have given consent to the processing of your personal data for one or more specific purposes

4. How We Use Your Information

We use your personal data for the following purposes:

To register you as a new customer
To process and deliver your order
To manage your relationship with us
To enable you to participate in a prize draw, competition or complete a survey
To administer and protect our business and this website
To deliver relevant website content and advertisements to you
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
To make suggestions and recommendations to you about goods or services that may be of interest to you

5. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

6. Your Rights Under GDPR

Under the UK GDPR and EU GDPR, you have the following rights:

Right of Access: You have the right to request copies of your personal data
Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete
Right to Erasure: You have the right to request that we erase your personal data, under certain conditions
Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions
Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions
Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions
Right to Withdraw Consent: Where we are relying on consent to process your personal data, you have the right to withdraw your consent at any time

To exercise any of these rights, please contact us at dpo@numonic.ai. We will respond to your request within one month as required by law.

7. International Transfers

We ensure that any transfer of personal data outside the UK or European Economic Area (EEA) is protected by appropriate safeguards, namely the use of Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO) or European Commission, or other legally approved means.

8. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. These measures include:

Encryption of data in transit and at rest
Regular security assessments and audits
Access controls and authentication measures
Employee training on data protection
Incident response procedures

9. Cookies

Our website currently uses only strictly necessary cookies that are essential for the proper functioning of our Service. These cookies do not require your consent under GDPR and UK GDPR as they are necessary for security and authentication purposes.

Current Cookie Usage

We currently only use:

Authentication cookies: Essential cookies set by Supabase (our authentication provider) to maintain your login session and ensure secure access to your account. These include session tokens and security verification codes.

Future Cookie Usage

In the future, we may implement additional types of cookies to improve our Service. If we do so, we will update this Privacy Policy and implement appropriate consent mechanisms. These may include:

Analytical/performance cookies: To understand how visitors use our website and to improve our Service
Functionality cookies: To remember your preferences and provide enhanced features
Targeting/marketing cookies: To deliver relevant advertisements and measure their effectiveness

Managing Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. Please note that if you disable or refuse the strictly necessary authentication cookies, you will not be able to log in or access the Service.

For more information about cookies and how to manage them, visit www.aboutcookies.org or www.allaboutcookies.org.

10. Web Analytics and Performance Monitoring

We use Vercel Web Analytics and Vercel Speed Insights to understand how visitors use our website and to monitor performance for improvement. These solutions are designed with privacy in mind and operate without the use of cookies.

Data Collected by Web Analytics

Vercel Web Analytics collects only anonymous, aggregated data that cannot be used to identify individual users:

Page URLs visited and referrer URLs
Geolocation (country, region, and city level—not precise location)
Device type (mobile, desktop, or tablet)
Operating system and browser type
Time of visit

Data Collected by Speed Insights

Vercel Speed Insights collects Core Web Vitals performance metrics to help us optimize page loading and user experience:

Largest Contentful Paint (LCP): Loading performance measurement
First Input Delay (FID): Interactivity measurement
Cumulative Layout Shift (CLS): Visual stability measurement
First Contentful Paint (FCP): Initial render time
Time to First Byte (TTFB): Server response time
Interaction to Next Paint (INP): Responsiveness measurement

Privacy-First Approach

Both Web Analytics and Speed Insights include the following privacy-protective measures:

No cookies: Visitor identification uses a hash of the incoming request, not persistent tracking cookies
No personal identifiers: No data is collected that could identify or track individual users across websites
24-hour data expiry: Session data is automatically discarded after 24 hours
No cross-site tracking: Analytics data cannot be used to track users across different applications or websites

Legal Basis

We process this analytics and performance data based on our legitimate interest in understanding website usage and performance to improve our Service (Article 6(1)(f) of GDPR). Given the privacy-protective nature of these solutions (no cookies, no personal identifiers, automatic data expiry), we have determined that this processing does not override your rights and freedoms.

11. Third-Party Links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

12. Age Restrictions

Our Service is restricted to users who are 18 years of age or older. We do not knowingly collect personal data from anyone under 18. If you are under 18, you may not use this Service. If we learn that we have collected personal data from anyone under 18, we will take steps to delete that information.

If you are a parent or guardian and you are aware that someone under 18 has provided us with personal data, please contact us immediately at dpo@numonic.ai.

13. Data Breach Notification

In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay in accordance with our legal obligations under the UK GDPR and EU GDPR.

14. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you. If we implement such processing in the future, we will inform you and provide information about the logic involved, as well as the significance and envisaged consequences.

15. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will provide a more prominent notice (including, for certain services, email notification of Privacy Policy changes).

16. Complaints

If you have any concerns about how we handle your personal data, you have the right to lodge a complaint with a supervisory authority:

For UK residents: Information Commissioner's Office (ICO)

Website: ico.org.uk

Phone: 0303 123 1113

For EU residents: Your local data protection authority

Find your authority: edpb.europa.eu/about-edpb/board/members

17. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Numonic

Email: privacy@numonic.ai

Data Protection Officer: dpo@numonic.ai

Website: https://www.numonic.ai

When contacting us, please provide as much information as possible to help us address your query efficiently. We aim to respond to all privacy-related inquiries within 30 days.