It seems that in 2018 the bar has been raised for all companies that deal with data to maintain user privacy and security. Before diving into implementation of a new service or tool – whether on the commercial or the technical side – all legal concerns should be resolved from the get-go. This brief has all you need to make your life easier when explaining Neura to anyone from the legal team. If and when your legal department wishes to dive deeper into the bits and bytes of the Neura operation, additional links are available here as well.
What is Neura?
Neura transforms customer engagement by delivering live, actionable insights based on each user’s real-world behavior. Brands that utilize Neura’s technology adapt to each user’s unique needs, delivering contextually relevant, real-time interactions and personalized customer experiences—driving engagement, retention, and monetization.
Our commitment to our clients
1. Neura is a Data Controller and not a Data Processor. This means that we are liable for maintaining security and privacy. That is why extremely regulated companies including Philips, AXA and various HIPAA-complaint brands (holding delicate health-related user information) work with us. Companies that work with Neura don’t send us any data but rather consume our data-driven insights.
2. Neura doesn’t collect or use Advertising IDs. We don’t need them. We create an anonymous Neura ID for each user (example: xyz123). This can be related to an ADID or IDFA only by the customer, if needed. Never by Neura.
3. Neura doesn’t sell personal data. Our customers use Neura’s services to increase engagement, that’s our business model. We provide actionable insights, via our Insights Dashboard or API services, that do not and will not contain any user personally identifiable information (PII).
Our commitment to the end user
The concerns of our customers are extremely important, because they must protect their users’ data and privacy. So, we also address end users directly. In a nutshell, this is what we tell end users:
1. Trust is our promise
The information on your phone belongs to you. We’ll respect your privacy and treat your personal information responsibly.
2. We work hard to protect your data
Privacy and anonymity are at the core of our technology. Our team works hard every day to keep your data secure, stay ahead of possible threats, and work with all security regulators.
3. You’re in the driver’s seat
You have control over what we see and whether we can use it. Transparency is an important part of any relationship, so we’ll let you know who wants to see your information and how it’s used. We give you the tools to delete your account, no strings attached. All you have to do is reach out.
Working with Neura does not require use of any PII, so in theory, Neura was GDPR compliant from day one, and way before the GDPR laws were written. We were happy to witness the rise of GDPR and privacy protection regulations. We welcome GDPR as an opportunity to display our commitment to creating amazing personalized products that still maintain users’ rights to privacy.
You can read more about Neura and GDPR here.
Regulatory compliance and guidance
Neura is fully compliant with the ISO’s industry requirements for an information security management system.
Highly sensitive data is encrypted in Neura applications and servers using asymmetric and symmetric algorithms with large keys for data encryption.
3. Data Storage:
Our data center, managed by AWS, is SAS 70 Type II certified, SSAE16 (SOC 2) compliant, and features proximity security badge access and digital security video surveillance.
4. Privacy Shield:
Neura has proven to the Department of Commerce that it adheres to the Privacy Shield Principles.