Legal
Privacy Policy
Last updated: March 1, 2026
Your privacy matters to us. This policy explains how Neylak collects, uses, and protects your information. For questions, contact our Privacy Team at privacy@neylak.com.
1. Information We Collect
We collect information you provide directly (name, email, phone, payment details), information generated through your use of the platform (bookings, orders, preferences), and technical data (IP address, browser type, device, cookies). When you create an artist profile, we collect additional professional information including location and portfolio content.
2. How We Use Your Information
We use your information to: provide, operate, and improve the Neylak platform; process bookings, orders, and payments; send transactional and promotional communications; personalize your experience; ensure safety and prevent fraud; and comply with legal obligations. We do not sell your personal information to third parties.
3. Sharing of Information
We share your information with: artists when you make a booking (name, contact details, booking notes); payment processors (Stripe) for payment processing; service providers who help operate our platform under strict confidentiality agreements; and law enforcement when legally required. We require all third parties to respect the security of your data.
4. Cookies & Tracking
We use essential cookies for authentication and functionality, analytics cookies (via anonymized data) to understand platform usage, and preference cookies to remember your settings. You can control cookies through your browser settings. Disabling essential cookies may affect platform functionality.
5. Data Retention
We retain your personal data for as long as your account is active or as needed to provide services. You can request deletion of your account and data at any time. We may retain certain data longer where required by law or for legitimate business purposes (e.g., fraud prevention, legal disputes).
6. Your Rights
Depending on your location, you may have rights to: access your personal data; correct inaccurate data; request deletion ("right to be forgotten"); object to processing; data portability; and withdraw consent. To exercise these rights, contact us at privacy@neylak.com. We respond within 30 days.
7. Data Security
We implement industry-standard security measures including TLS encryption, encrypted data storage, regular security audits, and strict access controls. Payment data is processed by Stripe and never stored on our servers. While we take all reasonable precautions, no internet transmission is completely secure.
8. Children's Privacy
The Neylak platform is not directed to children under 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected such data, we will promptly delete it. If you believe a minor has provided us data, please contact us.
9. International Transfers
Your data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for cross-border transfers, including Standard Contractual Clauses for transfers from the EU/EEA.
10. California Privacy Rights (CCPA)
California residents have additional rights under the CCPA, including the right to know what personal information is collected and how it is used, the right to delete personal information, and the right to opt-out of the "sale" of personal information. We do not sell personal information. To exercise your rights, email privacy@neylak.com.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a prominent notice on the platform. We encourage you to review this policy periodically. Continued use of the platform after changes constitutes acceptance.
12. Contact Us
For any privacy-related questions, concerns, or requests, please contact our Privacy Team at privacy@neylak.com. You can also write to: Neylak, Inc., Privacy Team, [Address]. For EU/UK residents, you also have the right to lodge a complaint with your local data protection authority.