Privacy Policy

NEOVISTA, operated by Adriana M. Nuneva
Website: www.neovista.ai
Last updated: 23 December 2025

Scope
This Privacy Policy explains how we process personal data when you visit our website, contact us, or use our services. We process personal data under the GDPR, the German Federal Data Protection Act (BDSG), and the German Telecommunications Digital Services Data Protection Act (TDDDG).

Controller
NEOVISTA, operated by Adriana M. Nuneva
Address: 

c/o Brightpoint Group
Chausseestr. 1
10115 Berlin
Germany

Email: contact@neovista.ai
Phone: +49 (0) 173 3413751

Data Protection Officer
We appoint a Data Protection Officer only if the law requires it.
Contact for privacy requests: adriana.nuneva@neovista.ai

Key principles
We process personal data for defined purposes. We use a legal basis under Art. 6 GDPR. We protect your data with technical and organisational measures.

Website access, server logs, and hosting
When you visit www.neovista.ai, our hosting provider processes technical data to deliver the site and keep it secure. This includes:

  • IP address
  • date and time of access
  • requested page and file
  • referrer URL
  • browser and device information
  • status codes and transferred data volume

Purpose: website delivery, stability, security, and abuse prevention.
Legal basis: Art. 6(1)(f) GDPR. Our legitimate interest is secure operation of the website.
Storage: we delete server logs when we no longer need them for the purpose, unless we must keep them as evidence in security cases.

 

If the website stores or reads information on your device, we do this only when it is required for the site to function, or when you consent via our consent banner.

Consent banner, cookies, and similar technologies
We use cookies and similar technologies. Some are required for the site to work. Others serve analytics or marketing, and run only after you consent.

You control your choices in the consent banner. You can withdraw consent at any time with effect for the future via the banner settings.

Contact requests:
When you contact us by email, phone, or a web form, we process the data you provide. This usually includes: name, company, email address, and your message.

Purpose: answer your request and manage communication.
Legal basis:

Art. 6(1)(b) GDPR, if your request relates to a contract or pre-contractual steps

Art. 6(1)(f) GDPR, for general business communication

Storage: we delete the data when your request is completed, unless legal retention duties apply.

Services and client communication
If you become a client, we process personal data needed to deliver consulting services and to manage the relationship. This includes contact data, billing data, and project communication.

Purpose: contract performance, project management, billing, and compliance.
Legal basis: Art. 6(1)(b) GDPR and Art. 6(1)(c) GDPR where legal duties apply.
Storage: we retain business records under statutory retention rules.

10.1 Google Analytics
Use this section only if you use Google Analytics.

We use Google Analytics to measure website usage. Google Analytics uses cookies. We run it only after you consent in the consent banner.
Purpose: usage statistics and site optimisation.
Legal basis: Art. 6(1)(a) GDPR (consent).
Storage: set your retention in Google Analytics and state it here: [insert months].

If data transfers to the USA occur, we rely on safeguards stated in your vendor setup, such as EU-US Data Privacy Framework participation and Standard Contractual Clauses, as applicable to the vendor account.

External links
Our website links to external websites. The external provider controls its own processing. Check the privacy notices on those sites.

Recipients and processors
We share personal data only when necessary:

hosting and IT providers (processors under Art. 28 GDPR)

communication tools used for your request, such as email and calendar systems

professional advisors, courts, and authorities when required by law

List your key processors here:

Hosting, Consent banner, Form tool: 

IONOS SE

Elgendorfer Str. 57 56410 Montabaur

Video platform:

YouTube LLC, Deutschland Google Germany GmbH, - Rechtsabteilung -, ABC-Straße 19, 20354 Hamburg.

International transfers
If we transfer personal data outside the EEA, we use legal safeguards, such as an adequacy decision, Standard Contractual Clauses, and additional measures where required.

Storage periods
We delete personal data when the purpose ends and no retention duty applies. For business records, statutory retention periods apply. For consent-based tools, storage follows the vendor settings and the purposes described above.

Your rights
You have the following rights under the GDPR:

  • access (Art. 15 GDPR)
  • rectification (Art. 16 GDPR)
  • erasure (Art. 17 GDPR)
  • restriction (Art. 18 GDPR)
  • data portability (Art. 20 GDPR)
  • objection (Art. 21 GDPR)
  • withdrawal of consent (Art. 7(3) GDPR)

To exercise your rights, email contact@neovista.ai. We verify your identity before we fullfil a request.

You also have the right to lodge a complaint with a supervisory authority.

Automated decision-making
We do not use automated decision-making under Art. 22 GDPR for this website, unless we state it explicitly in a specific module.

Security
We protect your data with measures such as access controls, encryption in transit, and regular updates. We limit access to persons who need it for their tasks.

Updates to this Privacy Policy
We update this policy when legal rules change or when we change our website tools and processing.

Wir benötigen Ihre Zustimmung zum Laden der Übersetzungen

Wir nutzen einen Drittanbieter-Service, um den Inhalt der Website zu übersetzen, der möglicherweise Daten über Ihre Aktivitäten sammelt. Bitte überprüfen Sie die Details in der Datenschutzerklärung und akzeptieren Sie den Dienst, um die Übersetzungen zu sehen.