Privacy Policy

Last updated: December 21, 2025

1. Introduction

This Privacy Policy describes how Neavant Oy (Business ID: 3293265-4) ("we", "us", "our") collects, uses, and protects your personal data when you use Exarich ("the Service"), our lead enrichment platform.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

Neavant Oy
Business ID (Y-tunnus): 3293265-4
Finland

3. Data We Collect

3.1 Information You Provide

  • Account Information: Name, email address, company name, and authentication credentials
  • Payment Information: Billing details processed through third-party payment processors
  • Lead Data: Any data you upload to the Service for enrichment purposes, including company names, websites, email addresses, and other business contact information
  • Communications: Messages, support requests, and feedback you send to us

3.2 Automatically Collected Information

  • Usage Data: IP address, browser type, device information, pages visited, time and date of access
  • Cookies and Tracking: We use cookies and similar technologies to improve user experience and analyze Service usage
  • Log Data: Server logs, error reports, and performance metrics

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Contractual Necessity: Processing necessary to provide the Service you requested
  • Legitimate Interest: To improve our Service, prevent fraud, and ensure security
  • Consent: For marketing communications and non-essential cookies (where applicable)
  • Legal Obligation: To comply with applicable laws, regulations, and legal processes

5. How We Use Your Data

We use your personal data for the following purposes:

  • Providing, maintaining, and improving the Service
  • Processing lead enrichment requests and delivering results
  • Managing your account and subscription
  • Processing payments and preventing fraud
  • Sending service-related notifications and updates
  • Responding to your inquiries and support requests
  • Analyzing usage patterns to improve the Service
  • Complying with legal obligations
  • Enforcing our Terms of Service

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your data with:

  • Service Providers: Third-party vendors who help us operate the Service (e.g., cloud hosting, payment processing, authentication services)
  • Data Enrichment Partners: Third-party data providers necessary to deliver enrichment services
  • Legal Requirements: When required by law, court order, or to protect our rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

All third-party service providers are contractually bound to protect your data in accordance with GDPR requirements.

7. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions, to protect your data during international transfers.

8. Data Retention

We retain your personal data for as long as:

  • Your account is active
  • Necessary to provide the Service
  • Required by law or for legitimate business purposes
  • Necessary to resolve disputes and enforce our agreements

Upon account deletion, we will delete or anonymize your personal data within 90 days, unless retention is required by law.

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restriction: Limit how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time for processing based on consent
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise any of these rights, please contact us using the information provided in Section 13.

10. Cookies and Tracking Technologies

We use the following types of cookies:

  • Essential Cookies: Necessary for the Service to function properly
  • Analytics Cookies: Help us understand how users interact with the Service
  • Performance Cookies: Improve Service performance and user experience

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of the Service.

11. Security

We implement industry-standard security measures to protect your personal data, including encryption, secure data storage, access controls, and regular security assessments. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

12. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your GDPR rights, please contact us at:

Email: privacy@neavant.com
Company: Neavant Oy
Business ID: 3293265-4

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service after such changes constitutes acceptance of the updated Privacy Policy.

15. Supervisory Authority

If you are located in the EEA and have concerns about our data practices, you have the right to lodge a complaint with your local data protection supervisory authority. In Finland, this is:

Office of the Data Protection Ombudsman
Website: tietosuoja.fi