Data Security & Privacy Policy

Last updated: February 3, 2026

1. Data Controller

The data controller within the meaning of Art. 4(7) GDPR is:

neoBIM GmbH

Roonstraße 23a

76137 Karlsruhe

Germany

Email: flo@neobim.ai

2. Scope of This Policy

This Privacy Policy explains how we collect, process, and protect personal data when you use NeoSearch and related services. We process personal data exclusively in accordance with the EU General Data Protection Regulation (GDPR) and applicable German data protection laws.

3. Data We Collect

3.1 Information You Provide

  • Account information (name, email address, company name, role)
  • Project-related data you submit or configure within the platform
  • Communication content (support requests, feedback, inquiries)
  • Demo, trial, or waitlist registration details

3.2 Automatically Collected Information

  • Usage and interaction data (feature usage, timestamps)
  • Device and connection data (browser type, operating system, IP address)
  • Log and performance data (error logs, system diagnostics)
  • Cookies and similar technologies (see Section 8)

4. Publicly Available Data

NeoSearch processes publicly available information published by official municipal and governmental sources. This data does not constitute personal data under our control unless it is explicitly linked to an identified or identifiable natural person, in which case processing is limited to what is legally permitted under Art. 6 GDPR.

5. Legal Basis for Processing

We process personal data based on the following legal grounds:

Art. 6(1)(b) GDPR — Performance of a contract
Art. 6(1)(f) GDPR — Legitimate interests (platform security, service improvement)
Art. 6(1)(c) GDPR — Compliance with legal obligations
Art. 6(1)(a) GDPR — Consent, where required (e.g. cookies)

6. How We Use Your Data

We process personal data to:

  • Provide and operate our services
  • Manage user accounts and access
  • Communicate with users regarding the platform
  • Improve system performance and develop new features
  • Ensure platform security and prevent misuse
  • Fulfill legal and regulatory obligations

7. Data Sharing & Third-Party Services

We do not sell personal data.

To operate and improve NeoSearch, we use selected third-party service providers that process data on our behalf as data processors under Art. 28 GDPR. These providers may include:

  • Google (e.g. Google Analytics, infrastructure and performance monitoring)
  • Meta (e.g. conversion tracking and campaign performance measurement)
  • Microsoft Clarity (user interaction and usability analytics)

These services may process technical usage data such as IP address, device information, page interactions, and timestamps. All providers are contractually bound to comply with GDPR requirements. Where data is transferred outside the EU/EEA, appropriate safeguards (such as Standard Contractual Clauses) are applied.

8. Cookies & Analytics

We use cookies and similar technologies to:

  • Ensure core platform functionality and security
  • Analyze usage patterns and improve user experience
  • Measure marketing performance and conversion effectiveness

Analytics and tracking tools used may include Google Analytics, Meta Pixel, and Microsoft Clarity. Where required by law, cookies and tracking technologies are used only with your consent, which can be managed or withdrawn at any time via our cookie settings. IP anonymization and privacy-enhancing settings are applied where supported.

9. Data Retention

Personal data is retained only for as long as necessary to fulfill its purpose or to comply with statutory retention requirements. Data is deleted or anonymized once it is no longer required.

10. Data Security

We implement appropriate technical and organizational measures to protect personal data:

Encryption in transit and at rest
Role-based access controls
Regular security assessments
Employee data protection training
Incident response procedures
Authentication mechanisms

11. Your Rights

Under GDPR, you have the right to:

Art. 15Access your personal data
Art. 16Rectification of inaccurate data
Art. 17Erasure of data
Art. 18Restriction of processing
Art. 20Data portability
Art. 21Object to processing

Requests can be sent to flo@neobim.ai. You also have the right to lodge a complaint with a competent supervisory authority.

12. Changes to This Policy

We may update this Privacy Policy to reflect legal or technical changes. The current version is always available on our website.

NeoSearch processes only publicly available data and user-provided information in accordance with EU and German data protection regulations.

© 2026 NeoSearch by neoBIM GmbH. All rights reserved.

Wir verwenden Cookies, um Ihre Erfahrung zu verbessern. ·Mehr erfahren