Privacy Notice

 

Version 2.0 (updated on 2026-03-27)

 

  1. Introduction

We value privacy and have a strong commitment not only to protecting our clients’ Personally Identifiable Information (PII), but also any PII entrusted to us by them. For this reason, this document sets out clear and objective information on how we process PII, ensuring transparency at every stage.

This Privacy Notice, also referred to as the “Notice,” describes how we collect, use, and share — collectively referred to as the “processing” of data — your PII whenever you access our website or use our services. 

The terms set out in this Notice are consistent with the national and international laws applicable to privacy and PII protection and may be reviewed at any time as part of our ongoing efforts to improve and enhance our practices.

If you have any questions, we are available to assist you. Please contact our Data Protection Officer (DPO) at [email protected] .

 

  1. PII processed and purposes of processing

2.1 PII processed

Neospace acts primarily as a PII processor, processing PII exclusively in accordance with the Client’s instructions, acting as the PII controller, and within the contractually established limits, for the purpose of providing and continuously improving our services. Accordingly, we do not directly collect PII for the provision of services; we only process data provided by our clients, which, by default, is anonymized before being processed by Neospace, ensuring that processing occurs on non-identifiable data, as established in the applicable contract.

In addition, we collect data that you voluntarily provide to us through the forms available on our website, social media, and other means of communication, such as:

    • Identification data: name, email address, telephone number, address, and personal documents you provide to us;
    • Professional data: profession, field of work, LinkedIn profile, and PII contained in a portfolio or résumé;
    • Data contained in direct communications, including any feedback that may be sent to us.

 

2.2 Purposes of PII processing

In the course of our activities, we use PII for the following purposes:

    • To provide and personalize our services, as established in the applicable contract;
    • To improve the user experience on our website and/or platform;
    • To review information from individuals interested in working with us, including data contained in portfolios and résumés submitted to us, for hiring purposes or inclusion in a talent pool;
    • To comply with legal or regulatory requests.

 

We use personal data for the following purposes:

    • To provide and personalize our products and services;
    • To analyze performance and improve user experience;
    • To collect and review information from individuals interested in working with us, including portfolios and resumes, for hiring or talent pool creation;
    • To fulfill legal or regulatory requirements.

 

3.0 Lawful basis for processing

The processing of PII is based on the following legal grounds:

    • Performance of a contract: 
    • Provision and management of the services contracted by clients; 
    • Review of résumés and portfolios submitted by individuals interested in working with us (pre-contractual steps related to hiring);
    • Consent: collection of non-essential cookies, as detailed below;
    • Compliance with a legal or regulatory obligation: to meet applicable legal or regulatory requirements;
    • Regular exercise of rights: to use data in judicial, administrative, or arbitration proceedings, where necessary.

 

4.0 Use of cookies

We use cookies and similar technologies on our website to ensure proper functioning, analyze website performance, and improve the user experience. Cookies are divided into two main categories:

    • Essential cookies: these are necessary for the basic functioning of the website and cannot be disabled in our systems. Their use does not depend on consent.
    • Non-essential cookies (analytics, performance, and/or marketing): we use these cookies for performance analysis purposes and, with your consent, to promote products and services. The use of these cookies depends on your prior consent, according to the lawful basis indicated in Section 3. 

 

You may manage your cookie preferences at any time through our consent banner on the website and may also withdraw your consent or change your settings directly in your browser.

 

5.0 PII sharing, transfer and disclosure

To achieve the purposes described above, it is sometimes necessary to use the services of third-party companies that carry out activities in accordance with our instructions. Such service providers are authorized to process PII only within the limits of the applicable lawful basis used, for example, within the limits of the contract entered into with clients for the purpose of providing infrastructure for the operation of our services. 

Where applicable, we will share PII with public authorities in order to comply with a legal or regulatory obligation or for the regular exercise of rights in judicial, administrative, or arbitration proceedings.

 

6.0 Information security

Neospace is committed to using its best technical and organizational efforts to protect all information under its responsibility against unauthorized access, loss, misuse, improper alteration, or destruction. 

We adopt internationally recognized privacy and information security standards and frameworks, including guidelines based on NIST, CIS, ISO/IEC 27001 and ISO/IEC 27701, ensuring that our controls remain continuously aligned with market best practices. Among the main measures implemented are:

    • End-to-end encryption (AES-256 and TLS 1.3), both at rest and in transit, to protect PII and business data;
    • Logical and physical segregation of environments, ensuring complete isolation between clients and the integrity of the information processed;
    • Access control based on the principle of least privilege, restricting access only to personnel who need the information to perform their duties;
    • Maintenance of immutable logs and audit trails, ensuring traceability and integrity of the actions carried out in our systems;
    • Data retention and secure deletion in accordance with contractual retention periods and purposes, or upon the Client’s request, ensuring compliance with the Brazilian General Data Protection Law (Law No. 13,709/2018 – LGPD);
    • Secure development policies, physical security, and continuous monitoring of infrastructure.

 

7.0 Basis for PII transfer between jurisdictions 

Due to the significant need for computing power, client data may be processed in the United States (Northern Virginia) or Australia (Sydney). Our providers in those locations maintain rigorous security and privacy standards and observe the rules applicable to international data transfers. Any changes relating to international data transfers are always aligned with clients in advance, and clients must approve them beforehand. 

In some cases, additional processing activities may require international data transfers. In such cases, we ensure that such transfers take place only where the destination country provides an adequate level of data protection, as determined by applicable law, or through specific contractual clauses. We are committed to working exclusively with partners and service providers that maintain rigorous data protection standards.

 

8.0 Retention and disposal

We will retain your data for no longer than is necessary to fulfill the purposes described above, or as required by applicable law. We recognize the importance of keeping data up to date and relevant; therefore, irrelevant or excessive data, or data whose retention period has expired, will be securely deleted or anonymized as soon as possible. 

PII collected and stored in our talent pool will be retained for a maximum period of 12 months from the date of submission or update. After this period, the information will be securely deleted.

 

9.0 Your rights as a PII principal

You may request, through our PII principal request channel or by email at [email protected], the exercise of the following rights:

    • Confirmation of processing: if you have questions about the data under our responsibility, you may request confirmation that your data is being processed;
    • Access to data: you may request a copy of your PII;
    • Correction of incomplete, inaccurate, or outdated data: this refers to the rectification of data that is incorrect. It is your responsibility to keep your data up to date;
    • Anonymization, blocking, or deletion of data: if you believe that we are processing unnecessary, excessive, or non-compliant data, you may request the anonymization, blocking, or deletion of such data;
    • Portability: you may request an electronic copy of your PII in an interoperable format;
    • Information on data sharing: you may request information about the public and private entities with which we share data;
    • Deletion of PII processed on the basis of consent: where applicable, you may request the deletion of PII processed on the basis of consent;
    • Information on the possibility of refusing consent: you may request information about the situations in which you may choose not to provide consent and the consequences of such refusal;
    • Objection and withdrawal of consent: you may object to the processing of PII carried out on the basis of consent and may withdraw your consent. 

 

We are committed to responding to these requests promptly and transparently, in accordance with the privacy and data protection laws applicable in each case.

 

10.0 Updates to the notice

Our Privacy Notice may be reviewed periodically to reflect changes in our practices or to comply with new regulations. Updates will be published directly on our website and will become effective upon publication. We recommend that you visit our website regularly to stay informed about any changes. In the event of significant changes, we will make reasonable efforts to notify you, whether through notices on our website or by email, where applicable.

 

11.0 Contact 

If you have any questions, concerns, or requests, please contact our Data Protection Officer (DPO):

 

We are committed to ensuring transparency and the highest standards of data protection. Please let us know how we may assist you.

 

NeoLDM's

Transformer Model

Documentation

Careers

NeoNews

Log In

Privacy Notice

 

Version 2.0 (updated on 2026-03-27)

 

  1. Introduction

We value privacy and have a strong commitment not only to protecting our clients’ Personally Identifiable Information (PII), but also any PII entrusted to us by them. For this reason, this document sets out clear and objective information on how we process PII, ensuring transparency at every stage.

This Privacy Notice, also referred to as the “Notice,” describes how we collect, use, and share — collectively referred to as the “processing” of data — your PII whenever you access our website or use our services. 

The terms set out in this Notice are consistent with the national and international laws applicable to privacy and PII protection and may be reviewed at any time as part of our ongoing efforts to improve and enhance our practices.

If you have any questions, we are available to assist you. Please contact our Data Protection Officer (DPO) at [email protected] .

 

  1. PII processed and purposes of processing

2.1 PII processed

Neospace acts primarily as a PII processor, processing PII exclusively in accordance with the Client’s instructions, acting as the PII controller, and within the contractually established limits, for the purpose of providing and continuously improving our services. Accordingly, we do not directly collect PII for the provision of services; we only process data provided by our clients, which, by default, is anonymized before being processed by Neospace, ensuring that processing occurs on non-identifiable data, as established in the applicable contract.

In addition, we collect data that you voluntarily provide to us through the forms available on our website, social media, and other means of communication, such as:

    • Identification data: name, email address, telephone number, address, and personal documents you provide to us;
    • Professional data: profession, field of work, LinkedIn profile, and PII contained in a portfolio or résumé;
    • Data contained in direct communications, including any feedback that may be sent to us.

 

2.2 Purposes of PII processing

In the course of our activities, we use PII for the following purposes:

    • To provide and personalize our services, as established in the applicable contract;
    • To improve the user experience on our website and/or platform;
    • To review information from individuals interested in working with us, including data contained in portfolios and résumés submitted to us, for hiring purposes or inclusion in a talent pool;
    • To comply with legal or regulatory requests.

 

We use personal data for the following purposes:

    • To provide and personalize our products and services;
    • To analyze performance and improve user experience;
    • To collect and review information from individuals interested in working with us, including portfolios and resumes, for hiring or talent pool creation;
    • To fulfill legal or regulatory requirements.

 

3.0 Lawful basis for processing

The processing of PII is based on the following legal grounds:

    • Performance of a contract: 
    • Provision and management of the services contracted by clients; 
    • Review of résumés and portfolios submitted by individuals interested in working with us (pre-contractual steps related to hiring);
    • Consent: collection of non-essential cookies, as detailed below;
    • Compliance with a legal or regulatory obligation: to meet applicable legal or regulatory requirements;
    • Regular exercise of rights: to use data in judicial, administrative, or arbitration proceedings, where necessary.

 

4.0 Use of cookies

We use cookies and similar technologies on our website to ensure proper functioning, analyze website performance, and improve the user experience. Cookies are divided into two main categories:

    • Essential cookies: these are necessary for the basic functioning of the website and cannot be disabled in our systems. Their use does not depend on consent.
    • Non-essential cookies (analytics, performance, and/or marketing): we use these cookies for performance analysis purposes and, with your consent, to promote products and services. The use of these cookies depends on your prior consent, according to the lawful basis indicated in Section 3. 

 

You may manage your cookie preferences at any time through our consent banner on the website and may also withdraw your consent or change your settings directly in your browser.

 

5.0 PII sharing, transfer and disclosure

To achieve the purposes described above, it is sometimes necessary to use the services of third-party companies that carry out activities in accordance with our instructions. Such service providers are authorized to process PII only within the limits of the applicable lawful basis used, for example, within the limits of the contract entered into with clients for the purpose of providing infrastructure for the operation of our services. 

Where applicable, we will share PII with public authorities in order to comply with a legal or regulatory obligation or for the regular exercise of rights in judicial, administrative, or arbitration proceedings.

 

6.0 Information security

Neospace is committed to using its best technical and organizational efforts to protect all information under its responsibility against unauthorized access, loss, misuse, improper alteration, or destruction. 

We adopt internationally recognized privacy and information security standards and frameworks, including guidelines based on NIST, CIS, ISO/IEC 27001 and ISO/IEC 27701, ensuring that our controls remain continuously aligned with market best practices. Among the main measures implemented are:

    • End-to-end encryption (AES-256 and TLS 1.3), both at rest and in transit, to protect PII and business data;
    • Logical and physical segregation of environments, ensuring complete isolation between clients and the integrity of the information processed;
    • Access control based on the principle of least privilege, restricting access only to personnel who need the information to perform their duties;
    • Maintenance of immutable logs and audit trails, ensuring traceability and integrity of the actions carried out in our systems;
    • Data retention and secure deletion in accordance with contractual retention periods and purposes, or upon the Client’s request, ensuring compliance with the Brazilian General Data Protection Law (Law No. 13,709/2018 – LGPD);
    • Secure development policies, physical security, and continuous monitoring of infrastructure.

 

7.0 Basis for PII transfer between jurisdictions 

Due to the significant need for computing power, client data may be processed in the United States (Northern Virginia) or Australia (Sydney). Our providers in those locations maintain rigorous security and privacy standards and observe the rules applicable to international data transfers. Any changes relating to international data transfers are always aligned with clients in advance, and clients must approve them beforehand. 

In some cases, additional processing activities may require international data transfers. In such cases, we ensure that such transfers take place only where the destination country provides an adequate level of data protection, as determined by applicable law, or through specific contractual clauses. We are committed to working exclusively with partners and service providers that maintain rigorous data protection standards.

 

8.0 Retention and disposal

We will retain your data for no longer than is necessary to fulfill the purposes described above, or as required by applicable law. We recognize the importance of keeping data up to date and relevant; therefore, irrelevant or excessive data, or data whose retention period has expired, will be securely deleted or anonymized as soon as possible. 

PII collected and stored in our talent pool will be retained for a maximum period of 12 months from the date of submission or update. After this period, the information will be securely deleted.

 

9.0 Your rights as a PII principal

You may request, through our PII principal request channel or by email at [email protected], the exercise of the following rights:

    • Confirmation of processing: if you have questions about the data under our responsibility, you may request confirmation that your data is being processed;
    • Access to data: you may request a copy of your PII;
    • Correction of incomplete, inaccurate, or outdated data: this refers to the rectification of data that is incorrect. It is your responsibility to keep your data up to date;
    • Anonymization, blocking, or deletion of data: if you believe that we are processing unnecessary, excessive, or non-compliant data, you may request the anonymization, blocking, or deletion of such data;
    • Portability: you may request an electronic copy of your PII in an interoperable format;
    • Information on data sharing: you may request information about the public and private entities with which we share data;
    • Deletion of PII processed on the basis of consent: where applicable, you may request the deletion of PII processed on the basis of consent;
    • Information on the possibility of refusing consent: you may request information about the situations in which you may choose not to provide consent and the consequences of such refusal;
    • Objection and withdrawal of consent: you may object to the processing of PII carried out on the basis of consent and may withdraw your consent. 

 

We are committed to responding to these requests promptly and transparently, in accordance with the privacy and data protection laws applicable in each case.

 

10.0 Updates to the notice

Our Privacy Notice may be reviewed periodically to reflect changes in our practices or to comply with new regulations. Updates will be published directly on our website and will become effective upon publication. We recommend that you visit our website regularly to stay informed about any changes. In the event of significant changes, we will make reasonable efforts to notify you, whether through notices on our website or by email, where applicable.

 

11.0 Contact 

If you have any questions, concerns, or requests, please contact our Data Protection Officer (DPO):

 

We are committed to ensuring transparency and the highest standards of data protection. Please let us know how we may assist you.