Privacy Policy

1. Introduction

IllumiCore Ltd. ("we", "our", "us") operates neatcsv.com (the "Service"). This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

Privacy by Design: neatcsv is built with privacy as a core principle. All data cleaning operations happen entirely in your browser using JavaScript. Your files never leave your device during processing.

2. Data Controller

IllumiCore Ltd.

Agiou Dimitriou 3B

8280 Paphos, Cyprus

Email: info@neatcsv.com

3. Client-Side Data Processing

Your uploaded files are processed 100% locally in your browser. This means:

• Files you upload are never transmitted to our servers
• All transformations (cleaning, filtering, formatting) happen on your device
• We cannot see, access, or store your data files
• Your data remains completely private and under your control

✓ GDPR Compliant by Design: Since we never receive your data files, there is no risk of data breaches or unauthorized access to your sensitive information.

4. Data We Collect

4.1 Account Information

When you create an account, we collect:

• Email address: Used for account authentication and communication
• Password: Stored as a secure hash (bcrypt), never in plain text
• Subscription plan: The plan you selected (Starter, Professional, or Business)

4.2 Usage Data

To enforce subscription limits and improve our service, we track:

• Row count: Number of rows processed per download (to enforce monthly limits)
• File name: Name of the file you downloaded (not the content)
• Timestamp: When you performed the download

Note: We do NOT track which transformations you use, what data is in your files, or any personal information within your CSV/Excel files.

4.3 Payment Information

Payment processing is handled by Stripe. We do not store your credit card details on our servers. Stripe collects:

• Payment card information
• Billing address
• Transaction history

Stripe's Privacy Policy: https://stripe.com/privacy

5. Cookies and Local Storage

We use minimal cookies and browser storage:

• Session Cookie: To keep you logged in (httponly, secure, samesite)
• Local Storage: To save your last-used transformation settings for convenience (stored only on your device)

We do NOT use:

• Tracking cookies
• Analytics cookies (no Google Analytics, Facebook Pixel, etc.)
• Advertising cookies
• Third-party cookies (except Stripe for payment processing)

6. How We Use Your Data

We use the collected data for:

• Account management: Authentication and subscription management
• Billing: Processing payments and managing subscriptions via Stripe
• Usage tracking: Enforcing monthly row limits based on your plan
• Customer support: Responding to your inquiries and feature requests
• Service improvement: Understanding usage patterns to improve neatcsv

7. Data Retention

• Account data: Retained as long as your account is active
• Usage data: Retained for 12 months for billing and support purposes
• Pending registrations: Deleted after 24 hours if payment is not completed
• Deleted accounts: All personal data is permanently deleted within 30 days

8. Data Sharing and Third Parties

We do not sell, rent, or share your personal data with third parties, except:

• Stripe: For payment processing (required for subscriptions)
• Legal obligations: When required by law or to protect our legal rights

We do NOT share data with: Advertisers, data brokers, marketing companies, or any other third parties.

9. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Receive your data in a machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to processing of your data
• Withdraw consent: Withdraw consent for data processing at any time

To exercise any of these rights, contact us at info@neatcsv.com

10. Data Security

We implement industry-standard security measures:

• HTTPS encryption for all connections
• Bcrypt password hashing with salt
• Secure session management (httponly, secure, samesite cookies)
• Regular security updates and monitoring
• No data files stored on our servers (100% client-side processing)

11. International Data Transfers

Our servers are located in the European Union. Your data is processed and stored in compliance with GDPR. Stripe (our payment processor) may transfer data to the United States under approved EU-US data transfer mechanisms.

12. Children's Privacy

Our Service is not directed at children under 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such data, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Updating the "Last updated" date at the top
• Sending an email to your registered email address

Continued use of the Service after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights:

Email: info@neatcsv.com

Postal Address:

IllumiCore Ltd.

Agiou Dimitriou 3B

8280 Paphos, Cyprus