Neya

Neya Privacy Notice

1. Introduction

Neya helps you engage with your local community, get more from where you live and feel supported in your neighbourhood. It’s designed to foster positive and supportive communication between people in your area, and to be proactive in helping you feel part of your community.

Neya Technologies Ltd (Neya, we, us, our) runs the ‘Neya – The Local Connection App’ (App or Neya App). At Neya, we take data protection and your privacy seriously. This privacy notice explains how we collect, use, disclose, and safeguard your information including when you use the Neya App. When we do this, we are known as the data controller.

This notice does not form part of any contract with you, and we may update this notice at any time. If you have any questions about any aspect of any of the privacy notice you can contact us by emailing us at hello@joinneya.com.

2. Who is this privacy notice for?

The way you interact with us will determine what personal data we collect, how we collect it, and why we use it. This privacy notice is for:

  • Neya App Users (this is you if you have registered to use the Neya App)
  • Community Partners (if you promote services or groups on the Neya App)
  • Event Attendees or Office Visitors
  • Job-applicants (when you apply for a job with us)
  • Researchers (individuals we have commissioned to work with us to conduct research on the effectiveness of the Neya App and its uses)
  • Website Visitors (this includes other digital locations we control such as our social media locations, surveys, polls, questionnaires etc. and often lead to interacting with us in other ways)
  • Suppliers to Neya

3. What personal data do we collect?

Neya App Users

As a Neya App User, to enable you to use the App we collect from you:

  • First name, last name, age, gender, post code, telephone number and a profile image
  • Prompts you add to the App, and messages and emojis you send and select

To allow Neya App Users to refine recommendations we collect from you (all fields are optional):

  • Reason(s) for joining, full address, your interests
  • Whether you have children and their dates of birth, skills you can help with
  • Type of household you live in (alone, with a partner etc.), free-text details about your household
  • Whether you have a pet and what type of pet

To allow us to manage Neya App Users and the platform itself we collect the following from your device or how you use the App:

  • Information on how you access and use the App, including IP address, browser type, pages visited, and time spent on each page
  • Information about the device used to access the App including device model, operating system and any unique device identifiers

Our service is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us by sending an email to hello@joinneya.com.

Community Partners

As a Community Partner involved in the promotion of a group, service or product within the Neya App we collect from you or a relevant website:

  • First Name(s), surname, email address, phone number, employer name or group name, job title or the title you hold within a group
  • The group, service or product you are associated with and the reason using the Neya App as the platform for promoting it as a community partner organisation
  • Communications we have with you during our interactions

Event or Office Visitors

Event or Office Visitors include online and physical locations and we collect and use the following personal data you provide:

  • First Name(s), surname, email address, phone number, age, reason(s) for attending an event or visiting our offices
  • If relevant to the event, your home address, job title, occupation, place of work, employer, time of entry and exit, dietary requirements and any accessibility requirements you may have, CCTV footage
  • Recordings, photographs, images, podcasts and/or videos recorded within any interviews, meetings or online sessions you have with us
  • Any personal data you volunteer in communications with us or in any free text fields in any paper-based or digital survey or webform specifically related to the event or visit
  • If applicable, payment details managed by a third-party payment provider

Job Applicants

As a Job Applicant within our recruitment process (which may include voluntary work you are doing with us) we will collect from you or an employer:

  • Contact details such as name, title, addresses, telephone numbers, and personal email addresses, preferred method of contact, notice period, preferred start date
  • Copies of driving licence, passport, birth certificates and proof of current address, such as bank statements and council tax bills
  • Evidence of how you meet the requirements of the job, such as application forms, CVs, covering letters, references, assessment outputs, employment history, academic qualifications/history, professional training/certifications, skills, and work experience or internships
  • Evidence of your current and/or future work eligibility status, immigration status, including visa type, and visa expiry date
  • Diversity and equal opportunities monitoring information – this can include information about your race or ethnicity, religious beliefs, sexual orientation, disability and other ‘special category data’ information about your health, including any medical needs or conditions
  • If you contact us regarding your application, a record of that correspondence including, but not limited to, the content and attachments of emails
  • Derived data about you, that is, data that includes our staff’s opinion of you such as, but not limited, to the stages you complete of the recruitment process and those you do not, records of interviews, interview notes/feedback, assessment feedback, rejection stage, rejection reason, and job offer details

Researchers

As a Researcher we are working with, we may collect a combination of the following from you or the organisation you work for:

  • First name, surname, email address, phone number(s), social media handle(s), employer and organisation you represent or have an association with relevant to your field of research
  • CV, qualifications and relevant experience including any previously published work
  • If relevant, your line manager and peers within the organisation you work for
  • Publicly available information on websites or Companies House
  • Further information in interviews, conversations and communications with us or within the research you are conducting which may or may not be recorded

Website Visitors

If you are a Website Visitor, we collect from your device and usage the following personal data:

  • Information about the device used to access our website, your visits and use of the website including your IP address, internet log information, location, browser type and version, referrer and activity, and details of visitor behaviour patterns
  • We record your activity and preferences when visiting our website through the use of cookies (see the section on Cookies, below)
  • IP address, operating system and browser information

Suppliers

If you are a Supplier to Neya, we collect and use the following personal data you provide to us, or we find accessible on the internet:

  • Name and job title, contact information including the company/organisation/institution you work for, telephone numbers and email addresses, where provided
  • Where you are a sole trader, payment and/or banking information
  • Information that you provide to us as part of us scoping and providing services to us which may include further employee personal data
  • If relevant, information about your use of our information systems and IT assets
  • Relevant information as required by any applicable Know Your Client and/or Anti-Money Laundering regulations (which may include request for identity information such as passports and information collected from publicly available sources e.g. Companies House)

4. What do we use your personal data for and our lawful basis?

Neya App Users

For Neya App Users we use your personal data for the following reasons which are necessary to provide the App services to you. This means the lawful basis for using your personal data is known being within the obligations of a contract (UK GDPR Article 6.1(b)):

  • To join the platform and help you get things done in your local community by facilitating communication and information sharing locally
  • To help locate the services and communities around you
  • To respond to your comments, questions, and requests and proactively identify ways the Neya App or your community can be of use to you via the generation of AI-powered responses and assistance and to personalise your experience and deliver content relevant to your interests
  • To message on the platform, create requests, create groups, provide feedback, update your profile, to use the App
  • To build a profile to improve the App’s recommendations and give informed choices whether to interact with the recommendations presented
  • For a profile to inform the creation of groups or interaction scoring methodologies for improved recommendations and interactions

It’s within our legitimate interest as the data controller (UK GDPR Article 6.1(f)) to use Neya App Users’ personal data for the following reasons:

  • To gain your permission for the use of AI platforms to process your personal data as part of the Neya App’s services. We do not allow AI platforms to train on your personal data outside of the Neya App technical instances of them.
  • To target relevant community group and advertising recommendations where it is of interest and relevant based on profile information and messages
  • To answer queries sent to hello@joinneya.com and respond or take action on any feedback written in the App and to provide, maintain, and improve the services
  • To monitor and analyse trends, usage, and activities in connection with services
  • To conduct secure research, evaluations and investigations with organisations we may partner with to encourage further usage, App feature development and create an evidence base about the effectiveness of improving social connectedness in current and new local areas
  • To share anonymised behaviour data with local council blue light services and the UK National Health Service (NHS) for research and trend analysis for the goal of improvement to local government services
  • To send administrative messages, updates, and security alerts to ensure the safety of Neya App Users or make them aware of relevant information as it arises
  • To monitor behaviour to ensure platform rules are observed and stop bad actors. This is a mix of AI moderation and human oversight. This may include sending warnings or closing an account or retaining personal data in case of investigation or any legal queries/concerns
  • To detect, investigate, and prevent fraudulent transactions and other illegal activities and comply with legal obligations

The Neya App doesn’t intentionally collect any special categories of personal data or sensitive data unless is added by a Neya App User voluntarily. The only reason we may use this information would be in the detection of any crime. This would be known as being used for the purpose of ‘substantial public interest’ under UK GDPR Article 9.2(g) in line with the Crime and Disorder Act 1998 - Section 17 – ‘To do all that it reasonably can to prevent, crime and disorder in its area’.

Community Partners

We use Community Partner personal data within the obligations of a contract as our lawful basis (UK GDPR Article 6.1(b)), otherwise we would not be able to work with you. We use your personal data in the following ways:

  • Consider, review and manage the relevance, fit and applicability of the group or service offering
  • Prevent or detect fraud or money laundering including fraudulent payments and fraudulent use of our services
  • Communicate with you and invite you to any relevant events or opportunities we feel may be relevant to your group, product or service

Event or Office Visitors

When you register or attend an event or visit our offices we collect and use your personal data in the following ways. This is within our legitimate interests as a data controller.

  • To register attendance and manage the event or visit
  • To follow up with you after the event with information about further events or opportunities to interact with Neya and to gather feedback
  • To ensure the safety and security of the event or visit and take action where necessary to prevent harm
  • To allow for accessibility and dietary needs/requirements for any events or visits
  • To use any photograph/video taken at any of our events within the Neya marketing collateral and documentation which may include brochures, webpages and social media location. If you do not wish to be in any photograph/video being take, please make sure you position yourself out of the line of sight of any cameras

Job Applicants

To process your application, this will be in accordance with our uses of your personal data being necessary within the performance of a contract with you.

We also need to ensure we use your personal data within compliance with employment law under the Employment rights Act 1996. It is our legitimate interest to use your personal data for the following purposes:

  • To reply to you about the position you have applied for or inquired about
  • To approach you as a good fit for employment, work experience or internship
  • To inform you about the status of your application
  • To check you are the right candidate for the role
  • To receive a reference from a sectoral relevant individual where they have gained permission from you to be introduced to us
  • To send you notifications for other job, work experience or internship vacancies
  • To invite you to participate in relevant surveys, questionnaires, and/or employment polls regarding your recruitment experience so we can improve our processes
  • With permission, retain your personal information for longer statutory requirements where you have not been successful but would like the opportunity to invite you to apply again in the future

Researchers

As a Researcher we are working with, this may be as part of a contract or within a collaborative piece of work with your employer. Therefore, the use of your personal data by us will be either within the obligations of a contract (UK GDPR Article 6.1(b)) or within our legitimate interests as a data controller (UK GDPR Article 6.1(f)). We will use your personal data in the following ways:

  • To interact during the development of a project idea, funding application and acceptance or rejection and to maintain legal and ethical compliance measures for a research project
  • To support the project technically, organisationally, or contractually and provide the right level of access to our systems as may be relevant to the research
  • To liaise for the creation of documentation and reports including but not limited to any interim or final project reports as required
  • For setting up and conducting of individual or group conversations which are held digitally or in person
  • To review your applicability for conducting the research with us and to set up meetings, events, and communication activities relevant to the research
  • Where relevant and agreed, to make you identifiable on published documentation so you receive the required accreditation for the work you have conducted
  • To add credibility to project documents where you are a recognised authority in a particular field or subject which may in turn attract investment or good will for participation in the research
  • To run any Disclosure and Barring Service (DBS) applications and processes if required for the research and share the outcome as required

Website Visitors

We monitor the website and keep it secure, and it helps us understand how we might improve the website through numbers of visits, visitor patterns and behaviour. We do this within our legitimate interests as the data controller under UK GDPR Article 6.1(f).

Suppliers

If you are a Supplier, we use your personal data within the obligations of a contract to:

  • Review your applicability to provide your services to us
  • Conduct business operations with you including contract management
  • Resolve queries or complaints
  • Provide you access to digital or physical infrastructure as appropriate
  • Prevent or detect fraud or money laundering including fraudulent payments and fraudulent use of our services
  • Process your invoice and its payment
  • Contact you to agree on a contract or a purchase order with you
  • Establish, defend, or enforce legal claims or regulatory investigations

To comply with our legal obligations under the UK GDPR, for all individuals listed in this section whose personal data we use, we would use your personal data:

  • To identify personal data and take relevant action upon submission of a data subject rights request
  • To be able to assess any impact on individuals of a data breach involving personal data
  • To help protect an individual from neglect or physical, mental or emotional harm, or protect the physical, mental or emotional well-being of an individual

Any special categories of personal data used in the above is in line with it being in the ‘substantial public interest’ for the prevention of crime or harm coming to individuals.

5. Who do we share your personal data with?

Any data shared with the below categories of recipients is the minimum necessary for the task they have been instructed to carry out on our behalf or in conjunction with us. Each category of recipient is subject to review to make sure they have the right methods in place for keeping your personal data secure.

  • AI Service Providers: We send message data and related context to Google Gemini (Google LLC) and OpenAI to generate AI responses and assist with product features.
  • Service Providers: Third-party vendors who provide services on our behalf, such as hosting, data analysis, payment processing, and customer service.
  • Business Partners: With your consent, we may share your information with our business partners to offer certain products, services, or promotions.
  • Research Partners: Under strict contractual and technical measures to ensure the security and integrity of your data we may share access your information with our research partners.
  • Legal Requirements: If required to do so by law or in response to valid requests by public authorities.
  • Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business.

Any third party that receives data from us must provide the same or equal protection of personal data as described in this privacy notice and required by applicable law. We never sell your personal data.

Where the sharing of personal data is within the context of a product or service being supplied under contract to Neya, a Data Processing Agreement (DPA), in accordance with UK GDPR Article 28, is put in place.

Where the sharing of personal data within the context of conducting research we put a Data Sharing Agreement in place between Neya and any research organisations containing specific information in accordance with the Information Commissioner’s Office ‘Data sharing code of practice’.

Neya uses service providers which process personal data outside the UK and the EU. We ensure any transfers of personal data out side of the UK are based on one of the following parameters:

  • Where the UK or European Commission have confirmed a country is ‘adequate’ (this means countries that have a similar level of data protection law as we have in the UK) – the UK and EU are ‘adequate’ for each other
  • On the basis of an International Data transfer Agreement (IDTA) or European Commission Standard Contractual Clauses (SCCs) with an addendum required by the UK (both of these are contracts which require the organisation to use and protect your personal data to the standard we expect within the UK)
  • On the basis of a supplier sharing data to another of their offices located outside the UK and EU and they have implemented contractual arrangements call ‘Binding Corporate Rules’. (These need to be verified by data protection regulators and do not allow an organisation to share data outside of their contracted network of suppliers and their own offices).

6. Cookies

We use a small number of cookies and similar technologies on our website:

  • Attribution cookie (nv_id): A randomly generated identifier set when you first visit joinneya.com or any subdomain (e.g. oxford.joinneya.com). It is stored for up to 30 days and is used solely to understand which campaigns, links, or sources led you to download our app. It contains no personally identifiable information — it is a random UUID. It is shared across Neya subdomains so that attribution is not lost if you visit a location-specific page.
  • Analytics cookies: Our analytics providers may set their own cookies or use local storage to track usage patterns. These help us understand which features are used and how the site is performing.
  • Advertising cookies: Where we run paid campaigns on third-party platforms, those platforms may store a cookie to help us measure the effectiveness of our advertising.

You can disable cookies in your browser settings at any time, though some features of the site may not work as expected.

7. How long will we keep your personal data?

Where you are Neya App User, we will keep your personal data during the time you are using the App and for two (2) years after you have stopped using the App which is the point from which there may not be any activity from you within the App.

If you request for your account to be deleted, we will retain your personal data for six (6) months after your request for the purposes of review should there be any complaints about information you have posted to the Neya App.

For all other individuals whose personal data we use, we will retain the minimum amount of personal data for at least twelve (12) months after we have finished our interaction with you. We review all data each year and will delete any personal data associated with you where it meets this threshold unless there is another legal reason for retaining your data for longer.

8. How do we keep your personal data secure?

We implement appropriate technical and organisational measures to protect data that we process from unauthorised disclosure, use, alteration or destruction. A data protection risk assessment has been conducted for the uses of personal data in the Neya App which has allowed us to ensure security of data is at the heart of what we do.

We will always keep these under review to make sure that the measures we have implemented remain appropriate.

9. What are your rights and how can you express them?

To express any of your data protection rights you can send an email to: hello@joinneya.com

  • Right of Access: You can request a copy of your personal data and details about how we use it
  • Right to Rectification: You can ask us to fix or change your personal data if it is wrong or incomplete
  • Right to Erasure: In some circumstances you can ask us to delete your personal data
  • Right to Restriction: You can ask us to limit how we use your personal data if:
    • it is not correct
    • it has been used against the law, but you do not want us to delete it
    • we do not need it anymore, but you want us to keep it for legal reasons
    • if you have already asked us to stop using it but you are waiting for us to confirm
  • Right to Object: You can ask to take back your consent for us to use your personal data at any time
  • Right to Data Portability: Where we process your personal data based on your consent or for the performance of a contract using automated means, you can ask us to provide it to you (or another organisation) in a structured, commonly used and machine-readable format
  • Automated Decision-Making Rights: You have the right not to have decisions made about you by a computer, if those decisions significantly affect you (e.g. legally)

You will not have to pay a fee to access your personal data (or to use any of the other rights). However, we might charge a fee if your request is unreasonable or too much.

10. How can you complain about our use your personal data?

If you want to raise a complaint about the way we’ve handled your personal data, you can contact us by sending an email to: hello@joinneya.com. Upon contact you will enter our data protection complaints process.

If you feel we have not addressed your complaint satisfactorily when we consider there is no further action to take, you have the right to complaint to the UK data protection regulator the Information Commissioner’s Office (ICO).

You can submit your complaint to the ICO by either:

  • Clicking here to access to ICO complaints tool; or
  • By giving them a call on the ICO helpline: 0303 123 1113.

11. How can you contact us about this privacy notice?

If you have any questions about the information in this privacy notice, then you can contact the Data Protection Officer via email: hello@joinneya.com or by post within a letter to:

NEYA TECHNOLOGIES LTD
C/O Founders Law, 1 Hamilton House, Temple Avenue, London, Greater London, United Kingdom, EC4Y 0HA

12. When was this privacy notice last updated?

We may update this notice (and any supplemental privacy notice), from time to time. We will notify you of the changes where required by applicable law to do so.

Last modified: 08 April 2026

Neya - The Local Connection App