PrivacyPolicy.

We collect the minimum data we need to run this site, respond to your inbound enquiries, and measure what marketing works. We don’t sell your data, we don’t run retargeting cookies until you explicitly accept them, and we delete what we no longer need.

If you only read one section, this is it. The rest is the complete version for completeness and for anyone building against India’s DPDP Act 2023 or the EU GDPR.

Neogen Media is an AI-first digital marketing and automation agency based in Kochi, Kerala, India. Our registered operating address:

For privacy enquiries or data requests, email privacy@neogenmedia.com or our general line info@neogenmedia.com.

When you use neogenmedia.com we may collect:

• Contact form data — name, email, phone number, company name, the service you selected, and any message you type in. Submitted voluntarily.
• Analytics data — anonymised pageview, session, device, and referral signals via Google Analytics 4 and Microsoft Clarity (heatmaps, session recordings). Only runs after you grant “Analytics” consent.
• Marketing attribution data— Meta Pixel, and Meta Conversions API signals used to measure ad performance. Only runs after you grant “Marketing” consent.
• Server logs— IP address and user-agent in standard web-server access logs, retained up to 30 days for abuse prevention.

We do notknowingly collect data from anyone under 18. We don’t ask for or process special-category data (health, political views, biometric data, etc.) through this website.

• To reply to you. Contact-form submissions flow to our team so we can respond, book a call, and scope work.
• To improve the site. Analytics tells us which pages are useful, which are broken, where users drop off.
• To measure marketing. Meta and Google marketing tags let us see which ad spend is generating qualified inbound, so we don’t waste budget.
• To comply with law. Where legally required (e.g. audit trails, fraud prevention), we retain records for the minimum required period.

Legal bases (GDPR terminology): consent (marketing), legitimate interest (essential site function, fraud prevention), contract (responding to your enquiry), legal obligation (where applicable).

We use Google Consent Mode v2 — nothing runs until you explicitly opt in via our consent banner. You can revisit your choice anytime by clearing your browser’s local storage for this domain. Three categories:

• Essential— always on. Session, security, form submission. No way to opt out without breaking the site.
• Analytics— Google Analytics 4, Microsoft Clarity. Anonymised. Off by default.
• Marketing— Meta Pixel, Meta CAPI. Used for ad measurement + attribution across our campaigns. Off by default.

Email, phone, and name are SHA-256 hashed before being sent to Meta Conversions API — Meta never sees them in plain text.

We do not sell your data. We share limited data with:

• Google LLC— Google Analytics 4, Google Tag Manager (analytics consent only).
• Meta Platforms Ireland Ltd— Meta Pixel, Conversions API (marketing consent only).
• Microsoft Corporation— Microsoft Clarity heatmaps (analytics consent only).
• GoHighLevel (LeadConnector Inc)— our CRM. Contact-form submissions are recorded here so we can follow up.
• n8n— workflow automation running on our own infrastructure. Routes contact-form submissions to email, CRM, and internal sheets.
• Google Workspace — email delivery (internal alerts + your auto-reply) via our Gmail-hosted domain.

Each of these processors is under a DPA / DPF / Standard Contractual Clauses arrangement as applicable.

• Contact form submissions— stored in our CRM for up to 36 months after last interaction, then deleted or anonymised.
• Consent records — stored in your browser’s local storage for 180 days, then re-prompted.
• Analytics data — Google Analytics 4 default retention 14 months; Clarity session recordings 30 days.
• Server logs — up to 30 days.

Under India’s Digital Personal Data Protection Act 2023 (DPDP) and the EU / UK GDPR, you have the right to:

• Ask what data we hold about you.
• Ask us to correct inaccurate data.
• Ask us to delete data (“right to erasure”).
• Withdraw consent for analytics / marketing tracking.
• Ask us to stop processing data for marketing purposes.
• File a complaint with the Data Protection Board of India (or your local supervisory authority in the EU/UK).

Email privacy@neogenmedia.com with your request. We respond inside 30 days.

The site runs on HTTPS with HSTS. Our infrastructure sits on Hostinger VPS + Dokploy with Let’s Encrypt SSL certificates renewed automatically. Secrets and tokens are stored as environment variables, not in source code. Sensitive user data (email, phone) is SHA-256 hashed before being transmitted to third-party marketing platforms.

No online service can guarantee 100% security. If you believe your data has been compromised via our site, email privacy@neogenmedia.com immediately.

We may update this policy as our stack and legal obligations evolve. Material changes will be reflected in the “Last updated” date above. If you’ve submitted a contact form in the past and we change our terms materially, we’ll notify the email on file.