Privacy Policy

This Privacy Policy explains how Neskora ("we", "us", "our") collects, uses, stores, and protects your personal data when you use neskora.com and our email service. We are committed to handling your data lawfully, fairly, and transparently in line with the UK GDPR, the EU GDPR, and the Data Protection Act 2018.

1. Who we are

Neskora operates a personalized content and notification platform. We are the data controller for the personal data described in this policy. You can contact us at support@neskora.com or by post at: Neskora, Lindenmuth House, 37 Greenham Business Park, Thatcham, Berkshire, United Kingdom, RG19 6HW.

2. What data we collect

• Email address — provided when you sign up, used to deliver the emails you request.
• Topic preferences and frequency — the subjects you choose and how often you want to hear from us.
• Subscription status and consent records — including the date and time you confirmed your double opt-in, so we can demonstrate that you gave permission.
• Email engagement data — for example whether a message was delivered, bounced, or marked as spam, used to keep our list healthy and respect your choices.
• Messages you send us — if you contact us, we keep your message and contact details to respond.

We do not collect special category data, and we do not knowingly collect data from anyone under 16.

3. How and why we use your data

• To send you the transactional and opt-in emails you signed up for.
• To verify your email address through double opt-in before any subscription begins.
• To let you manage your preferences and unsubscribe.
• To maintain a suppression list so we never contact addresses that unsubscribed, bounced, or complained.
• To respond to your enquiries and meet our legal obligations.

4. Legal basis for processing

We rely on your consent (UK GDPR Article 6(1)(a)) for sending opt-in marketing and digest emails — consent you give through double opt-in and can withdraw at any time. We rely on our legitimate interests (Article 6(1)(f)) for security, fraud prevention, and maintaining the technical health of our mailing list, and to comply with our legal obligations where applicable.

5. How we send email (Amazon SES)

We send email using Amazon Simple Email Service (Amazon SES), a service provided by Amazon Web Services. Your email address and message content are processed by Amazon SES solely to deliver the emails you requested. Our sending domain is authenticated with SPF, DKIM, and DMARC. Amazon acts as our processor; see the AWS Privacy Notice for details on its handling of data.

6. Sharing your data

We do not sell, rent, or trade your personal data. We share it only with service providers that help us operate, such as Amazon SES for email delivery and our hosting provider, and only to the extent needed to provide the service. We may disclose data if required by law.

7. Data retention

We keep your data for as long as you have an active subscription. If you unsubscribe, we retain a minimal record of your email address on our suppression list so we can honor your choice and avoid contacting you again. You may request full deletion at any time.

8. International transfers

Some of our processors (including Amazon Web Services) may process data outside the UK and EEA. Where this happens, we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement or Standard Contractual Clauses.

9. Your rights

Under the UK GDPR and GDPR you have the right to:

• access the personal data we hold about you;
• request correction of inaccurate data;
• request erasure of your data ("right to be forgotten");
• object to or restrict processing;
• withdraw consent at any time, including by unsubscribing;
• data portability;
• lodge a complaint with a supervisory authority — in the UK, the Information Commissioner's Office (ICO).

To exercise any of these rights, email support@neskora.com. We respond to requests within 24 hours for unsubscribe requests and within one month for other data rights requests.

10. Cookies

Neskora's website is intentionally lightweight. We do not use advertising or third-party tracking cookies. Any cookies we set are strictly necessary for the site to function.

11. Security

We use appropriate technical and organizational measures to protect your data, including encryption in transit, access controls, and authenticated email sending. No method of transmission is completely secure, but we work to protect your data and review our practices regularly.

12. Changes to this policy

We may update this policy from time to time. We will post the new version here and update the "Last updated" date above. Material changes affecting how we use your data will be communicated to active subscribers.