Privacy Policy

Last updated: March 20, 2026 · Compliant with Federal Law No. 152-FZ

Your privacy matters to us. This policy explains what data we collect, why we collect it, and how you can control it. We are committed to handling your personal data responsibly and in compliance with applicable Russian and international data protection law.

1. Who We Are

NeuroRinok ("we", "our", "the platform") is an AI prompt marketplace. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website at neurorinok.com. Data controller: NeuroRinok Contact: privacy@neurorinok.com

2. Data We Collect

We collect the following categories of personal data: Account data • Full name and email address (provided at registration) • Username and profile avatar • Account creation date and last login Transaction data • Purchase history and order details • Payment method type (we do not store full card numbers) • Payout information for sellers (bank/wallet details) Technical data • IP address and approximate geolocation • Browser type and device information • Pages visited and actions taken (analytics) • Cookies and similar tracking technologies Content data • Prompts created and listed by sellers • Reviews and ratings you submit • Support messages and correspondence

3. How We Use Your Data

We use your personal data for the following purposes: • To create and manage your account • To process purchases and payments • To deliver purchased content to buyers • To calculate and process seller payouts • To send transactional emails (order confirmations, verification codes) • To send platform notifications (new sales, account activity) • To detect and prevent fraud and abuse • To improve our platform via analytics • To comply with legal obligations We do not sell your personal data to third parties.

4. Legal Basis for Processing

We process your personal data under the following legal bases in accordance with Federal Law No. 152-FZ "On Personal Data": • Contract performance — processing necessary to fulfil your purchase or seller agreement • Legitimate interest — fraud prevention, platform security, analytics • Legal obligation — compliance with tax and financial regulations • Consent — marketing communications (you may withdraw at any time)

5. Data Sharing

We share your data only with trusted third parties necessary to operate the platform: Payment processors • YooKassa — for processing payments (subject to their privacy policy) • СБП / МИР — for processing payments via the Russian payment system Infrastructure providers • Amazon Web Services (AWS) — cloud hosting and storage • Neon.tech — database hosting • Vercel — frontend hosting Email services • SMTP provider — for transactional emails only All third-party processors are contractually bound to protect your data and use it only for the specified purpose.

6. Cookies

We use cookies and similar technologies to: • Keep you logged in (authentication cookies) • Remember your preferences • Analyse platform usage (analytics cookies) • Prevent fraud (security cookies) You can control cookies through your browser settings. Disabling certain cookies may affect platform functionality. We do not use advertising or tracking cookies from third-party ad networks.

7. Data Retention

We retain your personal data for as long as your account is active. After account deletion: • Account data is deleted within 30 days • Transaction records are retained for 5 years to comply with tax regulations • Log files are retained for 90 days for security purposes • Backup copies may persist for up to 60 days after deletion You may request deletion of your data at any time (see Section 9).

8. Data Security

We implement industry-standard security measures to protect your data: • All data is transmitted over HTTPS (TLS encryption) • Passwords are hashed using bcrypt — we never store plain-text passwords • JWT tokens expire after 15 minutes; refresh tokens after 30 days • Database access is restricted to authorised services only • Regular security audits and vulnerability assessments • DRM tokens protect purchased prompt content Despite these measures, no system is 100% secure. In the event of a data breach affecting your rights, we will notify you within 72 hours.

9. Your Rights

Under Federal Law No. 152-FZ, you have the following rights: Right of access — request a copy of all personal data we hold about you Right to rectification — correct inaccurate or incomplete data Right to erasure — request deletion of your personal data Right to portability — receive your data in a machine-readable format Right to object — opt out of certain types of processing Right to withdraw consent — for any processing based on consent To exercise any of these rights, email us at privacy@neurorinok.com. We will respond within 30 days.

10. Children's Privacy

NeuroRinok is not intended for users under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has created an account, please contact us at privacy@neurorinok.com and we will delete the account and associated data promptly.

11. International Transfers

Your data may be processed on servers located outside Russia (e.g. AWS EU region). We ensure that any international transfer of personal data is protected by appropriate safeguards in accordance with applicable law.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email and by posting a notice on the platform. Continued use of NeuroRinok after changes are posted constitutes acceptance of the updated policy.

13. Contact & Complaints

For privacy-related enquiries: Email: privacy@neurorinok.com If you are not satisfied with our response, you have the right to file a complaint with the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) at rkn.gov.ru.