Privacy Policy

Last Updated: December 2025

---

Introduction

This Privacy Policy describes how MEON NEON (the "Site", "we", "us", or "our"), a Worldwide Signage Ltd. company, collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from meonneon.com (the "Site") or otherwise communicate with us regarding the Site (collectively, the "Services").

For purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy.

Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access any of the Services.

---

Data Controller Information

For customers in the United States:

• Worldwide Signage Ltd. / MEON NEON
• 8405 West 54th Place, Arvada, CO 80002, United States
• Email: hello@meonneon.com

For customers in the European Economic Area (EEA) and United Kingdom:

• Data Controller: Worldwide Signage Ltd. / MEON NEON
• EU Representative: [To be designated if processing significant EU data]
• UK Representative: [To be designated if processing significant UK data]
• Contact: hello@meonneon.com

For customers in Canada:

• Worldwide Signage Ltd. / MEON NEON
• Privacy Officer Contact: hello@meonneon.com

For customers in Australia:

• Worldwide Signage Ltd. / MEON NEON
• Privacy Contact: hello@meonneon.com

---

Our Commitment to Your Privacy

We do not sell your personal information for marketing purposes or any other purposes. Your trust is important to us, and we are committed to maintaining the confidentiality and security of your personal information. We only share your information with third-party service providers who help us operate our business and deliver services to you, and only to the extent necessary for those purposes.

Our Privacy Principles

• Transparency: We are clear about what information we collect and how we use it
• Purpose Limitation: We only collect information for specific, legitimate purposes
• Data Minimization: We collect only what we need
• Accuracy: We keep information accurate and up-to-date
• Storage Limitation: We retain information only as long as necessary
• Security: We protect your information with appropriate safeguards
• Accountability: We are responsible for compliance with privacy laws

---

Changes to This Privacy Policy

We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on the Site, update the "Last Updated" date and take any other steps required by applicable law.

How We Notify You

If we make material changes to this Privacy Policy, we will provide you with prominent notice as appropriate under the circumstances, such as:

• Displaying a prominent notice within the Site
• Sending you an email notification (if we have your email address)
• Push notification (if you have enabled notifications)
• Pop-up notice when you visit the Site
• For significant changes affecting your rights, we may require you to re-consent

Your continued use of the Services after the effective date of changes constitutes your acceptance of the updated Privacy Policy.

---

What Personal Information We Collect

The types of personal information we obtain about you depends on how you interact with our Site and use our Services. When we use the term "personal information", we are referring to information that identifies, relates to, describes or can be associated with you.

Legal Basis for Processing (EEA/UK Customers)

We process your personal information based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill our contract with you (e.g., processing orders)
• Consent: You have given clear consent for specific processing activities
• Legitimate Interests: Processing necessary for our legitimate business interests (e.g., fraud prevention, marketing to existing customers)
• Legal Obligation: Processing required to comply with legal requirements

Categories of Personal Information

The following sections describe the categories and specific types of personal information we collect.

---

Information We Collect Directly from You

Information that you directly submit to us through our Services may include:

Contact Information

• Full name
• Mailing address
• Email address
• Phone number
• Company name (if applicable)
• Job title (for B2B customers)

Legal Basis (EEA/UK): Contract performance, Legitimate interests

Order and Transaction Information

• Billing address
• Shipping address
• Payment confirmation details
• Order history
• Purchase preferences
• Communication preferences
• Transaction amounts and dates

Legal Basis (EEA/UK): Contract performance, Legal obligation (tax/accounting records)

Note: We do not store complete payment card details. Payment processing is handled securely by our payment processor.

Account Information

• Username
• Password (encrypted - we cannot view your password)
• Security questions and answers
• Account preferences and settings
• Saved payment methods (tokenized through payment processor)
• Wishlist items
• Browsing history on our Site

Legal Basis (EEA/UK): Contract performance, Consent

Customer Support Information

• Support tickets and inquiries
• Chat transcripts
• Communications with our customer service team
• Feedback and survey responses
• Product reviews and ratings
• Warranty claims and service requests

Legal Basis (EEA/UK): Contract performance, Legitimate interests

Marketing and Communication Preferences

• Email subscription preferences
• SMS opt-in status and preferences
• Communication frequency preferences
• Interest categories
• Marketing consent records

Legal Basis (EEA/UK): Consent (for marketing), Legitimate interests (for customer communications)

Business Customer Information (B2B)

• Business name and registration details
• Tax identification numbers (as required)
• Business type and industry
• Number of employees
• Business contact information
• Authorized representatives

Legal Basis (EEA/UK): Contract performance, Legal obligation

Some features of the Services may require you to directly provide us with certain information about yourself. You may elect not to provide this information, but doing so may prevent you from using or accessing these features.

---

Information We Collect Automatically

We may automatically collect certain information about your interaction with the Services ("Usage Data"). To do this, we may use cookies, pixels, web beacons, and similar technologies ("Cookies"). Usage Data may include:

Device Information

• Device type and model
• Operating system and version
• Unique device identifiers
• Mobile network information
• Device settings
• Screen resolution
• Language preferences

Legal Basis (EEA/UK): Consent (for non-essential cookies), Legitimate interests

Browser and Network Information

• Browser type and version
• IP address and approximate location (country, region, city level)
• Internet service provider
• Referring/exit pages
• Date and time stamps

Legal Basis (EEA/UK): Legitimate interests, Consent (for certain tracking)

Site Usage Information

• Pages viewed and content accessed
• Features used
• Search queries
• Click patterns and navigation paths
• Time spent on pages
• Shopping cart activity
• Products viewed and added to cart
• Abandoned cart information
• Conversion tracking

Legal Basis (EEA/UK): Consent (for analytics cookies), Legitimate interests

Performance and Diagnostic Data

• Crash reports
• Error logs
• Performance metrics
• Debug information
• Server logs

Legal Basis (EEA/UK): Legitimate interests

---

Information We Obtain from Third Parties

We may obtain information about you from third parties, including:

Service Providers and Business Partners

• Shopify and e-commerce platform providers who support our Site and Services
• Payment processors who collect payment information (e.g., bank account, credit or debit card information, billing address) to process your payment in order to fulfill your orders and provide you with products or services you have requested
• Shipping and logistics providers (delivery status, tracking information)
• Marketing and analytics service providers (campaign performance, demographic data)
• Customer service platforms (support interaction data)
• Fraud prevention services (risk assessment data)

Legal Basis (EEA/UK): Contract performance, Legitimate interests, Consent

Social Media Platforms

• Information from social media widgets and login integrations
• Public profile information when you interact with our social media pages
• Social media advertising interaction data
• User-generated content you share about our products

Legal Basis (EEA/UK): Consent, Legitimate interests

Data Enrichment Services

• Demographic information
• Interest and preference data
• Business information (for B2B customers)
• Postal address verification and standardization

Legal Basis (EEA/UK): Legitimate interests, Consent

Advertising Partners

• Information about your interactions with advertisements
• Campaign performance data
• Conversion tracking information
• Attribution data

Legal Basis (EEA/UK): Consent

Publicly Available Sources

• Business directories
• Social media profiles (public information only)
• Government registries (for business verification)

Legal Basis (EEA/UK): Legitimate interests

Any information we obtain from third parties will be treated in accordance with this Privacy Policy and will be combined with other information we collect about you as described herein.

---

How We Use Your Personal Information

We collect and use your personal information for the following purposes:

1. Providing Products and Services

We use your personal information to provide you with the Services in order to perform our contract with you, including to:

• Process your payments securely
• Fulfill your orders and arrange for shipping
• Send notifications related to your account, purchases, returns, exchanges or other transactions
• Create, maintain and otherwise manage your account
• Facilitate returns and exchanges
• Provide customer support
• Enable account features and functionalities
• Process warranty claims
• Coordinate professional installation services (where applicable)
• Match your account with other Shopify services that you may choose to use

Legal Basis (EEA/UK): Contract performance, Legal obligation

Retention Period: Duration of account activity plus 7 years for transaction records (legal/tax requirements)

2. Marketing and Advertising

We may use your personal information for marketing and promotional purposes, such as to:

• Send marketing, advertising and promotional communications by email, text message or postal mail (only with your consent where required by law)
• Show you advertisements for products or services
• Better tailor the Services and advertising on our Site and other websites
• Conduct market research and analyze customer preferences
• Develop new products and services
• Measure the effectiveness of our marketing campaigns
• Create customer segments for targeted marketing
• Send personalized product recommendations

Legal Basis (EEA/UK): Consent (for direct marketing), Legitimate interests (for existing customers)

Retention Period: Until you opt out or 3-5 years of inactivity

Important: We do not sell your personal information for marketing purposes. We only use your information for our own marketing efforts or share it with service providers who help us with marketing activities.

3. Security and Fraud Prevention

We use your personal information to:

• Detect, investigate or take action regarding possible fraudulent, illegal or malicious activity
• Verify your identity
• Protect against security threats and unauthorized access
• Prevent spam, abuse, and other harmful activities
• Enforce our terms of service
• Comply with legal obligations
• Protect the safety and security of our users and staff

Legal Basis (EEA/UK): Legal obligation, Legitimate interests

Retention Period: As long as necessary for security purposes or as required by law

If you choose to use the Services and register an account, you are responsible for keeping your account credentials safe. We highly recommend that you do not share your username, password, or other access details with anyone else. If you believe your account has been compromised, please contact us immediately.

4. Communicating with You and Service Improvement

We use your personal information to:

• Provide you with customer support
• Respond to your inquiries and requests
• Improve our Services and user experience
• Conduct analytics and research
• Develop new features and functionality
• Test and monitor the effectiveness of our Services
• Troubleshoot issues and fix bugs
• Conduct customer satisfaction surveys
• Gather feedback on our products and services

Legal Basis (EEA/UK): Legitimate interests, Contract performance

Retention Period: 2-3 years for support communications

This is in our legitimate interests in order to be responsive to you, to provide effective services to you, and to maintain our business relationship with you.

5. Legal and Compliance Purposes

We may use your personal information to:

• Comply with applicable laws, regulations, and legal processes
• Respond to lawful requests from public authorities
• Establish, exercise or defend legal claims
• Protect our rights and property
• Investigate violations of our terms of service
• Maintain records as required by tax and accounting regulations
• Comply with export control and sanctions laws
• Respond to requests from law enforcement

Legal Basis (EEA/UK): Legal obligation, Legitimate interests

Retention Period: As required by applicable law (typically 7-10 years for financial records)

---

SMS and Email Marketing Compliance

We are committed to ensuring our marketing practices comply with all applicable laws and regulations, including those set forth by 10DLC guidelines, the Telephone Consumer Protection Act (TCPA), CAN-SPAM Act, GDPR (for EU customers), CASL (for Canadian customers), Spam Act 2003 (for Australian customers), and other regulatory agencies governing text and email communications.

SMS Marketing

Consent Requirements (All Regions)

• We only send SMS marketing messages to individuals who have explicitly opted in through a clear and conspicuous disclosure
• By opting in, you consent to receive recurring automated marketing text messages from MEON NEON at the phone number provided
• Consent is not a condition of purchase
• Message frequency varies based on your preferences and promotional activities
• Message and data rates may apply

Region-Specific SMS Compliance

United States:

• Complies with TCPA and CTIA guidelines
• 10DLC registration for commercial messaging
• Clear opt-in before any marketing messages

Canada:

• Complies with Canada's Anti-Spam Legislation (CASL)
• Express consent obtained before sending commercial electronic messages
• Identification information included in all messages
• Unsubscribe mechanism provided

European Union / United Kingdom:

• Complies with GDPR Article 6 (lawful basis for processing)
• ePrivacy Directive requirements met
• Explicit consent obtained before sending marketing SMS
• Right to withdraw consent at any time

Australia:

• Complies with Spam Act 2003
• Consent obtained before sending marketing messages
• Identification and contact information included
• Functional unsubscribe facility provided

Your Rights (All Regions)

• You can opt out at any time by texting "STOP" to any message from us
• You can text "HELP" for customer support information
• We will send a confirmation message when you opt out
• For EU/UK customers: You can withdraw consent at any time without affecting the lawfulness of processing before withdrawal

Important SMS Disclosures

• Carriers are not liable for delayed or undelivered messages
• We use industry-standard encryption to protect message content
• We do not charge for messages, but your carrier's rates may apply

Form Opt-Ins and Data Protection

We will not share your opt-in to an SMS campaign with any third party for purposes unrelated to providing you with the services of that campaign. We may share your personal data, including your SMS opt-in or consent status, with third parties that help us provide our messaging services, including but not limited to:

• Platform providers (e.g., SMS delivery platforms)
• Phone companies and telecommunications carriers
• Any other vendors who assist us in the delivery of text messages

All SMS originator opt-in data and consent information will not be shared with any third parties for their own marketing purposes.

Email Marketing

Consent and Communication (All Regions)

United States:

• CAN-SPAM Act compliance
• Clear sender identification
• Accurate subject lines
• Physical postal address included
• Opt-out mechanism in every email

Canada:

• CASL compliance
• Express or implied consent before sending
• Identification information included
• Unsubscribe mechanism provided

European Union / United Kingdom:

• GDPR compliance
• Lawful basis for processing (consent or legitimate interest)
• Clear consent mechanism
• Right to object to processing
• Data protection rights information

Australia:

• Spam Act 2003 compliance
• Consent obtained before sending
• Accurate sender information
• Functional unsubscribe facility

Each marketing email includes:

• Clear sender identification
• Functioning unsubscribe link
• Our physical business address
• Accurate subject line reflecting content

Types of Emails We Send

Marketing Emails (Require Consent):

• Promotional offers and announcements
• Product recommendations
• Abandoned cart reminders (where consent obtained)
• Newsletter subscriptions
• Special event notifications

Transactional Emails (Do Not Require Marketing Consent):

• Order confirmations
• Shipping notifications
• Account alerts and password resets
• Warranty and service notifications
• Responses to your inquiries

We will continue to send transactional emails even if you opt out of marketing communications, as these are necessary for the Services.

Unsubscribe Rights

• We honor unsubscribe requests within 10 business days
• You can unsubscribe by clicking the link in any marketing email
• You can also contact us directly to opt out
• Each unsubscribe request is processed permanently
• You may still receive transactional emails after unsubscribing from marketing

Compliance Measures

We take the following measures to ensure compliance across all jurisdictions:

• Transparency: Messages always include clear information about the sender and how to opt out
• Privacy Protection: We adhere to strict data protection policies, ensuring your contact information is handled securely and never sold or shared for marketing purposes without your consent
• Record Keeping: We maintain records of consent and opt-out requests in compliance with applicable regulations (GDPR, CASL, TCPA, Spam Act)
• Regular Audits: We regularly review our messaging practices to ensure ongoing compliance with all applicable laws
• Training: Our staff receives training on compliance requirements and best practices across multiple jurisdictions
• Data Protection Impact Assessments: We conduct DPIAs for high-risk processing activities

---

Cookies and Tracking Technologies

Like many websites, we use Cookies and similar tracking technologies on our Site to enhance your experience and collect information about how you use our Services.

What Are Cookies?

Cookies are small text files that are placed on your device when you visit a website. They help websites remember your preferences and understand how you interact with the site.

Types of Cookies We Use

1. Essential Cookies (Strictly Necessary)

Purpose: Required for the Site to function properly

Examples:

• Shopping cart functionality
• Security features
• Account access and authentication
• Load balancing

Legal Basis: Legitimate interests (necessary for service provision)

Can be disabled: No - these are essential for the Site to work

2. Performance and Analytics Cookies

Purpose: Help us understand how visitors interact with our Site

Examples:

• Google Analytics
• Page visit tracking
• Error reporting
• A/B testing

Legal Basis: Consent (EEA/UK/AU), Legitimate interests (where permitted)

Can be disabled: Yes

3. Functionality Cookies

Purpose: Allow us to remember your preferences

Examples:

• Language preferences
• Currency selection
• Design customization
• User interface preferences

Legal Basis: Consent (EEA/UK/AU), Legitimate interests (where permitted)

Can be disabled: Yes

4. Advertising and Marketing Cookies

Purpose: Deliver relevant advertisements and measure effectiveness

Examples:

• Facebook Pixel
• Google Ads tracking
• Retargeting cookies
• Conversion tracking

Legal Basis: Consent

Can be disabled: Yes

Third-Party Cookies

We may permit third parties and service providers to use Cookies on our Site to:

• Better tailor services, products and advertising on our Site and other websites
• Provide analytics and insights
• Deliver targeted advertising
• Enable social media features
• Measure advertising campaign effectiveness

Third-party services we use include:

• Google Analytics
• Facebook/Meta Pixel
• Payment processors (Stripe, PayPal)
• Shopify analytics
• Marketing automation platforms

For specific information about the Cookies that we use related to powering our store with Shopify, see https://www.shopify.com/legal/cookies.

Cookie Duration

• Session Cookies: Deleted when you close your browser
• Persistent Cookies: Remain on your device for a set period or until you delete them
• Our cookie retention: Typically 1-24 months depending on purpose

Your Cookie Choices

Browser Settings

Most browsers automatically accept Cookies by default, but you can choose to set your browser to remove or reject Cookies through your browser controls. Instructions for popular browsers:

• Chrome: Settings > Privacy and Security > Cookies
• Firefox: Settings > Privacy & Security > Cookies
• Safari: Preferences > Privacy > Cookies
• Edge: Settings > Privacy > Cookies

Please keep in mind that removing or blocking Cookies can negatively impact your user experience and may cause some of the Services, including certain features and general functionality, to work incorrectly or no longer be available.

Cookie Consent Management

For EEA/UK/Australian visitors: When you first visit our Site, you'll see a cookie banner allowing you to:

• Accept all cookies
• Reject non-essential cookies
• Customize your preferences
• Access detailed cookie information

You can change your cookie preferences at any time by:

• Clicking "Cookie Settings" in our website footer
• Clearing your browser cookies and revisiting our Site
• Contacting us at hello@meonneon.com

Global Privacy Control and Do Not Track

Our website recognizes the Global Privacy Control (GPC) signal, which enables you to opt-out of certain uses or disclosures of your information. If you notify us of your preference through GPC, we will treat such signal as a valid request to opt out of sharing/targeted advertising for the associated browser or device, and, if we are able to associate the device sending the signal to a Shopify account, we will apply the opt out request to the account as well.

To learn more about Global Privacy Control, you can visit https://globalprivacycontrol.org/.

Other than the Global Privacy Control, we do not recognize other "Do Not Track" signals that may be sent from your web browser or device.

---

How We Disclose Personal Information

We do not sell your personal information. We may disclose your personal information to third parties only in the following circumstances:

1. Service Providers

We share your information with vendors and third parties who perform services on our behalf, including:

Technology and Infrastructure:

• IT infrastructure and hosting providers (AWS, Google Cloud)
• Data analytics and business intelligence providers
• Cloud storage providers
• Cybersecurity and fraud prevention services

E-commerce and Payments:

• Payment processors and financial institutions (Stripe, PayPal)
• E-commerce platform providers (Shopify)
• Order fulfillment and shipping companies (FedEx, DHL, UPS)

Marketing and Communications:

• Marketing and advertising service providers
• Email and SMS delivery services (Mailchimp, Twilio)
• Social media platforms (Meta, Google)
• Survey and feedback platforms

Customer Service:

• Customer support and helpdesk platforms
• Live chat providers
• Call center services

Geographic Locations: These service providers may be located in:

• United States
• Canada
• European Union
• United Kingdom
• Australia
• Other countries where necessary for service delivery

Contractual Protections: These service providers are contractually obligated to:

• Use your personal information only to provide services to us
• Protect your information in accordance with this Privacy Policy
• Comply with applicable data protection laws
• Implement appropriate security measures
• Not use data for their own purposes

2. With Your Consent or At Your Direction

We may share your information when you:

• Direct us to share information with specific third parties
• Request services that require sharing (e.g., shipping)
• Use social media widgets or login integrations
• Participate in co-marketing programs
• Connect third-party applications to your account
• Otherwise provide explicit consent

3. Corporate Affiliates

We may share information with our affiliates or otherwise within our corporate group for:

• Business operations
• Customer service
• Marketing purposes (with consent where required)
• Internal reporting
• Security and fraud prevention
• Product development

Our affiliates are bound by confidentiality obligations and must handle your personal information in accordance with this Privacy Policy.

4. Business Transactions

In connection with:

• Mergers or acquisitions
• Sale of assets
• Financing transactions
• Bankruptcy or reorganization
• Other business transactions

In such events, your personal information may be transferred to the acquiring entity or other involved parties. We will:

• Notify you via email and/or prominent notice on our Site
• Ensure the acquiring party agrees to handle your information in accordance with this Privacy Policy or obtain your consent for different practices

5. Legal Obligations and Rights Protection

We may disclose your information to:

Legal Compliance:

• Comply with applicable laws, regulations, and legal processes
• Respond to subpoenas, search warrants, court orders, and similar legal requests
• Comply with tax, customs, and other regulatory requirements
• Meet data localization requirements

Rights Protection:

• Enforce our terms of service and other agreements
• Protect and defend our rights, property, and operations
• Protect the rights, safety, and security of our users and others
• Investigate and prevent fraud, security threats, and illegal activities

Public Authorities:

• Respond to requests from law enforcement
• Cooperate with national security or intelligence requirements (where legally obligated)

When legally required, we will notify you about such requests unless prohibited by law or court order.

6. De-Identified and Aggregated Information

We may share de-identified or aggregated information that cannot reasonably be used to identify you for:

• Research purposes
• Marketing and promotional activities
• Analytics and statistical analysis
• Industry benchmarking
• Other lawful business purposes

This information does not constitute personal information and is not subject to this Privacy Policy.

---

International Data Transfers

We operate globally and may transfer, store and process your personal information outside the country you live in, including in the United States and other countries. Your personal information is also processed by staff and third party service providers and partners in these countries.

Countries Where We Process Data

Your personal information may be transferred to and processed in:

• United States (primary operations and hosting)
• Canada (service providers)
• European Economic Area (EU customers' data may remain in EEA)
• United Kingdom (service providers)
• Australia (Australian customers' data may remain in Australia)
• Other countries where our service providers operate

Data Protection for International Transfers

The data protection laws in these countries may differ from those in your country of residence. However, we take steps to ensure that your information receives an adequate level of protection wherever it is processed.

From the European Economic Area (EEA) and United Kingdom

When we transfer personal information from the EEA or UK to countries not recognized as providing adequate protection, we implement appropriate safeguards, including:

Standard Contractual Clauses (SCCs):

• European Commission's Standard Contractual Clauses (2021 version)
• UK International Data Transfer Agreement (IDTA) or UK Addendum to SCCs
• Supplementary measures where necessary to ensure adequate protection

Adequacy Decisions:

• Transfers to countries recognized by the EU Commission as providing adequate protection
• Transfers to countries recognized by the UK as providing adequate protection

Other Mechanisms:

• Binding Corporate Rules (where applicable)
• Certifications (e.g., EU-US Data Privacy Framework, if we participate)
• Explicit consent for specific transfers (where appropriate)

You may request a copy of the safeguards we use for international transfers by contacting us at hello@meonneon.com.

From Canada

For transfers from Canada, we ensure compliance with:

• Personal Information Protection and Electronic Documents Act (PIPEDA)
• Contractual protections requiring equivalent data protection
• Privacy principles under PIPEDA Schedule 1

From Australia

For transfers from Australia, we comply with:

• Australian Privacy Principles (APPs), specifically APP 8
• Taking reasonable steps to ensure overseas recipients comply with APPs
• Contractual protections
• Disclosure of likely recipient countries

Security During Transfer

All data transfers are protected by:

• Encryption in transit (TLS 1.2 or higher)
• Secure file transfer protocols
• Access controls and authentication
• Regular security audits

---

Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction.

Security Measures

Our security measures include:

Technical Safeguards:

• Encryption of data in transit using SSL/TLS protocols (minimum TLS 1.2)
• Encryption of sensitive data at rest
• Secure storage of passwords (hashed and salted)
• Firewall protection and intrusion detection systems
• Regular security assessments and vulnerability testing
• Multi-factor authentication for administrative access
• Secure backup and disaster recovery procedures
• Regular software updates and security patches

Organizational Safeguards:

• Employee training on data security and privacy
• Access controls and authentication mechanisms (role-based access)
• Background checks for employees with access to personal data
• Confidentiality agreements with employees and contractors
• Incident response procedures and breach notification protocols
• Regular privacy and security audits
• Data protection impact assessments for high-risk processing
• Privacy by design and by default principles

Physical Safeguards:

• Secure data centers with restricted access
• Surveillance and monitoring systems
• Environmental controls (fire suppression, climate control)
• Secure disposal of physical media containing personal data

Security Certifications

Our service providers maintain various security certifications, including:

• SOC 2 Type II compliance
• ISO 27001 certification
• PCI DSS compliance (for payment processing)

Limitations

Please be aware that no security measures are perfect or impenetrable, and we cannot guarantee "perfect security." In addition:

• Any information you send to us may not be secure while in transit
• We recommend that you do not use insecure channels to communicate sensitive or confidential information to us
• You are responsible for maintaining the security of your account credentials
• Public Wi-Fi networks may not be secure

Security Breach Notification

If we learn of a security breach affecting your personal information, we will notify you in accordance with applicable law:

EEA/UK: Within 72 hours to supervisory authority; without undue delay to affected individuals for high-risk breaches

Canada: As soon as feasible to Privacy Commissioner and affected individuals for breaches creating real risk of significant harm

Australia: As soon as practicable to Office of the Australian Information Commissioner and affected individuals for eligible data breaches

United States: In accordance with applicable state breach notification laws

Notification will include:

• Nature of the breach
• Types of personal information involved
• Steps we are taking to address the breach
• Recommended actions you can take
• Contact information for inquiries

Your Responsibility

You are responsible for:

• Maintaining the confidentiality of your account credentials
• Using strong, unique passwords
• Not sharing your login information
• Logging out of your account after use
• Using secure internet connections
• Keeping your device and software up to date
• Notifying us immediately if you suspect unauthorized access: hello@meonneon.com

---

Data Retention

How long we retain your personal information depends on different factors, such as:

• Whether we need the information to maintain your account
• Whether we need the information to provide the Services
• Legal obligations requiring us to retain information
• Whether we need the information to resolve disputes or enforce agreements
• The nature and sensitivity of the information
• Our legitimate business needs
• Your retention preferences (where applicable)

Retention Periods by Category

Category	Retention Period	Reason
Account Information	Duration of account activity + 30 days after closure	To provide services and comply with legal obligations
Transaction Records	7-10 years after transaction	Tax, accounting, and legal requirements (varies by jurisdiction)
Payment Information	Not stored (tokenized by payment processor)	Security and PCI DSS compliance
Marketing Information	Until opt-out + 90 days, or 3-5 years of inactivity	To respect opt-out requests and manage marketing effectively
Customer Support Communications	2-3 years after last interaction	To provide ongoing support and improve services
Website Analytics	1-2 years	To analyze trends and improve user experience
Usage and Log Data	6-12 months	Security, troubleshooting, and service improvement
Cookie Data	As specified in cookie settings (typically 1-24 months)	Functionality and analytics
Video Surveillance (if applicable)	30-90 days	Security purposes
Legal Hold Data	Duration of legal matter + reasonable period	Legal compliance and defense

Region-Specific Considerations

European Union/UK:

• We review retention need periodically
• Data is deleted when no longer necessary for the purposes for which it was collected
• You may request earlier deletion (subject to legal obligations)

Canada:

• Retention complies with PIPEDA principles
• Data kept only as long as necessary for identified purposes
• Secure destruction when no longer needed

Australia:

• Retention complies with Australian Privacy Principles
• Records kept as required by law (e.g., tax records for 5 years)
• Secure destruction procedures followed

United States:

• Various state laws may require specific retention periods
• We maintain records as required by federal regulations
• Industry-specific requirements applied where applicable

Data Deletion

When personal information is no longer needed, we will securely delete or anonymize it in accordance with our data retention and deletion procedures:

Deletion Methods:

• Secure overwriting of data
• Cryptographic erasure
• Physical destruction of media
• Anonymization (making data non-identifiable)

You may request early deletion of your data (subject to legal and legitimate business requirements). See "Your Privacy Rights" section below.

---

Your Privacy Rights

Depending on where you live, you may have some or all of the rights listed below in relation to your personal information. However, these rights are not absolute, may apply only in certain circumstances and, in certain cases, we may decline your request as permitted by law.

Universal Rights (All Users)

Right to Access / Know

You may have a right to request access to personal information that we hold about you, including:

• Categories of personal information collected
• Specific pieces of personal information we have collected
• Sources from which we collected the information
• Purposes for which we use the information
• Categories of third parties with whom we share the information
• How long we intend to retain the information
• Copy of your personal information in a portable format

How to exercise: Contact us at hello@meonneon.com or through your account settings

Response time: 30-45 days (may be extended in complex cases with notice)

Right to Delete (Right to Erasure)

You may have a right to request that we delete personal information we maintain about you, subject to certain exceptions such as:

• Completing transactions or providing requested services
• Detecting and resolving security incidents or fraud
• Complying with legal obligations
• Internal uses reasonably aligned with your expectations
• Exercising free speech or ensuring others' right to exercise it
• Conducting scientific, historical, or statistical research
• Enabling solely internal uses that are reasonably aligned with your expectations

How to exercise: Contact us at hello@meonneon.com or through your account settings

Response time: 30-45 days

Note: We will retain some information in backup systems for a limited time and may retain anonymized information indefinitely.

Right to Correct (Right to Rectification)

You may have a right to request that we correct inaccurate personal information we maintain about you. We will take reasonable steps to verify the accuracy of any information you ask us to correct.

How to exercise: Update your account settings or contact us at hello@meonneon.com

Response time: 30 days

Right to Portability

You may have a right to receive a copy of the personal information we hold about you in a structured, commonly used, and machine-readable format, and to request that we transfer it to a third party, in certain circumstances and with certain exceptions.

How to exercise: Contact us at hello@meonneon.com

Response time: 30-45 days

Format: JSON, CSV, or other machine-readable format

Region-Specific Rights

Additional Rights for EEA/UK Residents (GDPR)

Right to Restriction of Processing: You may have the right to ask us to stop or restrict our processing of personal information in certain circumstances, such as:

• While we verify the accuracy of information
• When processing is unlawful but you don't want data deleted
• When we no longer need data but you need it for legal claims
• While we verify legitimate grounds for processing

Right to Object: You may have the right to object to our processing of your personal information for:

• Direct marketing (you can always opt out) - we will stop immediately
• Processing based on legitimate interests - we will stop unless we have compelling legitimate grounds
• Research and statistical purposes (unless processing necessary for public interest task)

Right Not to Be Subject to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing (including profiling) that produce legal or similarly significant effects, unless:

• Necessary for contract performance
• Authorized by law
• Based on your explicit consent

Data Protection Officer: While we are not required to appoint a DPO, you can contact our Privacy team at hello@meonneon.com

Supervisory Authority: You have the right to lodge a complaint with your local data protection authority (see "Complaints and Concerns" section)

Additional Rights for Canadian Residents (PIPEDA)

Right to Challenge Compliance: You may challenge our compliance with PIPEDA

Right to Know About Third Parties: You can request information about third parties to which we've disclosed your personal information

Right to Withdraw Consent: You may withdraw consent at any time (subject to legal or contractual restrictions)

How to exercise: Contact our Privacy Officer at hello@meonneon.com

Office of the Privacy Commissioner of Canada: You may file a complaint at https://www.priv.gc.ca/

Additional Rights for Australian Residents (Privacy Act)

Access and Correction: Rights to access and correct personal information under Australian Privacy Principles

Right to Complain: You may complain to the Office of the Australian Information Commissioner

Right to Anonymous Transactions: Where practicable, you may interact with us anonymously or using a pseudonym

How to exercise: Contact us at hello@meonneon.com

OAIC: You may file a complaint at https://www.oaic.gov.au/

U.S. State-Specific Privacy Rights

California Residents (CCPA/CPRA)

Additional Rights:

• Right to know what personal information we collect, use, disclose, and sell
• Right to delete personal information (with exceptions)
• Right to correct inaccurate information
• Right to limit use and disclosure of sensitive personal information
• Right to opt out of the sale or sharing of personal information
• Right to non-discrimination for exercising your rights

Important: We do not sell your personal information as defined by California law.

Shine the Light: California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. However, we do not share personal information with third parties for their direct marketing purposes.

California Minors: Users under 18 may request removal of content they posted. Contact us at hello@meonneon.com.

How to exercise: Call 1-800-[NUMBER] or visit our "Do Not Sell My Personal Information" page

Virginia, Colorado, Connecticut, Utah, Oregon, Montana, and Texas Residents

If you are a resident of Virginia, Colorado, Connecticut, Utah, Oregon, Montana, or Texas, you have rights under your state's privacy law, including:

• Right to access your personal information
• Right to delete your personal information
• Right to correct inaccuracies
• Right to opt out of targeted advertising
• Right to opt out of the sale of personal information (we do not sell personal information)
• Right to opt out of profiling in certain circumstances
• Right to appeal our decision if we decline your request

How to exercise: Contact us at hello@meonneon.com or call 1-800-[NUMBER]

Other State Rights

Additional states have enacted or may enact comprehensive privacy laws. We will update this Privacy Policy and our practices to comply with applicable state privacy laws. If you believe you have rights under your state's privacy law, please contact us.

Withdrawal of Consent

Where we rely on consent to process your personal information, you may have the right to withdraw this consent at any time. Withdrawal of consent will not affect the lawfulness of processing conducted prior to withdrawal.

How to withdraw:

• Email marketing: Click "Unsubscribe" in any marketing email
• SMS marketing: Text "STOP" to opt out
• Cookie consent: Adjust settings through our cookie banner
• Account: Contact us at hello@meonneon.com
• Phone: Call us at (720) 593-8389

Right to Appeal

You may have a right to appeal our decision if we decline to process your request. You can do so by:

1. Replying directly to our denial email
2. Contacting us at hello@meonneon.com with "APPEAL" in subject line
3. Calling us at (720) 593-8389

We will respond to your appeal within 45-60 days.

Right to Non-Discrimination

We will not discriminate against you for exercising any of these rights. You will not receive discriminatory treatment related to:

• Pricing or availability of goods or services
• Quality of goods or services
• Access to features or functionality
• Level of service provided

Managing Communication Preferences

We may send you promotional emails, and you may opt out of receiving these at any time by:

• Using the unsubscribe option displayed in our emails
• Contacting us at hello@meonneon.com
• Adjusting your account preferences
• Calling us at (720) 593-8389

If you opt out, we may still send you non-promotional emails, such as those about your account, orders you have made, warranty information, or other transactional communications.

How to Exercise Your Rights

You may exercise any of these rights:

1. Through your account settings on our Site (for certain rights)
2. By email: hello@meonneon.com (include "Privacy Request" in subject)
3. By phone: (720) 593-8389
4. By mail: MEON NEON, 8405 West 54th Place, Arvada, CO 80002, United States
5. Online form: [Link to privacy request form]

Verification Process

We may need to collect information from you to verify your identity before providing a substantive response to your request, such as:

• Email address verification (send from registered email)
• Account information confirmation
• Additional identification documents (in certain circumstances)
• Answering security questions

Why we verify: To protect your privacy and prevent fraudulent requests

EEA/UK: We will use reasonable means to verify your identity, considering the nature of the request and risks

Authorized Agents

In accordance with applicable laws, you may designate an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require:

• Proof that the agent is authorized to act on your behalf (signed permission)
• Verification of your identity directly with us
• In some cases, written authorization or power of attorney

EEA/UK residents: You may appoint representatives through your national data protection authority

California residents: Authorized agents must provide proof of written authorization

Response Time

We will respond to your request in a timely manner as required under applicable law:

• California: Within 45 days (may extend 45 days with notice)
• Virginia/Colorado/Connecticut/Utah: Within 45 days (may extend 45 days with notice)
• EEA/UK (GDPR): Within 1 month (may extend 2 months for complex requests with notice)
• Canada: Within 30 days (may extend with reasonable explanation)
• Australia: Within 30 days (may extend with notice)

If we need more time, we will notify you and explain the reason for the delay.

---

Children's Privacy

Our Services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children under 16.

Age Restrictions by Region

• United States: We do not knowingly collect information from children under 13 (COPPA)
• European Union/UK: We do not knowingly process data of children under 16 without parental consent (GDPR)
• Canada: We do not knowingly collect information from children under 13 without parental consent
• Australia: We do not knowingly collect information from children under 18 without parental consent where required

If we learn that we have collected personal information from a child under the applicable age, we will take steps to delete such information as soon as possible.

If you believe that we might have collected information from a child, please contact us immediately using the contact details below:

• Email: hello@meonneon.com
• Phone: (720) 593-8389

Parental Rights

If we discover that we have inadvertently collected information from a child:

• We will delete the information immediately
• We will not use the information for any purpose
• We will not disclose the information to third parties

Parents or guardians may:

• Request to review information collected from their child
• Request deletion of such information
• Refuse to permit further collection of information

---

Third-Party Links and Services

Our Site may contain links to third-party websites, applications, or services that are not operated or controlled by us. This Privacy Policy does not apply to those third-party services.

Examples of Third-Party Services

• Social media platforms (Facebook, Instagram, TikTok)
• Payment processors (Stripe, PayPal)
• Shipping carriers (FedEx, UPS, DHL)
• Review platforms
• Business directories
• Advertising networks

Our Responsibility

We are not responsible for:

• The privacy practices of third-party websites or services
• The content of third-party websites or services
• The security of information you provide to third parties
• How third parties collect, use, or share your information

Your Responsibility

We encourage you to:

• Review the privacy policies of any third-party services before providing your information or using their services
• Understand how third parties handle your data
• Exercise your rights with third parties directly
• Report concerns about third parties to appropriate authorities

Third-Party Plugins and Widgets

Our Site may include social media features and widgets (e.g., Facebook Like button, Twitter share button). These features may collect your IP address, track which page you are visiting, and set cookies. Social media features and widgets are hosted by third parties, and your interactions with them are governed by the privacy policies of the companies providing them.

---

Updates and Notifications

We encourage you to review this Privacy Policy periodically to stay informed about our information practices.

How We Notify You of Changes

We will notify you of material changes through:

For All Users:

• Email notification (if we have your email address)
• Prominent notice on our Site
• Updated "Last Updated" date

For Significant Changes:

• Pop-up notification when you visit the Site
• Push notification (if you have enabled notifications)
• Request for renewed consent (where required by law)

For EEA/UK Users:

• Prominent notice for changes to legal basis or purposes of processing
• Opportunity to withdraw consent for new processing purposes
• Additional notice for changes affecting rights

What Constitutes a Material Change

Material changes may include:

• Changes to the types of personal information we collect
• Changes to how we use your information
• Changes to who we share information with
• Reduction in your privacy rights
• Changes to retention periods
• Changes to international data transfers
• Changes to our contact information

Your Options

Your continued use of the Services after the effective date of changes constitutes your acceptance of the updated Privacy Policy.

If you do not agree to the updated Privacy Policy:

• Stop using our Services
• Close your account
• Contact us to exercise your deletion rights
• Withdraw any consents you have provided

---

Complaints and Concerns

If you have complaints about how we process your personal information, please contact us using the contact details provided below. We take all complaints seriously and will investigate and respond to your concerns promptly.

Internal Complaint Process

1. Submit Your Complaint: Email hello@meonneon.com with "Privacy Complaint" in subject line
2. Acknowledgment: We will acknowledge receipt within 5 business days
3. Investigation: We will investigate your complaint within 30 days
4. Response: We will provide a written response explaining our findings and any actions taken
5. Appeal: If unsatisfied, you may appeal our decision (see "Right to Appeal" above)

Escalation to Authorities

If you are not satisfied with our response to your complaint, depending on where you live, you may have the right to lodge a complaint with your local data protection authority or supervisory authority.

European Economic Area

You can find your data protection authority at: https://edpb.europa.eu/about-edpb/board/members_en

Major EU Data Protection Authorities:

• Ireland: Data Protection Commission - https://www.dataprotection.ie/
• Germany: Federal Commissioner for Data Protection and Freedom of Information - https://www.bfdi.bund.de/
• France: Commission Nationale de l'Informatique et des Libertés (CNIL) - https://www.cnil.fr/
• Netherlands: Autoriteit Persoonsgegevens - https://autoriteitpersoonsgegevens.nl/
• Spain: Agencia Española de Protección de Datos - https://www.aepd.es/

United Kingdom

Information Commissioner's Office (ICO)

• Website: https://ico.org.uk/
• Phone: 0303 123 1113
• Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Canada

Office of the Privacy Commissioner of Canada

• Website: https://www.priv.gc.ca/
• Phone: 1-800-282-1376
• Email: info@priv.gc.ca
• Address: 30 Victoria Street, Gatineau, Quebec K1A 1H3

Provincial Authorities:

• Alberta: Office of the Information and Privacy Commissioner of Alberta - https://www.oipc.ab.ca/
• British Columbia: Office of the Information and Privacy Commissioner for BC - https://www.oipc.bc.ca/
• Quebec: Commission d'accès à l'information du Québec - https://www.cai.gouv.qc.ca/

Australia

Office of the Australian Information Commissioner (OAIC)

• Website: https://www.oaic.gov.au/
• Phone: 1300 363 992
• Email: enquiries@oaic.gov.au
• Address: GPO Box 5218, Sydney NSW 2001

United States

For U.S. residents, you may file complaints with:

Federal Trade Commission (FTC)

• Website: https://www.ftc.gov/
• Phone: 1-877-FTC-HELP (1-877-382-4357)

State Attorneys General: Contact your state Attorney General's office

California residents: California Attorney General's Office - https://oag.ca.gov/

Legal Remedies

You may also have the right to seek judicial remedy through the courts in your jurisdiction.

---

Dispute Resolution

Informal Resolution

We are committed to resolving complaints informally whenever possible. If you have a complaint or dispute that cannot be resolved through our customer service team, please contact us at hello@meonneon.com with "DISPUTE" in the subject line for priority handling.

EU Online Dispute Resolution

EU consumers have access to the European Online Dispute Resolution (ODR) platform at https://ec.europa.eu/consumers/odr/ for resolving disputes out of court.

Arbitration and Class Action Waiver (U.S. Customers)

[If applicable, include arbitration clause and class action waiver provisions consistent with your Terms of Service]

---

Contact Information

Should you have any questions about our privacy practices or this Privacy Policy, or if you would like to exercise any of the rights available to you, please contact us:

General Inquiries

Email: hello@meonneon.com
Phone: (720) 593-8389

Physical Address:
MEON NEON
8405 West 54th Place
Arvada, CO 80002
United States

Corporate Contact: hello@worldwidesignage.com

Privacy-Specific Inquiries

For Privacy Requests: Please include "Privacy Request" in the subject line of your email and provide sufficient detail about your request to allow us to process it efficiently.

For Privacy Complaints: Please include "Privacy Complaint" in the subject line

For Data Subject Requests: Please include "Data Subject Request" in the subject line and specify which right you wish to exercise

Business Hours

• US Mountain Time: Monday-Friday, 9am-6pm MT
• Email: We respond to all inquiries within 24-48 hours
• Phone: During business hours; voicemail checked daily

Regional Contacts

European Union/UK:
Email: hello@meonneon.com (specify "GDPR Request" or "UK Data Request")

Canada:
Privacy Officer: hello@meonneon.com (specify "PIPEDA Request")

Australia:
Email: hello@meonneon.com (specify "Privacy Act Request")

---

Language Versions

This Privacy Policy is available in multiple languages for your convenience:

• English (primary and controlling version)
• French (Français)
• German (Deutsch)
• Spanish (Español)

For translations or if you need this policy in another language, please contact hello@meonneon.com.

In the event of any conflict between the English version and a translated version, the English version shall prevail.

---

Accessibility

We are committed to ensuring our Privacy Policy is accessible to all users.

If you have difficulty accessing this Privacy Policy due to a disability:

• Contact us at hello@meonneon.com
• Request an alternative format (large print, audio, accessible PDF)
• We will provide the policy in your requested format within 5 business days

---

Effective Date and Policy History

This Privacy Policy is effective as of the date of purchase and supersedes all previous privacy statements.

Last Updated: December 2025

Previous Versions: Available upon request at hello@meonneon.com

Major Updates:

• December 2025: Enhanced international compliance (EU, UK, Canada, Australia)
• October 2025: Added state privacy law compliance
• [Previous update dates and descriptions]

---

Acknowledgment

By using our Services, you acknowledge that:

1. You have read and understood this Privacy Policy
2. You agree to the collection, use, and disclosure of your information as described
3. You understand your privacy rights and how to exercise them
4. You have been informed about international data transfers
5. You consent to processing where consent is required by law

We are committed to protecting your privacy and handling your personal information responsibly. Thank you for trusting MEON NEON with your information.

---

END OF PRIVACY POLICY