NEOM · Document 03

Cookie Policy

Explains how Neom Triple A Information Technology LLC (NEOM Funded) uses cookies and similar tracking technologies on neomfunded.com, including the categories of cookies (strictly necessary, functional, analytics, advertising), their legal bases, retention periods, third-party recipients, international transfers, and how Participants can manage consent and exercise their rights. This is the canonical English version and prevails over any translation.

Cookie Policy v4.0.1

Aligned with the Privacy Policy and the T&C | Publication Date: 24 September 2026

This Cookie Policy is the canonical English version. Where translations into other languages are provided for convenience, the English version shall prevail in case of any discrepancy.

This Cookie Policy governs the use of cookies and similar tracking technologies by Neom Triple A Information Technology LLC, operating under the brand NEOM Funded, in respect of persons who visit the website neomfunded.com and use the Services provided therein.

§1 Introduction and Definitions

1.1 Purpose of this Policy. This Cookie Policy explains what cookies and similar tracking technologies are, how Neom Triple A Information Technology LLC (hereinafter the “Company”, “We”, “Us”) uses them on neomfunded.com and the associated Services under the brand NEOM Funded, and what rights Participants have in relation to the management of those technologies. This Cookie Policy supplements the the Privacy Policy and forms an integral part of the legal framework set out in the T&C §29.7.

1.2 Definitions. For the purposes of this Cookie Policy, the following terms apply:

  1. Cookie – a small text file placed on a user's device (computer, smartphone, or tablet) by a website when the user visits that website. Cookies enable the website to recognise the user's device and to store certain information about their preferences or past actions. Cookies may be “session” cookies (deleted when the browser is closed) or “persistent” cookies (retained on the device for a set period or until explicitly deleted).
  2. First-party cookie – a cookie set directly by the domain of the website the user is visiting (in this case, neomfunded.com). First-party cookies are set and read exclusively by the Company.
  3. Third-party cookie – a cookie set by a domain other than the domain of the website being visited. Such cookies are set by third parties (advertising networks, analytics services, etc.) when their components are loaded on pages of the Website.
  4. Web Beacon / Pixel – a small, invisible graphic object (typically 1×1 pixel in size) embedded in a web page or HTML email message. Used to track email opens, link clicks, and page visits. Operates in conjunction with cookies and enables third parties to collect information about user behaviour.
  5. Local Storage – a mechanism for storing data in the user's browser, similar to cookies but with greater capacity and without being automatically sent to the server with each HTTP request. Used to store user preferences and session data on the client side.
  6. Session ID – a unique identifier generated by the server and transmitted to the browser via a cookie or URL parameter in order to maintain the user's session during a single visit.
  7. TTL (Time-To-Live) – the period during which a cookie or other tracking technology remains active on the user's device.
  8. Participant – any natural person who visits the Website or uses the Company's Services.

1.3 Relationship to the Privacy Policy. This Cookie Policy is a standalone document supplementing the Privacy Policy §7 (Cookies and Tracking Technologies) and §12 (Do-Not-Track and Global Privacy Control). In the event of any conflict between this Cookie Policy and the Privacy Policy, the provisions of the Privacy Policy shall prevail.

§2 Who Uses Cookies on the Website

2.1 The Company as Controller. The operator of the Website and the controller of the processing of personal data within the meaning of applicable legislation is:

Full legal name: Neom Triple A Information Technology LLC
Brand: NEOM Funded
Registered address: The Binary by Omniyat, Office 2114, Business Bay, Dubai, UAE
Website: neomfunded.com

2.2 First-party cookies. The Company independently sets first-party cookies through the domain neomfunded.com. These cookies ensure the functioning of the platform, session management, storage of user preferences, and the recording of cookie-consent preferences.

2.3 Third-party cookies. The Company uses on the Website components and scripts provided by the following third parties, which may set their own cookies on Participants' devices when those components are loaded:

  1. Google LLC (Mountain View, CA, USA) – Google Analytics (analytics), Google Ads / Google Tag Manager (advertising and conversion tracking), DoubleClick (programmatic advertising);
  2. Meta Platforms Ireland Ltd (Dublin, Ireland) and Meta Platforms Inc (Menlo Park, CA, USA) – Meta Pixel (Facebook Pixel) for advertising and retargeting purposes;
  3. Cloudflare Inc (San Francisco, CA, USA) – DDoS protection, CDN, and browser integrity check.

2.4 Third-party responsibility. The processing of data carried out by third parties via their own cookies is governed by the privacy policies of those respective third parties. The Company accepts no responsibility for the data-processing practices of third parties beyond the scope of the contractual data-processing arrangements established with them. Participants may review the privacy policies of the third parties identified above directly on their respective websites.

§3 Legal Framework

3.1 Applicable legislation. The Company's use of cookies and similar tracking technologies is governed by the following legislation:

  1. Regulation (EU) 2016/679 (General Data Protection Regulation, ‘GDPR’) – establishes requirements regarding lawful bases for the processing of personal data, including data collected via cookies, in respect of data subjects located in the EU/EEA;
  2. Directive 2002/58/EC (ePrivacy Directive) as amended by Directive 2009/136/EC – establishes requirements for obtaining consent for the setting of cookies, including an exemption for strictly necessary cookies (Article 5(3)). The adoption of an ePrivacy Regulation replacing this Directive is anticipated at EU level; the Company will update this Policy as and when the new regulation enters into force;
  3. UK Privacy and Electronic Communications Regulations 2003 (UK PECR) – implements the ePrivacy Directive requirements within the UK legal system following Brexit; governs the use of cookies in respect of users located in the United Kingdom;
  4. California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act 2020 (CCPA/CPRA) – grants California residents the right to opt out of the sale or sharing of personal data collected, including via advertising cookies;
  5. UAE Federal Decree by Law No. (45) of 2021 Concerning the Protection of Personal Data (the ‘UAE PDPL’; commonly cited as ‘UAE Federal Decree-Law No. 45 of 2021’) – governs the processing of personal data by the Company as a legal entity incorporated in the UAE;
  6. Ley 34/2002, de 11 de julio, de Servicios de la Sociedad de la Información y de Comercio Electrónico (‘LSSI-CE’) – implements the ePrivacy Directive requirements within the Spanish legal system; governs the use of cookies in respect of users located in Spain.

3.2 Relationship between instruments. Nothing in this Policy reduces any right of a data subject granted by any of the instruments listed above that is in force as at the Effective Date of this Policy.

§4 Cookie Categories

The Company uses the following four categories of cookies based on their functional purpose and consent requirements:

4.1 (a) Strictly Necessary Cookies.

This category comprises cookies without which the Website and Services cannot function properly. They provide basic functions: maintaining the user's session, page navigation, access to protected sections, processing of login forms, protection against attacks, and recording of cookie-consent preferences. Without these cookies, certain functions of the Website will be unavailable.

Legal basis: in accordance with Article 5(3) of Directive 2002/58/EC (ePrivacy Directive) as amended by Directive 2009/136/EC and its implementation in the national laws of EU Member States, strictly necessary cookies are exempt from the requirement to obtain the user's prior consent. Additional legal basis: Article 6(1)(f) GDPR (the Company's legitimate interest in ensuring the technically sound and secure functioning of the Website). The Participant's consent is neither required nor sought for this category.

4.2 (b) Functional Cookies.

This category comprises cookies that are not strictly necessary but which enhance the convenience and personalisation of the user's experience on the Website. They remember the user's settings and preferences (interface language, display settings, trading platform parameters), retaining them between visits. Deleting these cookies does not prevent access to the Website, but may require the user to re-enter their settings.

Legal basis: Article 6(1)(a) GDPR (the Participant's explicit consent obtained via the cookie banner) in conjunction with the requirements of Article 5(3) of Directive 2002/58/EC (ePrivacy Directive) as amended by Directive 2009/136/EC. These cookies are set only upon receipt of explicit consent.

4.3 (c) Analytics Cookies.

This category comprises cookies that enable the Company to measure and analyse visitor behaviour on the Website: number of visits, traffic sources, most visited pages, time spent on a page, and other behavioural metrics. The data collected is aggregated and used exclusively to improve the functionality of the Website and to enhance the quality of the Services. The Company uses primarily Google Analytics with the IP-anonymisation feature enabled.

Legal basis: Article 6(1)(a) GDPR (the Participant's explicit consent obtained via the cookie banner). These cookies are set only upon receipt of explicit consent.

4.4 (d) Advertising Cookies.

This category comprises cookies used for the purpose of displaying relevant advertising to the Participant both on the Company's Website and on third-party platforms (retargeting), as well as for measuring the effectiveness of advertising campaigns. These cookies create a profile of the user's interests based on their behaviour online (cross-context behavioural advertising within the meaning of the CCPA/CPRA). The transfer of data under this category may qualify as “sharing” of personal information within the meaning of CCPA §1798.120.

Legal basis: Article 6(1)(a) GDPR (the Participant's explicit consent obtained via the cookie banner). These cookies are set only upon receipt of explicit consent. California residents may opt out of this category by means of a GPC signal or via the cookie-banner settings (see §10 of this Policy).

§5 Cookie Table

The table below sets out details of the specific cookies used on the Website neomfunded.com as at the Effective Date of this Policy. The table is updated as the composition of cookies used changes. Participants may request the current version of the table by writing to [email protected].

Cookie NameProviderCategoryPurposeTTLType
PHPSESSID Neom Triple A Information Technology LLC Strictly Necessary Maintains the user's server-side session; ensures the continuity of an authenticated session throughout a single visit. Destroyed upon browser closure. Session First-party
cf_clearance Cloudflare Inc Strictly Necessary Records confirmation that the user has passed the Cloudflare browser integrity check (Turnstile / Browser Integrity Check). Prevents repeated completion of the CAPTCHA during the applicable period. 30 minutes Third-party
cookielawinfo-checkbox-necessary Neom Triple A Information Technology LLC Strictly Necessary Stores the user's preference regarding the “Strictly Necessary” category within the cookie-consent management panel (consent banner). Ensures the banner is not displayed on subsequent visits. 1 year First-party
cookielawinfo-checkbox-functional Neom Triple A Information Technology LLC Strictly Necessary Stores the user's preference regarding the “Functional” category within the cookie-consent management panel. 1 year First-party
cookielawinfo-checkbox-analytics Neom Triple A Information Technology LLC Strictly Necessary Stores the user's preference regarding the “Analytics” category within the cookie-consent management panel. 1 year First-party
cookielawinfo-checkbox-advertisement Neom Triple A Information Technology LLC Strictly Necessary Stores the user's preference regarding the “Advertising” category within the cookie-consent management panel. 1 year First-party
wp-settings-{user_id} Neom Triple A Information Technology LLC Functional Stores user interface settings for WordPress: display parameters, language preferences, and dashboard settings. 1 year First-party
wp-settings-time-{user_id} Neom Triple A Information Technology LLC Functional Stores a timestamp of when the WordPress user settings were saved; used to verify the currency of stored settings. 1 year First-party
_ga Google LLC (Google Analytics) Analytics Primary Google Analytics identifier: distinguishes unique visitors by assigning a randomly generated identifier. Used to calculate metrics including session count, traffic sources, and visit statistics. 2 years Third-party
_gid Google LLC (Google Analytics) Analytics Google Analytics visitor identifier for a single session: used to store and update a unique value for each page visited within a 24-hour period. 24 hours Third-party
_gat Google LLC (Google Analytics) Analytics Used by Google Analytics for request rate throttling: prevents request overload during periods of high traffic. 1 minute Third-party
_fbp Meta Platforms Ireland Ltd / Meta Platforms Inc Advertising Meta Pixel browser identifier: used for conversion tracking, retargeting, measurement of advertising effectiveness on Facebook/Instagram, and building Look-alike audiences. 90 days Third-party
fr Meta Platforms Ireland Ltd / Meta Platforms Inc Advertising Facebook's primary advertising cookie: delivers personalised advertising, measures its effectiveness, and tracks behaviour across websites to show relevant advertisements. 90 days Third-party
_gcl_au Google LLC (Google Ads) Advertising Used by Google AdSense/Google Ads for experimenting with advertising effectiveness and storing a conversion identifier to attribute conversions to clicks on advertisements. 90 days Third-party
IDE DoubleClick (Google LLC) Advertising Used by Google's DoubleClick advertising network to serve targeted advertising, limit impression frequency, and measure the effectiveness of advertising campaigns; stores an encrypted user identifier. 13 months Third-party
test_cookie DoubleClick (Google LLC) Advertising A test cookie set by DoubleClick to verify that the user's browser supports cookies. Contains no personal data. 15 minutes Third-party

Note: the TTL values stated above are standard default values. Actual values may vary slightly depending on the versions of third-party scripts. The Company takes reasonable steps to keep this table current and undertakes to update it upon each material change to the composition of cookies used.

§6 Legal Basis for Each Category

6.1 Strictly Necessary Cookies. The legal basis for the processing of data via strictly necessary cookies is:

  1. Article 5(3) of Directive 2002/58/EC (ePrivacy Directive) as amended by Directive 2009/136/EC (and its national implementations): strictly necessary cookies are exempt from the consent requirement provided that the user has been duly informed of their use;
  2. Article 6(1)(f) GDPR – the Company's legitimate interest in ensuring the secure, stable, and technically sound functioning of the Website and Services. The Company's interests do not override the data subject's rights, as these cookies are functionally necessary to provide the requested Service;
  3. In respect of cookies that record cookie consent (cookielawinfo-*): Article 6(1)(c) GDPR – compliance with the legal obligation to document and maintain records of consent in accordance with Article 7(1) GDPR and Article 5(2) GDPR (the accountability principle).

6.2 Functional Cookies. The legal basis is:

  1. Article 6(1)(a) GDPR – the Participant's explicit consent expressed through interaction with the cookie banner (a separate toggle for the “Functional” category);
  2. Article 5(3) of Directive 2002/58/EC (ePrivacy Directive) as amended by Directive 2009/136/EC – requires prior consent for cookies that are not strictly necessary.

6.3 Analytics Cookies. The legal basis is:

  1. Article 6(1)(a) GDPR – the Participant's explicit consent expressed through interaction with the cookie banner (a separate toggle for the “Analytics” category);
  2. Article 5(3) of Directive 2002/58/EC (ePrivacy Directive) as amended by Directive 2009/136/EC – requires prior consent for analytics cookies.

6.4 Advertising Cookies. The legal basis is:

  1. Article 6(1)(a) GDPR – the Participant's explicit consent expressed through interaction with the cookie banner (a separate toggle for the “Advertising” category);
  2. Article 5(3) of Directive 2002/58/EC (ePrivacy Directive) as amended by Directive 2009/136/EC – requires prior consent for advertising cookies.

6.5 Consent quality requirements. The consent obtained by the Company in respect of categories (i), (ii), and (iii) meets the requirements of Article 4(11) GDPR and Article 7 GDPR: it is freely given, specific, informed, and unambiguous. Consent is not a condition of access to the Website or Services; refusal does not result in any reduction in the quality of the Services provided.

6.6 Spain – additional requirements. In respect of users located in Spain, the requirements of Ley 34/2002, de 11 de julio, de Servicios de la Sociedad de la Información y de Comercio Electrónico (‘LSSI-CE’) apply in addition to the above. The LSSI-CE requires that users be clearly informed of the use of cookies prior to their installation, except where cookies are strictly necessary. The consent mechanisms described in §7 of this Policy satisfy the requirements of the LSSI-CE as well as those of the ePrivacy Directive.

§7 Consent Management (Cookie Consent Banner)

7.1 Cookie consent management banner. Upon first visiting the Website, the Participant is shown a cookie-consent management banner (Consent Management Platform, “CMP”). That banner:

  1. informs the Participant of the categories of cookies used and their purposes;
  2. provides the option of granular consent – the Participant selects their preferences for each category of cookies (§4) individually by clicking “Customise” or “Cookie Settings”;
  3. contains an “Accept All” button enabling the Participant to consent to all optional categories of cookies in a single action;
  4. contains a “Reject All” button enabling the Participant to refuse all optional categories of cookies (Functional, Analytics, Advertising) in a single action. Upon clicking “Reject All”, only strictly necessary cookies are set in accordance with §4.1.

7.2 Privacy by Default. By default, prior to the Participant making an active selection, all optional categories of cookies are disabled. Strictly necessary cookies operate regardless of the Participant's choice.

7.3 Withdrawal of consent. The Participant may withdraw a previously given consent or change their preferences at any time, and is not limited to doing so at the time of their initial visit. To change cookie settings, the Participant should use the “Cookie Settings” / “Manage Consent” link located in the footer of the Website, or contact the Company at [email protected]. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent prior to its withdrawal (Article 7(3) GDPR).

7.4 Record-keeping and storage of consent. The Company maintains a technical consent log recording, for each interaction with the cookie banner:

  • the timestamp of the action;
  • the version of the Policy in force at the time of consent;
  • the Participant's selection for each cookie category;
  • the banner version identifier (CMP version).

Consent records are retained for the period specified in the Privacy Policy §8(d): until consent is withdrawn plus three (3) years – to demonstrate the lawfulness of historic processing in accordance with Article 7(1) GDPR.

7.5 Limitation on re-requesting consent. The Company does not re-request consent in respect of the same processing purpose without a material change in the circumstances of processing. Where an update to this Cookie Policy entails a change in the purposes or composition of cookies, the Participant will be invited to review their preferences.

§8 Third-Party Recipients and International Transfers

8.1 Identified recipients. Data collected via third-party cookies is transferred to the following recipients:

  1. Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – for the purpose of providing Google Analytics, Google Ads, and DoubleClick services. Google LLC acts as a data controller in respect of cookie data processed via Google Analytics (where used in a mode that does not transmit data to the advertising platform). The Company has enabled the IP-anonymisation function in Google Analytics (_anonymizeIp). Google's Privacy Policy: https://policies.google.com/privacy.
  2. Meta Platforms Ireland Ltd (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, D02X525, Ireland) as data controller for users in the EEA/UK; data may be transferred to Meta Platforms Inc (1 Hacker Way, Menlo Park, CA 94025, USA) – for the purpose of providing Meta Pixel (Facebook Pixel), advertising, and retargeting services. Meta's Privacy Policy: https://www.facebook.com/privacy/policy/.
  3. Cloudflare Inc (101 Townsend St, San Francisco, CA 94107, USA) – for the purpose of providing DDoS protection, CDN, and browser integrity check services. Cloudflare's Privacy Policy: https://www.cloudflare.com/privacypolicy/.

8.2 International transfer mechanisms. All cross-border transfers of data from the EEA/UK to the recipients identified above located in the USA are carried out on the basis of the following mechanisms:

  1. Standard Contractual Clauses (SCCs) – Commission Implementing Decision (EU) 2021/914 of 4 June 2021 (Module 2: controller-to-processor or Module 1: controller-to-controller, as applicable depending on the nature of the relationship);
  2. Supplementary measures in accordance with EDPB Recommendations 01/2020 as revised by 02/2021: encryption in transit (TLS 1.2+), encryption at rest (AES-256), contractual restrictions on onward transfers, and pseudonymisation where applicable;
  3. Meta Platforms Ireland Ltd transfers data to Meta Platforms Inc (USA) on the basis of SCCs 2021/914 and/or other mechanisms recognised by the competent supervisory authority (Irish DPC) as adequate.

8.3 Additional measures for Google Analytics. In order to minimise the risks associated with data transfers via Google Analytics, the Company has:

  1. enabled the IP-anonymisation function (_anonymizeIp) in all Google Analytics tag instances;
  2. disabled the transmission of data to Google advertising features to the extent compatible with analytics purposes;
  3. entered into a Data Processing Amendment with Google LLC in accordance with Article 28 GDPR.

8.4 Participants located in the EEA or the United Kingdom may request a copy of the applicable SCCs (or the UK International Data Transfer Addendum / UK Addendum to the EU SCCs, as applicable) by writing to [email protected]. For information on the Company's EU and UK Representative under Article 27 GDPR and Article 27 UK-GDPR (Prighter Group, Paragon 1, Schwarzenbergplatz 4, 1030 Vienna, Austria), and on the Company's EU Data Act Representative under Article 37 of Regulation (EU) 2023/2854 (Data Act), see the Privacy Policy §16.1 and §16.2.

§9 Retention Periods

9.1 General principle. Data collected via cookies is retained only for the period necessary to achieve the purposes for which it was collected, and not beyond the periods set out in this Policy and the Privacy Policy §8. This section is aligned with the Privacy Policy §8(e).

9.2 Specific retention periods by category.

  1. Strictly necessary cookies:
    • Session cookies (PHPSESSID): destroyed upon browser closure or expiry of the session;
    • cf_clearance (Cloudflare): 30 minutes;
    • Consent-record cookies (cookielawinfo-*): 1 year (technical period on the user's device); consent records on the Company's servers – until consent is withdrawn plus three (3) years (the Privacy Policy §8(d)).
  2. Functional cookies:
    • wp-settings-*: 1 year.
  3. Analytics cookies:
    • _ga: maximum 2 years on the device; analytics data on Google Analytics servers – maximum thirteen (13) months in accordance with the Privacy Policy §8(e);
    • _gid: 24 hours;
    • _gat: 1 minute.
  4. Advertising cookies:
    • _fbp, fr (Meta): 90 days;
    • _gcl_au (Google Ads): 90 days;
    • IDE (DoubleClick): 13 months;
    • test_cookie (DoubleClick): 15 minutes.

9.3 Deletion upon expiry. Upon expiry of the applicable periods, first-party cookies are automatically deleted from the user's device; third-party cookies are deleted by the respective third parties in accordance with their own data-retention policies. Server-side analytics data is retained for no longer than thirteen (13) months.

9.4 Early deletion. The Participant may delete all or specific cookies at any time by using their browser settings (see §11) or the cookie-management tools provided by the relevant platforms (Google, Meta, etc.).

§10 Do-Not-Track and Global Privacy Control

10.1 Do-Not-Track (DNT). A number of browsers and mobile operating systems include a Do-Not-Track (“DNT”) feature or setting that allows the user to signal to websites their preference not to be tracked. Due to the absence of a uniform agreed standard for recognising and interpreting DNT signals within the industry, and in the absence of a single technical specification that has achieved widespread adoption, the Company does not currently respond to DNT signals. This position is consistent with the Privacy Policy §12.1.

10.2 Global Privacy Control (GPC). The Company honours the Global Privacy Control (GPC) signal as a valid opt-out request from the sale and sharing of personal information in accordance with:

  1. CCPA §1798.135 and the guidance of the California Attorney General;
  2. CCPA §1798.120 – the right of California residents to opt out of the sale or sharing of their personal information, including the opt-out from cross-context behavioural advertising.

Upon detection of a valid GPC signal in the HTTP request header originating from the Participant's device, the Company: (i) treats that signal as a valid opt-out request from the sale and sharing of personal information within the meaning of the CCPA/CPRA; (ii) immediately ceases setting advertising cookies (category (d) under §4) and other tracking tools for cross-context behavioural advertising in respect of that Participant; (iii) processes such a request automatically, without any further action being required on the part of the Participant.

10.3 Scope of GPC. The application of GPC as an opt-out mechanism from advertising cookies extends to California residents in accordance with the CCPA/CPRA. The Company reserves the right to extend the application of this mechanism to other jurisdictions as the regulatory framework evolves.

10.4 Right to limit use of sensitive personal information. California residents may limit the use and disclosure of their sensitive personal information in accordance with CCPA §1798.121 by sending a request to [email protected] with the subject line “Limit Use of Sensitive PI”.

§11 Managing Cookies in the Browser

11.1 Participant's right. The Participant may at any time manage cookies through their browser settings: viewing installed cookies, blocking their installation (in full or by category), and deleting cookies already installed. It should be noted that restricting or deleting strictly necessary cookies may impair the functioning of the Website or render certain features unavailable.

11.2 Instructions for major browsers. The following links lead to official guidance on managing cookies in the most widely used browsers:

  1. Google Chrome: https://support.google.com/chrome/answer/95647
  2. Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
  3. Apple Safari (macOS): https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
  4. Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge
  5. Opera: https://help.opera.com/en/latest/web-preferences/#cookies

11.3 Third-party cookie opt-out tools. In addition to browser settings, the Participant may use the following industry opt-out tools for targeted tracking:

  1. Google Analytics Opt-out Add-on: https://tools.google.com/dlpage/gaoptout – a browser extension that prevents the collection of data by Google Analytics;
  2. Google Ads Settings: https://adssettings.google.com/ – management of Google advertising personalisation;
  3. Meta Ad Preferences: https://www.facebook.com/ads/preferences/ – management of Meta advertising preferences;
  4. European Interactive Digital Advertising Alliance (EDAA) – Your Online Choices: https://www.youronlinechoices.com/ – opt-out tool for targeted advertising for users in the EU/EEA;
  5. Network Advertising Initiative (NAI) Opt-Out: https://optout.networkadvertising.org/ – for users in the USA.

11.4 Mobile devices. Users of mobile devices may also limit advertising tracking through the system settings of their device: “Privacy Settings” → “Tracking” (iOS) or “Google” → “Ads” → “Opt out of Ads Personalisation” (Android).

§12 Contact and Updates

12.1 Cookie contact details. For any questions relating to the use of cookies on the NEOM Funded Website, the manner in which data is collected, processed, and stored via cookies, and for the exercise of rights under this Policy, Participants may contact:

Cookie and privacy enquiries: [email protected] (Privacy Contact pending formal DPO designation under Article 37 GDPR; designation in progress)

General enquiries and support: [email protected]

Registered address: Neom Triple A Information Technology LLC, The Binary by Omniyat, Office 2114, Business Bay, Dubai, UAE

Website: neomfunded.com

12.2 Data-subject rights. All data-subject rights in respect of personal data processed by the Company (right of access, rectification, erasure, restriction of processing, portability, objection, withdrawal of consent, complaint to a supervisory authority) are set out in the Privacy Policy §11. To exercise any of those rights, please send a request to [email protected].

12.3 EU and UK Representative; EU Data Act Representative. Details of the Company's EU and UK Representative under Article 27 GDPR and Article 27 UK-GDPR (Prighter Group / Prighter GmbH, Paragon 1, Schwarzenbergplatz 4, 1030 Vienna, Austria) are set out in the Privacy Policy §16.1. Details of the Company's EU Data Act Representative under Article 37 of Regulation (EU) 2023/2854 (Data Act) are set out in the Privacy Policy §16.2. Participants located in the EEA or the United Kingdom may contact the EU and UK Representative on all matters relating to the processing of their personal data by the Company; data-holder and user matters under the Data Act may be addressed to the Data Act Representative via the Prighter Trust Center.

12.4 Updates to this Policy. The Company reserves the right to amend this Cookie Policy at any time in connection with:

  1. changes to the composition of cookies and tracking technologies used;
  2. changes in applicable legislation or regulatory guidance;
  3. changes to the technical infrastructure of the Website.

The current version of this Policy is always available at neomfunded.com. The date of the most recent update and the version number are indicated in the document header. Participants will be notified of material changes by means of a prominent notice on the Website or by email to the address registered to their account.

12.5 Archive versions. Previous versions of this Policy are available on request at [email protected].

This Policy supersedes all prior versions of the cookie policy published by Neom Triple A Information Technology LLC under the brand NEOM Funded.

Cookie Policy v4.0.1 | Neom Triple A Information Technology LLC (NEOM Funded) | Publication Date: 24 September 2026