Legal · 01

Privacy policy.

How Neural Sherpa Pvt. Ltd. handles personal information across this site, our communications, and our engagements. Written in plain language — and built around the principle of collecting as little as possible.

Effective · 12 May 2026

Who we are

This site is operated by Neural Sherpa Pvt. Ltd., a private company registered in Hetauda, Bagmati Province, Nepal ("Neural Sherpa", "we", "us", "our"). For any privacy enquiry write to info.neuralsherpa@gmail.com — we respond within 48 business hours.

What we collect

Only information that you give us directly, plus the minimum technical data required to serve this website. Specifically:

Contact form submissions — name, email, and the project brief you supply.
Email correspondence — any messages you send us, retained for record-keeping and continuity of service.
Engagement records — for clients, the artefacts and metadata required to deliver the work (specs, deliverables, invoices, signed contracts).
Technical logs — short-lived server logs of IP address, user-agent, timestamp, and URL, used only to defend against abuse and to keep the service running.

We do not place advertising cookies, third-party tracking pixels, analytics SDKs, fingerprinting libraries, or session replay tools on this site.

Cookies and local storage

This site uses two first-party storage entries — and nothing else:

Theme preference (neural-sherpa-theme) — stores your light/dark choice in localStorage so the next visit honours it.
Cookie notice acknowledgement (ns-cookie-consent) — records that you have seen and dismissed the notice so it does not reappear.

Both entries are local to your browser. We never receive them on our servers.

How we use your information

We use the information you give us strictly to:

Reply to your enquiry, prepare a written scope, and execute the agreed engagement;
Issue invoices and meet our legal record-keeping obligations under Nepali law;
Maintain a working history with you so future engagements need less re-explaining;
Comply with court orders or regulatory requests where we are legally obliged to do so.

We do not sell, rent, trade, or otherwise commercialise your data, nor do we use it to train machine-learning models that are made available to third parties.

Sharing with third parties

We share information only with the operational service providers required to run our business — for example our email provider, cloud-hosting infrastructure, and payment processor — and only the minimum data each one needs. Every such processor is bound by its own contractual confidentiality and data-protection obligations.

We do not share or disclose client deliverables, briefs, source code, or commercial details with any party outside the engagement, except (a) with your written instruction, (b) where required by law, or (c) to defend our legal rights.

Retention

We hold information for as long as it remains relevant to the relationship between us, plus a buffer required by Nepali tax, accounting, and corporate law:

Contact-form messages we have not acted on — deleted within 24 months.
Engagement records and invoices — retained for at least seven (7) years after final delivery, in line with statutory requirements.
Server logs — rotated and deleted within 30 days.

Security

We treat client and contact data as confidential by default. Specific safeguards include transport encryption (HTTPS) for the site, encrypted-at-rest storage on our infrastructure providers, least-privilege access for staff, and signed mutual NDAs before any sensitive client detail moves between parties.

No system is perfectly secure. If a breach is detected that materially affects your data, we will notify you in writing without undue delay and outline the steps we have taken in response.

Your rights

You may, at any time, ask us to:

Confirm what information of yours we hold;
Provide a copy of that information in a portable format;
Correct anything that is inaccurate or out of date;
Delete information that we are not legally required to retain.

Email info.neuralsherpa@gmail.com with the subject line "Privacy request" and we will action eligible requests within 30 days. Requests that conflict with statutory record-keeping requirements may be refused, with a written explanation.

International transfers

Our infrastructure is hosted internationally. Where your data crosses borders, it does so under contractual safeguards (standard data-protection terms with the relevant processor) and only for the purposes of operating this site and serving you.

Children

This site is directed at organisations and adults engaging in B2B work. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us information, please contact us and we will delete it.

Changes to this policy

We may revise this policy as our practices evolve or as the law changes. Material changes will be reflected in the "Effective" date above and announced on this page. Continued use of the site after a revision constitutes acceptance of the updated policy.

Contact

Privacy controller — Neural Sherpa Pvt. Ltd.
Hetauda, Bagmati Province, Nepal
Email — info.neuralsherpa@gmail.com