Privacy Policy

Last updated: April 2026

AiGent Nova ("we", "us", or "our"), based in Sweden, operates the Nova desktop application ("Service"). This Privacy Policy explains how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. What Data We Collect

Account Data

When you create an account, we collect your email address, display name (optional), and a securely hashed password. If you subscribe to Nova Pro, we also store your subscription status and payment identifiers through Stripe.

Local Data

Conversations processed by the local AI engine are stored exclusively on your device. We have no access to, and do not collect, any local conversations, files, or data processed on-device.

Cloud Data

When you use Nova's Cloud or Hybrid mode, only the current message in your conversation is sent to Anthropic's API (Claude) for processing. We do not store the content of these messages on our servers. Anthropic processes this data according to their own privacy policy.

Usage Data

We may collect anonymized, aggregated usage statistics such as feature usage frequency and error reports to improve the Service. This data cannot be linked back to individual users.

2. How We Use Your Data

  • To provide and maintain the Service, including account authentication and subscription management.
  • To process payments and manage your Pro subscription through Stripe.
  • To route your messages to Anthropic's Claude API when you use Cloud or Hybrid mode.
  • To send transactional emails related to your account (e.g., password resets, subscription confirmations).
  • To improve the Service through anonymized, aggregated analytics.
  • To comply with legal obligations.

3. Data Storage and Security

Account data is stored in a PostgreSQL database hosted on Amazon Web Services (AWS) in the EU (eu-north-1, Stockholm). All data is encrypted in transit (TLS) and at rest (AES-256).

Passwords are hashed using industry-standard algorithms and are never stored in plain text. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

Local conversations and files processed by the on-device AI model remain exclusively on your machine and are never transmitted to our servers.

4. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access — You can request a copy of all personal data we hold about you.
  • Right to rectification — You can request correction of inaccurate personal data.
  • Right to erasure — You can request deletion of your account and all associated personal data.
  • Right to data portability — You can request your data in a structured, commonly used, machine-readable format.
  • Right to restrict processing — You can request that we limit how we use your data.
  • Right to object — You can object to our processing of your data in certain circumstances.
  • Right to lodge a complaint — You have the right to file a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) or another relevant supervisory authority.

To exercise any of these rights, contact us at dorel_lehrer@hotmail.com. We will respond within 30 days.

5. Third-Party Services

Anthropic (Claude API)

When using Cloud or Hybrid mode, your current message is sent to Anthropic's Claude API for processing. Anthropic processes this data under their own privacy policy and data processing agreement. No conversation history or local data is shared.

Stripe

We use Stripe to process payments for Nova Pro subscriptions. Stripe collects and processes payment information (such as credit card details) directly. We never see or store your full payment card information. Stripe's privacy policy governs their handling of your payment data.

Amazon Web Services (AWS)

Our backend infrastructure, including the account database, is hosted on AWS in the EU (Stockholm, eu-north-1). AWS acts as a data processor on our behalf under a Data Processing Agreement compliant with GDPR.

6. Cookies and Local Storage

Nova is a desktop application and does not use browser cookies. The application stores the following data locally on your device:

  • Authentication tokens for maintaining your login session.
  • Application preferences and settings.
  • Conversation history and files processed by the local AI model.
  • Locally trained model data (LoRA fine-tuning weights).

This locally stored data remains on your device and is not transmitted to our servers unless you explicitly use Cloud features.

7. Data Retention

We retain your account data for as long as your account is active. When you delete your account, we will erase all associated personal data within 30 days, except where we are legally required to retain it (e.g., financial records for tax purposes, which may be retained for up to 7 years as required by Swedish law).

Local data on your device is under your control and is not affected by account deletion.

8. Children's Privacy

Nova is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy with a new "Last updated" date. We encourage you to review this policy periodically.

10. Contact Information

If you have questions about this Privacy Policy or wish to exercise your data rights:

AiGent Nova

Sweden

Email: dorel_lehrer@hotmail.com