1. Introduction

Nova AI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI assistant service.

We are committed to protecting your data and respecting applicable privacy laws.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, password, profile preferences
• Conversation Data: Messages and queries you send to Nova
• Payment Information: Billing details processed securely via Stripe
• Integration Data: Information from connected services (with your permission)

2.2 Information Collected Automatically

• Usage Data: How you interact with our Service
• Device Information: Browser type, operating system, device identifiers
• Log Data: IP address, access times, pages viewed
• Cookies: See our Cookie Policy

3. How We Use Your Information

We use your information for the following purposes:

• Providing and improving the Nova AI service
• Processing your requests and responding to your queries
• Executing actions through connected integrations (on your instruction)
• Processing payments and managing credits
• Sending service-related communications
• Analyzing usage patterns to improve our Service
• Detecting and preventing fraud or abuse
• Complying with legal obligations

4. Legal Basis for Processing (GDPR)

Under GDPR, we process your data based on:

• Contract Performance: To provide the services you've requested
• Legitimate Interests: To improve our service and ensure security
• Consent: For optional features like marketing communications
• Legal Obligation: To comply with applicable laws

5. Data Sharing and Disclosure

We do NOT sell your personal data. We may share information with:

• Service Providers: Companies that help us operate (hosting, payment processing, analytics)
• Integration Partners: Third-party services you connect (Google, Spotify, etc.)
• Legal Requirements: When required by law or to protect rights
• Business Transfers: In connection with mergers or acquisitions

6. AI and Your Data

Important information about how AI processes your data:

• Your conversations are processed to provide AI responses
• We do NOT use your personal conversations to train AI models without explicit consent
• Aggregated, anonymized data may be used to improve service quality
• You can delete your conversation history at any time
• AI responses are generated in real-time and not stored longer than necessary

7. Data Retention

We retain your data as follows:

• Account Data: Until you delete your account
• Conversation History: Until you delete it or your account
• Payment Records: As required by law (typically 7 years)
• Log Data: Up to 90 days

8. Your Rights

Depending on your location, you have the following rights:

9. Data Security

We implement industry-standard security measures:

• TLS 1.3 encryption for all data in transit
• AES-256 encryption for data at rest
• Access controls and authentication mechanisms
• Strict Content Security Policy and security headers

10. International Transfers

Your data is stored and processed in the European Union (AWS eu-north-1, Stockholm). We ensure adequate protection through:

• Data Processing Agreements with all service providers
• Assessment of recipient country data protection laws

11. Children's Privacy

Nova AI is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or in-app notification at least 30 days before changes take effect. Your continued use of the Service after changes become effective constitutes acceptance.