Nova Tools Privacy Policy
Introduction
During your use of the website Novatools.io (hereafter referred to as the “Website”), we may require you to provide us with personal data about yourself, in order for you to be able to use our services.
The purpose of this privacy statement is to tell you more about how we process your personal data.
Who is the data controller?
The data controller is the company Nova 4 YOU PTY LTD
How do we process personal data?
In this section, you can learn more about the personal data we process and why, the manner in which it is collected, the processing activities involved, the persons with whom we share the data, including information concerning the transfer of personal data and the length of time for which we store your data.
2.1. What personal data do we process?
Personal data is defined as any data which makes it possible to identify an individual. The types of personal data we process are the following:
Your name and contact details, such as your email address, telephone number, location, job title and information about the company you represent and any agreements you have made with us, either in your own name or on behalf of your company;
Your account details, including the username / user ID, the password in encrypted form, information about unique identifiers such as API tokens, the profile photo, the biography and information concerning other social media profiles (such as Facebook, Twitter, LinkedIn, Skype or Google accounts) which you have linked to your user account;
Personal and professional preferences including interests, subscriptions and language settings;
Information about the browser, for example the browser type and version, any website from which you have been referred, the time zone from which you are visiting us; the pages you have visited on our Website; your IP address and an approximate estimate of your location based on your IP address; information concerning your activity on the web or your interaction in the emails we send you; information about your use of our services.
Transaction-related data (including bank details and data related to your bank card and invoices, etc.)
2.2. Why do we process your personal data?
In this sub-section, we describe when and why we process your personal data. Your data is processed for one or several end purposes. Each end purpose is associated with a legal basis and its corresponding data retention period. Please see the list below. Under no circumstances will your personal data be used in any manner which is incompatible with the end purposes for which it was collected.
End purpose
Legal basis
Data retention period
The provision of our services available on our Website (access to our various functions and features, the creation and administration of your account, the processing of your contact details for the making or finalisation of any agreement with you or your company, the billing of professional assistance services and training services).
The implementation of the contract we have signed with you or your company.
Once you have created an account on our Website, your data will be stored for the lifetime of your account plus an additional period of 3 years from the date your account is deleted.
Your data may nevertheless be archived for evidential purposes for a period of 5 years.
Concerning your bankcard data, this is stored by our payment services provider for the lifetime of your account.
Data concerning the card security code or CVV2, shown on your bank card is not stored.
Compilation of invoices
Legal and accountancy-related obligations
Stored for a period of 10 years.
Improvements to our services (generating statistics and analysing how you use our services, doing market research and customer satisfaction surveys, obtaining feedback from you)
Legitimate interest
Your data will be stored for 2 years following the deletion of your account.
Facilitating the use of the Website (including by testing, carrying out breakdown repairs, correcting bugs and modifying the interface, to ensure that you can easily access the information you’re looking for or by highlighting popular functions and features)
Legitimate interest
The data is stored for 3 years from the date of your last active contact.
Direct marketing (sending our customers general information and marketing messages about our services)
Legitimate interest
The data is stored for 3 years from the date of your last active contact.
Sending demos to our B2B prospects
Pre-contractual actions undertaken at your request
The data is stored for 3 years from the date of your last active contact.
Sending sales and business-related messages
Legitimate interest
The data is stored for 3 years from the date of your last active contact.
Receiving your applications for our job vacancies
Legitimate interest
The data is stored for 2 years from the date of the last contact with the unsuccessful candidate.
Creating a database of existing and prospective customers
Legitimate interest
If you’re a customer, the data is stored for the lifetime of the business relationship and is deleted upon expiry of a 3-year period following the end of the business relationship.
For prospective customers, the data is stored for 3 years from the date of your last active contact.
Responding to your requests for information
Legitimate interest
The data is stored for the time required to process your request for information and deleted once the request for information has been processed.
Managing requests to exercise rights
Legitimate interest
If we request proof of identity from you: we only store it for the time needed to verify your identity. Once the verification is complete, the item of proof in question will be deleted.
If you exercise your right of objection concerning the use of your data for prospection: we will store this information for 3 years.
2.3 How do we share your personal data?
The personal data we collect is shared with other companies belonging to the Novatools group and with our third-party suppliers and other third-parties listed below, for the provision of our services, including for platform development and maintenance purposes. This may involve the coordination of your personal data with other registers.
Here are the types of third parties with which we share your personal data:
Service providers: we use third-party service providers to manage certain aspects of our business operations. We share personal data with these third parties concerning the IT infrastructure, the operation and hosting services, market research and communications, financial and payment services, customer services and IT services such as IT support, maintenance and development.
Partners and resellers: if you use services supplied by our partners where those services are incorporated into our own services, our partners will have access to your personal data. Similarly, following your free trial, your personal data may be forwarded to our resellers so that you may be referred to the appropriate contacts according to your location. Our list of resellers may be viewed here. Personal data collected by our partners and resellers is covered by their own personal data processing conditions and policies.
Sale or transfer of the company or its assets: your personal data may be transferred or divulged to a buyer or potential buyer in the event of the sale or transfer of all or part of our activities or assets, in as far as this is allowed and in compliance with the applicable data protection laws.
People in your network and the general public: if you choose to publish your personal data when using our services, for example when sending content, replying to tweets or messages or entering messages in other people’s comment boxes, you are making this information visible to the general public. If your email address is used to send newsletters or to publish on social media accounts, it will become visible to the recipients of those newsletters.
For security reasons: we can share your personal data when this is required by law, to protect you or our clients or to ensure the security of our services.
2.4. Transferring your personal data outside the EU/EEA
Your data is stored on the servers located at AWS for the whole duration of the processing.
Concerning the tools and resources we use (please see 2.3 regarding the recipients of your personal data), your data may be transferred outside the The Union. Such transfers of your data are governed by the following requirements, among others:
either this data is transferred to a company which has been judged as offering a suitable level of protection by a decision of the Commission;
or we have concluded a specific contract with our sub-processors governing the transfers of your data outside the The Union, based on the Commission’s standard clauses;
or our sub-processors have put in place other appropriate guarantees under the terms of the personal data protection regulations.
At the following address, you can view the list of countries which, according to the The Commission, offer a suitable level of protection for data.
3.Security measures
We have taken a number of security measures to guarantee the security of the personal data we store. For example, access to areas in which personal data is stored is limited to only those of our employees and service providers who need it in the performance of their duties, and who are informed of the importance of ensuring the security and privacy of the personal data we store. We maintain appropriate guarantees and security standards to protect your personal data against any access, disclosure or unauthorised or ill-intentioned use. We also monitor our systems to detect any vulnerabilities, to protect your personal data. We invite you to consult our security policy for further information.
4. Your Rights
4.1 Rights of access and rectification
Right of access: you have the right to access all of your personal data at any time.
Right of rectification: you have the right to rectify any of your personal data which is inaccurate, incomplete or outdated at any time.
4.2. Right to deletion
You have the right to demand that your personal data be deleted and to prohibit any future collection
4.3. Right to restriction of processing
You have the right to restrict the processing of your personal data in certain cases defined in Article 18 of the GDPR.
4.4. Right of objection
You have the right to object to the processing of your personal data. Please note however that we may continue processing the said data despite this objection on legitimate grounds or to defend our rights before the courts.
Your personal data will not be processed for purposes related to direct marketing if you object to such processing.
4.5 Right to personal data portability
If you have supplied us with your personal data and the processing of your personal data is based on the performance of a contract with you or pre-contractual measures undertaken at your request, you have the right to receive the personal data concerning you in a structured, commonly used, machine-readable format in order to be able to forward this to another service provider if this is technically possible and can be performed by automated means.
4.6. Right to submit a complaint to a relevant supervisory authority
At any time, you can submit a complaint to the supervisory authority if you feel that our processing is being performed in violation of the applicable data protection law. Please note that you are still cordially invited to contact us in such a case.
4.7. Point of contact for personal data matters
You can exercise these rights by writing to us at the addresses shown below. When you do so, we may ask you to provide us with additional information or documents to prove your identity.
Contact email address: privacy@Novatools.com
5. Modifications
We can modify this policy at any time, including in order to ensure that we comply with any changes in regulations or case law, or editorial or technical changes. These modifications will apply on the date on which the modified version becomes effective. You are therefore invited to regularly consult the latest version of this policy.