Sign in Demo
Sign in Demo

Privacy Policy for Novat AI

Effective Date: April 15th, 2025

At Novat AI, your privacy is critically important to us. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you use our services (the "Services"). This policy applies to all users of Novat AI's Services. By accessing or using any part of the Services, you agree to the terms of this Privacy Policy. Novat AI is located at 40 Exchange Place, 10005 New York, NY.

Information Collection

We collect information in several ways:

Information You Provide Directly: When you register for an account, you will provide us with your email address. As you use our Services, you may also provide us with vendor names, your chart of accounts, the names of the files you upload, and any edits you make to vendors or accounts within the platform.

Information Collected Automatically: When you access or use our Services, we may automatically collect certain information about your device and usage. This information may include:

Log Information: Such as your browser type, IP address, unique device identifiers, language preference, referring website, the date and time of your access, your operating system, and mobile network information.

Usage Information: Details about how you use our Services, including the features you access, the actions you take, and the time you spend using the Services.

Cookies and Similar Technologies: We do not use cookies, web beacons, nor any other tracking technologies to collect information about your activity on our Services, your browser, and your device.

Purpose of Data Collection and Usage

We use the collected information for various purposes, primarily to provide, operate, and improve our Services, specifically for organizing and categorizing your financial information. Additionally, we may use your information to:

  • Develop new features and functionalities for our Services.
  • Monitor and analyze trends and usage patterns to understand how users interact with our Services.
  • Monitor and prevent problems with our Services, including detecting and preventing fraudulent activities, protecting the security of our platform and user data, and combating spam.
  • Communicate with you, such as to provide updates, respond to your inquiries, and offer support.
  • Potentially, with your consent where required, to send you promotional materials or other communications about our Services or offers that may be of interest to you. You will have the option to opt out of receiving such communications.

Legal Basis for Processing Information (for EU users)

For users in the European Union, we process personal information based on several legal grounds, in accordance with Article 6 of the GDPR. These grounds include:

  • Performance of a Contract: Processing is necessary to provide you with the Services as outlined in our Terms of Service.
  • Legitimate Interests: We may process your information based on our legitimate interests in providing and improving our Services, ensuring their security, and communicating with you, provided that such interests are not overridden by your rights and freedoms.
  • Consent: We may rely on your consent to process certain data, such as for specific cookies or marketing communications. You have the right to withdraw your consent at any time.
  • Compliance with Legal Obligations: We may process your information to comply with applicable laws and regulations.

Data Sharing Practices

We are committed to protecting your privacy. As stated in the prompt, your data, including vendor names, chart of accounts, email address, uploaded file names, and user edits to vendors/accounts, will only be shared with founder administrators within Novat AI. We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may disclose your information if required to do so by law or in response to a valid legal request, such as a subpoena or court order.

Data Security Measures

We implement a variety of security measures designed to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

  • Utilizing a Django database for secure data storage.
  • Ensuring all communication with our Services is encrypted using HTTPS.
  • Immediately deleting PDF files after the Optical Character Recognition (OCR) process is complete.
  • Employing password hashing with CSRF protection to safeguard your login credentials.
  • Implementing role-based access control to limit data access to authorized personnel.

While we strive to use commercially acceptable means to protect your personal information, please be aware that no method of transmission over the internet or method of electronic storage is completely secure.

Data Retention Policy

In accordance with the prompt, vendor and extracted transaction data will be deleted immediately after processing. Your account data will be retained for as long as you maintain an active account with Novat AI. If you choose to close your account, your account data will be deleted. We may retain certain information for longer periods if required by law or for legitimate business purposes, such as to resolve disputes, enforce our agreements, and comply with legal obligations.

User Rights Regarding Their Data

You have certain rights regarding your personal data, including the right to:

  • Access: You can request access to the personal data we hold about you.
  • Correction: You can request that we correct any inaccurate or incomplete personal data.
  • Deletion: You can request the deletion of your personal data, subject to certain exceptions.
  • Objection: You can object to the processing of your personal data in certain circumstances.
  • Restriction: You can request that we restrict the processing of your personal data.
  • Data Portability: You may have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

To exercise any of these rights, please contact us at sophie@novat.ai. We will respond to your request within the timeframes required by applicable law. If you are located in the European Union, you also have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data infringes applicable data protection laws.

Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under this age. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at sophie@novat.ai, and we will take steps to delete such information.

Mentioning Specific Rights by Location

As DocuClipper does, we aim to comply with privacy regulations specific to your location. For users in the European Union, your rights under the General Data Protection Regulation (GDPR) are outlined above. For California residents, you may have rights under the California Consumer Privacy Act (CCPA) or the California Privacy Rights Act (CPRA), which may include the right to know what personal information we collect, the right to request deletion of your personal information, and the right to opt out of the sale or sharing of your personal information. As Novat AI does not sell your personal information, this right does not currently apply. We will update this policy with specific information regarding other jurisdictions as necessary.

Contact Information for Privacy Inquiries

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Novat AI
40 Exchange Place, 10005 New York, NY
Email:

Updates to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website or through other appropriate communication channels, such as email. Your continued use of the Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically for any updates.

Conclusion

The synthesized Terms of Service and Privacy Policy for Novat AI aim to establish a clear and legally sound framework for the provision and use of its services. By drawing upon the best practices and comprehensive clauses found in the policies of competitors like DocuClipper and Bank Statement Converter, and by incorporating the specific requirements outlined in the user's query, these documents address crucial aspects such as user conduct, intellectual property rights, data handling, security measures, and user rights. The inclusion of an age restriction of 18 years reflects the financial nature of Novat AI's services. Furthermore, the Privacy Policy details the types of data collected, the purpose of collection, data sharing limitations, robust security measures, specific data retention periods, and the various rights afforded to users regarding their personal information, including those mandated by GDPR for EU users. It is recommended that Novat AI regularly review and update these policies to ensure ongoing compliance with evolving legal requirements and best practices in the industry.