Privacy Policy

Last updated: March 2026

This Privacy Policy explains how NOVA AI Digital (“we,” “us,” “our”) collects, uses, and discloses information when you visit our website or use our products and services (collectively, the “Services”), including subscription-based AI tools delivered online.

If you do not agree with this Privacy Policy, do not use our Services. Questions? Contact NOVA_AI_Digital@pm.me.

Table of Contents

  1. Who We Are
  2. Information We Collect
  3. How We Use Information
  4. Legal Bases (EEA/UK/Canada)
  5. How We Share Information
  6. Cookies, Analytics, and Tracking
  7. AI Tools and Submitted Content
  8. Payments
  9. Social Logins
  10. Data Retention
  11. Security
  12. International Transfers
  13. Children’s Privacy
  14. Your Privacy Rights
  15. Do Not Track
  16. Regulated / Government Use Disclaimer
  17. Changes to This Policy
  18. Contact Us
  19. How to Submit a Privacy Request

1. Who We Are

NOVA AI Digital provides subscription-based AI software tools for small businesses, service operators, and real estate teams. Services are delivered online through our website and related web applications.

Mailing address: 8401 MAYLAND DR STE A, RICHMOND, HENRICO COUNTY, VA 23294 USA

2. Information We Collect

2.1 Information you provide to us

We may collect information you provide directly when you create an account, subscribe to product or marketing updates, submit a contact form, request support, or contact us, including:

  • Account data: name, email address, username, password (stored hashed where applicable), and account settings.
  • Billing-related data: billing address and subscription metadata (payment card data is handled by our payment processor).
  • Contact form data: name, email address, inquiry category, tool or page context, and the message you submit.
  • Marketing signup data: email address, consent status, signup source, and campaign attribution where available.
  • Communications: messages you send us, support requests, and feedback.
  • User content: text, documents, or other content you submit into our tools for processing (see Section 7).

2.2 Information collected automatically

When you use our Services, we may automatically collect:

  • Log and usage data: IP address, access times, pages viewed, features used, clicks/actions, and diagnostic logs.
  • Device data: browser type, device identifiers, operating system, language preferences.
  • Location data: approximate location inferred from IP address (not GPS-level unless you explicitly enable it through your device/browser settings).
  • Cookies and similar technologies: session and preference data (see Section 6).

2.3 Information from third-party accounts (social login)

If you choose to register or sign in using a third-party account (e.g., a social media provider), we may receive limited profile information from that provider (see Section 9).

3. How We Use Information

We use information we collect to:

  • Provide and operate the Services: account creation, authentication, delivering features, customer support.
  • Administer subscriptions and accounts: service notices, account updates, plan status, confirmations/receipts.
  • Improve and maintain quality: analytics (where enabled), performance monitoring, debugging, and feature improvements.
  • Security and fraud prevention: detect abuse, enforce terms, and protect users and our Services.
  • Communicate with you: respond to inquiries and support requests.
  • Comply with legal obligations: respond to lawful requests and protect rights, safety, and property.
  • Marketing (optional): send product updates and promotional communications where permitted and in line with your preferences (you can opt out anytime).

We do not sell your personal information.

4. Legal Bases (EEA/UK/Canada)

If you are located in the EEA/UK/Switzerland/Canada, we may process personal information based on:

  • Contract: to provide the Services you request.
  • Legitimate interests: to secure, operate, and improve the Services.
  • Consent: for optional features or marketing where required; you can withdraw consent at any time.
  • Legal obligation: to comply with applicable laws.
  • Vital interests: to protect someone’s safety in rare urgent cases.

5. How We Share Information

We may share information in limited circumstances:

  • Service providers: vendors that help run the Services (hosting, infrastructure, support tooling, database services, email delivery, analytics where enabled).
  • AI service providers: OpenAI, Anthropic, and Google Cloud AI (see Section 7).
  • Payments: LemonSqueezy (see Section 8).
  • Legal and safety: if required by law or to protect rights, safety, and security.
  • Business transfers: mergers, acquisitions, financing, or asset sales.

6. Cookies, Analytics, and Tracking

We may use cookies and similar technologies to keep sessions working, remember preferences, prevent crashes, and measure performance. You can control cookies in your browser settings. Disabling cookies may impact certain features.

Google Analytics (if enabled)

If enabled, Google Analytics helps us measure usage and improve the Services. You can opt out using Google’s browser add-on: https://tools.google.com/dlpage/gaoptout. Google privacy information: https://policies.google.com/privacy.

7. AI Tools and Submitted Content

7.1 What we process

Our Services may process content you submit (“Inputs”) to generate results (“Outputs”) requested by you. Inputs and Outputs may contain personal information depending on what you submit.

7.2 Third-party AI processing

To deliver AI features, Inputs may be transmitted to third-party AI providers (including OpenAI, Anthropic, and Google Cloud AI) for processing. Those providers process data under their own terms and privacy policies.

7.3 Training and model improvement

We do not use your Inputs to train our own AI models. Where available, we configure integrations/provider settings to reduce retention and limit use of customer content for training, consistent with provider offerings.

7.4 Google API data (if applicable)

Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

7.5 Your responsibility for submitted content

You are responsible for ensuring you have the rights to submit Inputs and that Inputs do not violate laws or third-party rights. Do not submit restricted, regulated, or classified data unless you have a separate written agreement with us authorizing such use.

8. Payments

Payments are processed by LemonSqueezy. We may receive subscription status, purchase confirmations, and limited billing details necessary to provide the Services. Payment card numbers and security codes are handled by LemonSqueezy and are not stored by us.

LemonSqueezy Privacy Policy: https://www.lemonsqueezy.com/privacy

9. Social Logins

If you choose to sign in using a third-party account, we may receive limited profile information (such as name, email address, profile picture, and an account identifier), depending on what you authorize and what the provider shares.

We use this information only to authenticate you, provision your account, and provide the Services. We do not control how third parties use your data; review their privacy policies for details.

10. Data Retention

We keep personal information only as long as necessary to provide the Services and for legitimate business purposes such as security, recordkeeping, dispute resolution, and legal compliance.

  • Account data: generally retained while your account is active.
  • Support communications: retained as needed to resolve issues and improve support quality.
  • Marketing signup data: retained until you opt out, request deletion, or we determine the record is no longer needed.
  • Logs/backups: may persist for limited periods for security and recovery purposes.

When we no longer need your information, we delete or de-identify it where feasible.

11. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information. However, no system is 100% secure. You should use strong passwords and secure devices when accessing the Services.

12. International Transfers

We may process and store information in the United States and other countries where we or our vendors operate. If you access the Services from outside the U.S., you understand your information may be transferred to countries with different data protection laws.

13. Children’s Privacy

Our Services are not intended for children under 18, and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact us and we will take appropriate steps to delete it.

14. Your Privacy Rights

EEA/UK/Switzerland

Depending on your location, you may have rights to access, correct, delete, restrict processing, object to processing, and request data portability. You may also have the right to lodge a complaint with your local data protection authority.

U.S. state privacy rights

Depending on your state of residence (including Virginia), you may have rights to access, delete, correct, and obtain a copy of your personal data, and to opt out of certain processing such as targeted advertising, the “sale” of personal data, or certain profiling where applicable.

We do not sell your personal information. If we ever offer targeted advertising features that qualify as “sharing” or “selling” under applicable laws, we will provide a clear opt-out mechanism.

Marketing opt-out

You can opt out of promotional emails by using the unsubscribe link in the email or by contacting us. Service/transactional messages (like receipts and security notices) may still be sent.

15. Do Not Track

Some browsers offer a “Do Not Track” (DNT) feature. There is no universal standard for recognizing DNT signals, so we do not respond to them at this time. If a standard is adopted, we will update this policy.

16. Regulated / Government Use Disclaimer

Our commercial Services are not approved for processing information subject to government security classifications or specialized regulatory frameworks such as ITAR, HIPAA, FISMA, or FedRAMP unless we have a separate written agreement explicitly covering such use.

Do not submit classified, export-controlled, medical/health, or otherwise regulated data through the standard Services. If you require compliance with specialized frameworks, contact us to discuss a separate written agreement.

Users are responsible for ensuring submitted content complies with applicable laws and restrictions.

17. Changes to This Policy

We may update this Privacy Policy periodically. The “Last updated” date will change when we revise it. For material changes, we may provide additional notice (e.g., on-site notice or email).

18. Contact Us

For questions or concerns about this Privacy Policy, contact:

Email: NOVA_AI_Digital@pm.me

Website: https://www.novaaidigital.llc

Mail: 8401 MAYLAND DR STE A, RICHMOND, HENRICO COUNTY, VA 23294 USA

19. How to Submit a Privacy Request

To request access, correction, deletion, or a copy of your personal data (where applicable), email us at NOVA_AI_Digital@pm.me with the subject line Privacy Request.

For security, we may need to verify your identity before fulfilling your request. If you use an authorized agent where permitted by law, we may request proof of authorization and identity verification.