Get Started

Effective Date: 13/02/2025
Last Updated: 03/04/2025

Privacy Policy

At Novus Labs (“we,” “our,” “us”), safeguarding your privacy is a priority. This Privacy Policy explains how we collect, use, and protect the personal information of visitors to our website, users of our applications, and clients leveraging our services. By accessing our website (novus-labs.co.uk), using our applications, or engaging with our services, you agree to the practices outlined in this policy.

1. Information We Collect

We collect the following types of information across different contexts:

1.1 Information You Provide:

  • Account or Subscription Details: Name, email address, company name, billing address, phone number, and payment information when registering, contacting us, or purchasing services.
  • Project Data (For Clients): Materials, specifications, branding details, or other files shared for design or development work.
  • Support and Feedback: When you contact us for support, provide feedback, or participate in surveys, we may collect associated data.

1.2 Information We Automatically Collect:

  • Website Visitors: IP address, browser type, device information, pages viewed, session duration, and referral sources using analytics tools.
  • Applications: Device identifiers, usage statistics, crash reports, and interaction data to optimize app functionality. If you use AI features, your input data and any generated outputs may be collected and shared with third-party AI providers for processing and training purposes.
  • Cookies: We use cookies (session and persistent) to store preferences, monitor website performance, and collect usage data (see Section 5).

1.3 Information From Third Parties:

  • Social Logins: If you log in via third-party platforms (e.g., Google, Microsoft, Apple or Facebook ), we may receive additional personal information.
  • Payment Processors: Information from payment partners (e.g., Stripe, PayPal, GoCardless).
  • Facebook Data Collection: When you interact with our services via Facebook APIs, such as Messenger API, we may collect your Facebook ID, public profile information, and conversation logs to personalize and enhance user interactions. This data is crucial for our AI bots to provide relevant information and support.

2. How We Use Your Information

We collect data to provide and improve our services, comply with legal obligations, and support business operations.

2.1 Service Delivery:

  • Provide access to our website, applications, and services.
  • Develop and deliver projects to clients (e.g., custom websites and applications).
  • Process payments and manage client accounts.
  • AI Features and Facebook Data: To process queries and responses via AI bots on platforms like Facebook Messenger, leveraging collected data for better user experience and support.

2.2 Improvement and Analytics:

  • Analyze visitor and usage data to improve digital experiences.
  • Test, update, and optimize applications based on performance metrics and user feedback.
  • Monitor and improve AI model performance.

2.3 Marketing and Communication:

  • Send newsletters, service updates, or promotional offers (with your consent).
  • Respond to inquiries or provide support.

2.4 Showcasing and Promotion:

  • Use client projects (with permission) for showcasing and promotional purposes on our website, social media, or marketing materials.

2.5 Legal Requirements and Security:

  • Protect against fraud, unauthorized access, or legal disputes.
  • Comply with data protection and reporting obligations.

3. Legal Basis for Processing Personal Data (Under UK GDPR)

We process data under these legal bases:

  • Consent: When you explicitly opt-in for marketing or other features.
  • Contractual Obligation: To fulfill our agreements with you (e.g., providing custom deliverables).
  • Legitimate Interests: To monitor website performance, improve services, and ensure operational efficiency.
  • Legal Compliance: To comply with applicable laws and respond to lawful requests.
  • For AI features, the legal basis for processing your data is legitimate interest/contractual necessity as it is necessary for service performance or to improve AI models.

4. Sharing Your Information

We value your privacy and only share your data under limited circumstances:

4.1 Service Providers:

We work with third parties for hosting, analytics, and payment processing. Examples include:

  • Analytics: Google Analytics, Hotjar, Datadog, Facebook Analytics
  • Hosting: AWS (Amazon Web Services), Azure, Hetzner, Google Cloud or similar.
  • Payment Processing: Stripe, PayPal, GoCardless.

These providers are contractually obligated to process your information securely.

4.2 Client Deliverables:

For project collaboration, limited data may be shared with vetted collaborators (freelancers, partners) bound by confidentiality agreements.

4.3 AI Features:

If you use our AI features, your data may be shared with third-party AI providers like OpenAI. Once shared, your data is subject to their terms and conditions, and we encourage you to review their privacy policies.

4.4 Legal Compliance:

We will disclose your data if required to comply with laws, enforce agreements, or respond to lawful demands (e.g., court orders).

5. Cookies and Tracking

5.1 Types of Cookies We Use:

  • Essential Cookies: Necessary for site functionality.
  • Analytics Cookies: Measure usage patterns and optimize user experience.
  • Preference Cookies: Retain user preferences for convenience.

5.2 Managing Cookies:

You can disable cookies via your browser settings; however, this may limit some functionality of our site.

6. Data Retention

We retain information as follows:

  • Client Data: Retained for up to 7 years following project delivery for tax or legal documentation.
  • Website Visitor Data: Retained for up to 12 months for analytics purposes.
  • App User Data: Retained for the lifetime of your user account unless you request deletion.

Data shared with third-party AI providers is retained according to their policies.

7. Data Security

We take industry-standard measures to secure your personal data:

  • Use of encrypted storage for sensitive information.
  • Role-based access controls to restrict data access within our team. No system is fully secure, so we encourage caution in sharing personal information online.

8. Your Rights

Under applicable data protection laws (e.g., UK GDPR), you have the following rights:

  • Access Your Data: Request details of the data we hold about you.
  • Rectify Your Data: Update or correct inaccurate data.
  • Delete Your Data: Request data deletion where applicable.
  • Object to Processing: Request cessation of certain data uses (e.g., marketing emails).
  • Data Portability: Receive a copy of your data in a portable format.

To exercise these rights, contact us at [email protected]. For data held by third-party AI providers, contact them directly regarding their policies.

9. International Data Transfers

If you access our services outside the UK, your data may be transferred internationally. We:

  • Use Standard Contractual Clauses (SCCs) to protect transfers outside the EEA or UK.
  • Ensure data shared with third-party providers adheres to these safeguards.

10. Children’s Privacy

Our services are not intended for individuals under the age of 16. If we learn that personal information from children has been collected, we will delete it promptly.

11. Changes to This Privacy Policy

This Privacy Policy may be updated periodically to reflect changes in our practices or legal obligations. Any significant updates will be communicated via our website.

12. Contact Information

For questions, concerns, or to exercise your data rights, contact us: Email: [email protected]