This Privacy Policy explains how N.O.V.A. ("we", "us", "our") collects, uses, stores, and protects your personal information when you use the N.O.V.A. application and related services (collectively, the "App"). By using the App, you agree to the practices described in this policy.
When you create an account, we collect:
To access age-restricted features such as Spicy Mode, we collect:
We collect and store messages you send to and receive from Nova, including conversation history, memory entries you create, and interaction patterns used by the karma system.
If you use voice features, we collect audio transcription data and your selected voice profile preferences. Audio is processed to generate responses via third-party voice synthesis services (Fish.audio, Render). Their respective privacy policies govern their handling of audio data. We do not independently retain raw audio beyond what is necessary to deliver the response.
The base app is purchased as a one-time transaction through the Apple App Store or Google Play Store. Apple's and Google's respective privacy policies govern the handling of payment data for those purchases — we do not collect, store, or have access to your payment card details for app store transactions.
Super NOVA subscription payments are processed through PayPal. We do not collect, store, or have access to your full payment card details for PayPal transactions. PayPal's privacy policy governs their handling of your payment data.
| Purpose | Data Used |
|---|---|
| Provide and operate the App | Account info, conversation data, usage data |
| Age verification for restricted features | Date of birth, selfie photograph |
| Personalize Nova's behavior and memory | Conversation history, memory entries |
| Process app store purchases and subscription payments | Email address (via Apple/Google/PayPal) |
| Send Super NOVA renewal notifications | Email address, subscription status |
| Detect and prevent abuse | Usage data, IP address, conversation flags |
| Comply with legal obligations | All data as required by law |
| Improve the App | Aggregated, anonymized usage metrics |
We do not sell your personal information to third parties. We do not use your data for advertising purposes.
In accordance with GDPR Article 28 and applicable data protection law, we disclose all third-party sub-processors who process personal data on our behalf in connection with operating N.O.V.A.:
| Sub-Processor | Purpose | Data Processed | Location |
|---|---|---|---|
| Base44 | App backend infrastructure, database, and hosting | All user data stored in the app | United States |
| Cloudflare | Website hosting, DNS, CDN, and DDoS protection | IP address, request metadata | United States (global CDN) |
| OpenRouter | AI request routing for standard chat and age verification | Conversation messages, verification prompts | United States |
| Venice AI | AI model provider for Dark Nova and Spicy Mode (18+ verified only) | Conversation messages (18+ users only) | United States |
| Fish.audio | Voice synthesis for premium voice features | Text content for voice generation | United States |
| Render | Voice microservice hosting | Audio processing data | United States |
| PayPal | Super NOVA subscription payment processing (web) | Email address, payment transaction data | United States |
| Apple App Store | App distribution and one-time purchase processing | Purchase receipt, Apple ID email | United States |
| Google Play Store | App distribution and one-time purchase processing | Purchase token, Google account email | United States |
| Resend | Transactional email delivery | Email address, email content | United States |
These providers are contractually obligated to handle your data only as necessary to provide their services and in accordance with applicable law. We do not authorize any sub-processor to use your data for their own independent purposes.
We will disclose user data to law enforcement authorities when legally required to do so, or when we reasonably believe disclosure is necessary to protect the safety of any person, comply with a legal obligation, or protect our rights and property. We reserve the right to do so without prior notice to you.
We do not sell, rent, or trade your personal information to any third party for their own commercial purposes.
We retain your data for as long as your account remains active and for a reasonable period thereafter to enable reactivation, resolve disputes, and comply with legal obligations.
Selfie photographs submitted for age verification are used solely for the purpose of AI-assisted age estimation at the time of submission. Once the verification check is complete and a pass or fail determination has been recorded, the photograph is deleted from our systems within 72 hours of submission. We do not retain age verification photographs beyond this window, and they are never used for any secondary purpose including identity verification, biometric profiling, or AI model training.
We implement reasonable technical and organizational measures to protect your personal information, including:
No method of internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security of your data and are not liable for unauthorized access resulting from circumstances beyond our reasonable control.
In the event of a data breach that affects your personal information, we will notify you as soon as reasonably practicable after becoming aware of the incident, in accordance with applicable law.
N.O.V.A. is available to users aged 13 and older. Age-restricted features are available only to users 18 and older who have completed age verification. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has created an account, please contact us immediately at support@ainovahq.com and we will delete the account promptly.
Depending on your jurisdiction, you may have the right to:
To exercise any of these rights, contact us at support@ainovahq.com. We will respond within 30 days.
The App may use session-based storage to maintain your login state and preferences. We do not use third-party advertising cookies or cross-site tracking technologies. Our website at ainovahq.com does not use analytics cookies beyond what is inherent to Cloudflare's infrastructure.
You may disable cookies through your browser settings. Doing so may affect the functionality of the web version of the App, including your ability to stay logged in. We do not place personally identifiable information in cookies.
No Advertising: N.O.V.A. does not display advertisements. We do not collect, share, or sell your personal information to advertising companies, and we do not use your data for interest-based or targeted advertising purposes.
Do Not Track: Some browsers offer a "Do Not Track" (DNT) signal. Because we do not engage in the tracking practices DNT is designed to address, we do not alter our data practices in response to DNT signals. Our commitment to not sharing your data with advertising partners applies regardless of any DNT setting.
N.O.V.A. is operated from the United States. If you access the App from outside the United States, your information may be transferred to and processed in the United States, where data protection laws may differ from those in your country. By using the App, you consent to this transfer.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following applies to you under the General Data Protection Regulation (GDPR) or equivalent laws:
To exercise any of these rights, contact us at support@ainovahq.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the CPRA provides you with the following rights regarding your personal information:
To submit a request, contact us at support@ainovahq.com. We will respond within 45 days. Requests may be extended once by an additional 45 days where necessary, and we will notify you of any extension.
We may update this Privacy Policy from time to time. We will notify you of material changes by updating the Effective Date at the top of this page and, where appropriate, by sending a notification through the App. Your continued use of the App following any update constitutes acceptance of the revised policy.
If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us at:
By using N.O.V.A., you acknowledge that you have read and understood this Privacy Policy.