Privacy Policy

Last updated: November 30, 2025

Novalistic.ai ("we," "our," "us") is committed to protecting your privacy and maintaining the security of your information. This Privacy Policy describes how we collect, use, store, and safeguard your data when you use our website, applications, AI chatbot services, and related products (collectively, the "Services").

By using our Services, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Information You Provide

We may collect the following information when you use our Services:

  • Account Information: Name, email address, company information, job title
  • Billing Information: Billing address and payment details (processed securely by third-party payment processors; we do not store full payment card numbers)
  • Communications: Emails, support messages, chat inquiries, feedback
  • Configuration Data: Chatbot settings, uploaded content, custom responses, and training materials you choose to provide

1.2 Information Collected Automatically

When you use our Services, certain information is collected automatically:

  • Usage Data: Pages visited, features used, timestamps, interaction logs
  • Device Data: IP address, browser type, operating system
  • Location Data: General location based on IP address
  • Cookies and Tracking Technologies: Essential, performance, and preference cookies

1.3 Conversation & Interaction Data

  • Chat Transcripts: Conversations processed through your chatbot
  • Analytics Data: Performance insights such as response times and usage metrics

Important: For data collected through your chatbots, you act as the Data Controller and Novalistic.ai acts as a Data Processor. You are responsible for ensuring proper consent from your end-users.

2. How We Use Your Information

We use your information for the following purposes:

  • To provide, operate, and maintain our Services
  • To customize and improve your chatbot experience
  • To manage your account and provide customer support
  • To enhance platform security and detect fraudulent activity
  • To conduct analytics, product research, and performance monitoring
  • To comply with legal obligations

AI Model Training (User-Safe Policy)

We do not use your personal data or chatbot conversations to train AI models.
We may use fully anonymized and aggregated usage metrics to improve service quality and system performance.

3. Legal Basis for Processing (If Applicable)

For users in regions like the EU/EEA, we process personal data based on:

  • Contract performance
  • Legitimate interests (service improvement, security)
  • Legal obligations
  • Consent where required

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data.

We may share information only under these limited conditions:

4.1 Service Providers

We work with trusted third-party vendors such as:

  • Cloud hosting providers
  • Payment processors
  • Analytics tools
  • Email and communication providers

These partners are contractually obligated to protect your data and use it solely for authorized purposes.

4.2 Legal Compliance

We may disclose data when required to:

  • Comply with laws or legal processes
  • Respond to valid regulatory or government requests
  • Protect our rights, security, or property
  • Prevent fraudulent or malicious activities

4.3 Business Transfers

In the event of a merger, acquisition, or asset transfer, your information may be transferred to the acquiring entity. You will be notified of any material changes.

5. Data Security

We implement industry-standard technical and organizational measures to protect your information. These include:

  • Encryption of data in transit and at rest using strong encryption methods
  • Access controls and authentication systems
  • Firewalls and intrusion detection tools
  • Continuous monitoring and regular security assessments
  • Employee training on privacy and data security

While no system can guarantee absolute security, we follow best practices to safeguard your data and maintain a secure environment.

6. Data Retention

We retain information only as long as necessary for the purposes described in this Policy:

  • Account Data: While your account remains active and for a reasonable period afterward
  • Conversation Data: Retained according to your plan's configuration
  • Billing Records: Retained for legally required periods (typically 7 years)

You may request earlier deletion unless legal obligations prevent it.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Obtain a copy of your data
  • Correction: Fix inaccurate or incomplete data
  • Deletion: Request deletion of your information
  • Portability: Receive your data in a transferable format
  • Opt-Out: Unsubscribe from marketing communications
  • Restriction: Request limited processing
  • Objection: Object to certain uses
  • Withdraw Consent: Revoke previously given consent

To exercise your rights, contact us at info@novalistic.ai. We respond to requests within the timeframe required by law.

8. Cookies

We use cookies for:

  • Essential purposes (required for core functionality)
  • Performance and analytics
  • Preferences (to remember your settings)

You may manage cookie settings through your browser. Disabling essential cookies may affect service functionality.

9. International Data Transfers

Your data may be processed in countries outside your own, including the United States. Where required, we use recognized safeguards such as:

  • Standard Contractual Clauses (SCCs)
  • Adequate security controls
  • Compliance with global data protection laws

10. Children's Privacy

Our Services are not intended for individuals under 16. We do not knowingly collect information from children. If such information is discovered, it will be deleted promptly.

11. Third-Party Links

Our Services may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We recommend reviewing their respective privacy policies.

12. Compliance & Data Processing Agreements

We strive to comply with GDPR, CCPA, and other applicable privacy regulations. A Data Processing Agreement (DPA) is available upon request for customers who require it.

13. Data Breach Notification

In the event of a data breach involving your personal information, we will notify you in accordance with applicable legal requirements and outline:

  • The nature of the incident
  • The data affected
  • Actions taken to mitigate risk
  • Recommended steps for you

14. Your Responsibilities

You are responsible for:

  • Keeping your account credentials secure
  • Ensuring the data you provide is lawful
  • Obtaining necessary consents from your chatbot end-users
  • Managing your privacy settings and configurations

15. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via:

  • Email notification
  • In-app notification
  • Updated date at the top of this page

Your continued use of the Services signifies acceptance of the updated Policy.

Contact Us

If you have any questions or privacy-related concerns, please contact us: