Privacy Policy

Effective date: February 16, 2025

1. Introduction

This Privacy Policy describes how Notava AI processes personal data in accordance with the EU General Data Protection Regulation (GDPR).

Website: https://notava-ai.com

Contact: notava@notava-ai.com

Notava AI acts as the data controller for personal data processed through the Service.

2. Personal Data Collected

We may process:

  • Account information (email address, login credentials)
  • Usage data (interactions with the Service)
  • Technical data (IP address, browser type, device information)
  • Content submitted to the Service

3. Purpose of Processing

Personal data is processed for:

  • Providing and operating the Service
  • Maintaining security
  • Improving functionality
  • Complying with legal obligations

Legal basis under GDPR:

  • Performance of a contract (Article 6(1)(b))
  • Legitimate interest (Article 6(1)(f))
  • Legal obligation (Article 6(1)(c))

4. Data Retention

Accounts inactive for twelve (12) consecutive months may be deleted.

Personal data is retained only as long as necessary to fulfill the purposes outlined above, unless longer retention is required by law.

5. Data Sharing and Processors

Notava AI uses third-party processors to operate the Service.

  • Infrastructure hosting is provided by Render.
  • AI model services are provided by OpenAI.

These providers act as data processors and process data on behalf of Notava AI under contractual safeguards.

Personal data may be transferred outside the EU/EEA subject to appropriate safeguards, such as Standard Contractual Clauses.

Notava AI does not sell personal data.

6. International Transfers

Where personal data is transferred outside the EU/EEA, appropriate safeguards are implemented in accordance with GDPR requirements.

7. Security Measures

Notava AI implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse.

8. Your Rights Under GDPR

You have the right to:

  • Access your personal data
  • Request correction
  • Request deletion
  • Restrict processing
  • Object to processing
  • Data portability
  • Lodge a complaint with a supervisory authority

In Sweden, the supervisory authority is: Integritetsskyddsmyndigheten

Requests can be sent to: notava@notava-ai.com

9. Cookies

The website may use essential cookies required for functionality.

If non-essential cookies are introduced, a cookie notice will be implemented.

10. Changes to this Privacy Policy

This Privacy Policy may be updated from time to time.

The latest version will always be available at https://notava-ai.com/policy.