Last updated: April 20, 2026
Privacy Policy
Nova, Inc. (“Nova”, “we”, “us”) operates the Nova platform at nova.ai. This Privacy Policy explains how we collect, use, and protect your information when you use our services.
1.Information We Collect
We collect information you provide directly to us when you create an account, such as your name, email address, and password. When you use our API, we collect usage metadata including request counts, token counts, model identifiers, and timestamps. We do not log, store, or inspect the content of your prompts or model outputs. We also collect billing information (processed securely by Stripe) and standard server logs including IP addresses and browser user agents.
2.How We Use Your Information
We use the information we collect to: operate and improve the Nova platform; process payments and prevent fraud; send you transactional emails (receipts, alerts, password resets); and communicate service updates. We do not sell your personal information to third parties. We do not use your prompts or outputs for model training — ever.
3.Data Retention
Account information is retained for the lifetime of your account plus 30 days after deletion. Usage metadata (request counts, costs) is retained for 12 months for billing and support purposes. Image and video outputs stored on our infrastructure expire automatically after 1–7 days. Prompt and output content is never persistently stored.
4.Cookies and Tracking
We use strictly necessary cookies to maintain your session. We do not use third-party advertising cookies or behavioral tracking. We use a privacy-respecting analytics tool (no cross-site tracking) to understand aggregate usage patterns. You can disable non-essential cookies in your browser at any time.
5.Data Sharing
We share data with the following categories of service providers, strictly as necessary to operate the platform: payment processing (Stripe), cloud infrastructure (for compute and object storage), and authentication (Supabase). All third-party processors are contractually bound to process data only on our behalf and in accordance with this policy.
6.Security
We use industry-standard security practices including TLS encryption in transit, bcrypt password hashing, and least-privilege access controls on all internal systems. API keys are stored as hashed values and shown to users only once. We conduct regular security reviews and operate a responsible disclosure program for security researchers.
7.Your Rights
Depending on your location, you may have the right to access, correct, or delete your personal data; object to or restrict certain processing; and request a portable copy of your data. To exercise any of these rights, contact us at privacy@nova.ai. We respond to all verified requests within 30 days.
8.Children
Nova is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us immediately and we will delete it.
9.Changes to This Policy
We may update this policy from time to time. If we make material changes, we will notify you by email and update the "Last updated" date below. Continued use of Nova after changes take effect constitutes acceptance of the revised policy.
10.Contact
For privacy-related questions or requests, email us at privacy@nova.ai or write to: Nova, Inc., 123 Market Street, San Francisco, CA 94105.
Questions? privacy@nova.ai · Terms of Service