Privacy Policy

1) Categories of Data We Collect

We collect account profile data, authentication/session data, newsletter configuration data, campaign metadata, subscriber information submitted by creators, event logs, billing and plan metadata, and support interactions needed to operate the service.

We also process limited device and usage diagnostics for security monitoring, performance analysis, and abuse prevention.

2) How We Use Data

We use data to authenticate users, provide workspace functionality, process newsletter and subscriber workflows, generate AI-assisted content, support integrations, deliver transactional communications, prevent abuse, and maintain platform reliability.

We use aggregated analytics to improve product quality and feature usability.

3) Legal Bases & Role Allocation

Depending on context, Novus acts as controller (for account operations and platform administration) and processor/service provider (for creator-managed subscriber and campaign data). Legal bases may include contract performance, legitimate interests, consent, and legal obligations.

Creators are responsible for establishing valid legal grounds for their subscriber processing and messaging activities.

4) Cookies, Tracking & Preferences

Essential cookies are used for authentication, account continuity, and security controls. Optional analytics and preference cookies are managed through our cookie consent tools and can be changed at any time.

For more details, visit the Cookie Policy.

5) Subprocessors & Infrastructure

Novus relies on infrastructure and service providers (for hosting, billing, email delivery, and analytics). Providers process personal data only to deliver contracted services and support platform operations.

Creators may connect third-party provider accounts. Those relationships are governed by both this policy and each provider's terms/privacy documentation.

6) Retention, Deletion & Data Lifecycle

We retain data for as long as needed to provide services, satisfy legal requirements, resolve disputes, enforce agreements, and support security/audit obligations. When data is no longer required, we delete or de-identify it in accordance with operational and legal constraints.

Creators can manage newsletter, campaign, and subscriber lifecycle actions from dashboard controls; some records may be retained for legal compliance and fraud prevention.

7) Security Controls

Security controls include encrypted sensitive keys at rest, authenticated session checks, role-based authorization, operational readiness checks, and abuse/rate-limit controls on public endpoints. No system is perfectly secure, and users must follow secure credential practices.

8) International Transfers

Data may be processed in jurisdictions where Novus or its providers operate. Where required, we use appropriate contractual and technical safeguards for cross-border data transfers.

9) Your Rights & Requests

Subject to local law, you may request access, correction, export, restriction, objection, or deletion of personal data. Newsletter subscribers can also use hosted preference links to update status and communication choices directly.

To submit a request, contact novusstreamsolutions@gmail.com and include relevant identifiers (account email or newsletter name) so we can verify and process your request.

10) Policy Updates & Contact

We may update this policy as products, laws, and operational practices evolve. Material updates are reflected by the date above.

Privacy questions: novusstreamsolutions@gmail.com • Legal matters: novusstreamsolutions@zohocloudmail.ca • Terms: Terms of Service