Privacy Policy

Important notice

Privacy laws differ by country, state, and sector. This policy describes our practices in good faith and is not legal advice. You should have these documents reviewed by qualified counsel for your business, audience, and jurisdictions.

Who we are

“Novoro,” “we,” “us,” and “our” refer to the operator of the website and services available at https://novoro-mddjpp8c2-corywolf55s-projects.vercel.app (the “Service”). For purposes of the EU and UK General Data Protection Regulation (“GDPR”) and similar laws, we are typically the data controller of personal information described in this policy, unless we act strictly as a processor on behalf of another party.

Scope

This Privacy Policy applies to personal information we collect through the Service, including when you join a waitlist, contact us, browse pages, or interact with features we offer. It does not apply to third-party sites or services that we do not control.

Information we collect

Depending on how you use the Service, we may collect:

• Contact and account identifiers: such as your email address and name when you submit a waitlist form or contact form.
• Messages and content: the text you include in contact or similar forms.
• Technical and usage data: such as IP address, general location derived from IP, browser type, device type, operating system, referring URLs, pages viewed, and timestamps. This may be collected automatically through cookies and similar technologies and through our analytics and hosting providers.
• Communications metadata: information about delivery of emails we send (for example, via our email provider), consistent with provider capabilities.

How we collect information

• Directly from you when you submit forms or communicate with us.
• Automatically when you use the Service, including through cookies, pixels, and similar technologies.
• From service providers that help us operate the Service (described below).

How we use information

We use personal information to:

• Provide, operate, maintain, and improve the Service.
• Process waitlist signups and respond to inquiries.
• Send transactional or service-related messages (for example, confirmations).
• Send marketing communications where permitted by law and, where required, only with your consent (you may opt out as described in those messages).
• Measure usage, debug issues, and understand how the Service is used.
• Protect the security and integrity of the Service and our users.
• Comply with law, enforce our terms, and defend legal claims.

Legal bases (EEA, UK, Switzerland)

Where GDPR or similar laws apply, we rely on one or more of the following:

• Performance of a contract or steps you request before entering a contract (for example, responding to your request).
• Legitimate interests that are not overridden by your rights (for example, securing the Service, analytics, and product improvement), where permitted.
• Consent where required (for example, certain cookies or marketing).
• Legal obligation where we must process data to comply with the law.

Cookies and similar technologies

We and our partners may use cookies, local storage, pixels, and similar technologies for essential operation of the Service, preferences, analytics, and (where applicable) marketing. You can control cookies through your browser settings; disabling certain cookies may affect functionality.

How we share information

We may share personal information with:

• Service providers who process data on our behalf under appropriate safeguards (for example, hosting, analytics, email delivery, security, and customer support tools). Our Service may use providers such as hosting/analytics (for example, Vercel) and email delivery (for example, Resend), subject to their terms and privacy practices.
• Professional advisors (lawyers, accountants) where necessary.
• Authorities when required by law, legal process, or to protect rights, safety, and security.
• Business transfers in connection with a merger, acquisition, financing, or sale of assets, subject to applicable law.

We do not sell your personal information for money as “sale” is commonly understood.

International transfers

We may process and store information in the United States and other countries. If we transfer personal information from the EEA, UK, or Switzerland to countries not deemed to provide an adequate level of protection, we will use appropriate safeguards such as Standard Contractual Clauses or other lawful mechanisms, as required.

Retention

We retain personal information only as long as necessary for the purposes described in this policy, unless a longer period is required or permitted by law (for example, tax, accounting, or dispute resolution). Retention periods vary based on context.

Security

We implement reasonable technical and organizational measures designed to protect personal information. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

Your rights (EEA, UK, Switzerland)

Depending on your location, you may have the right to:

• Access, correct, or delete your personal information.
• Restrict or object to certain processing.
• Data portability, where applicable.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with a supervisory authority.

To exercise these rights, contact us using the details below. We may need to verify your identity before fulfilling your request.

U.S. state privacy rights

Depending on where you live, state laws (including in California, Virginia, Colorado, Connecticut, Utah, and others) may grant you rights regarding access, deletion, correction, portability, and opt-out of certain processing (including targeted advertising or “sales”/“sharing” as defined by those laws). We honor applicable rights as required by law.

California residents: The California Consumer Privacy Act (“CCPA”) and California Privacy Rights Act (“CPRA”) may apply. You may have the right to know categories and specific pieces of personal information collected, the right to delete, correct, and opt out of certain disclosures, and the right not to receive discriminatory treatment for exercising privacy rights. We do not use sensitive personal information for purposes that require a “limit use” election under CPRA beyond permitted business purposes, and we do not “sell” or “share” personal information for cross-context behavioral advertising as those terms are defined under California law, except as disclosed in this policy and subject to any opt-out rights you may have where applicable.

To submit a privacy request, contact us below. You may designate an authorized agent in line with applicable law.

Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us and we will take appropriate steps.

Third-party links

The Service may link to third-party websites. We are not responsible for their privacy practices; please read their policies.

Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version and revise the “Last updated” date. Where required by law, we will provide additional notice.

Contact us

For privacy questions or requests, contact us through our contact page, or at the contact details we provide for your region if listed on the Service.