Back to Home

Privacy Policy

Effective Date: November 4, 2025

Who we are: NovaLab Ventures, LLC ("NovaLab Ventures," "we," "us," "our")

Contact: support@novalabventures.com

NovaLab Ventures provides business consulting, startup advisory, fundraising strategy, product development, app development (iOS, Android, Chrome extensions), and go‑to‑market services (the "Services"). This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our website(s) and contact us (the "Site") or engage our Services.

Scope. This Policy applies to website visitors, prospects, vendors, and business contacts. It is designed for B2B use (founders, teams, and people acting in a business capacity).

1. Information We Collect

We collect the following categories of information:

  • Identifiers & contact details (e.g., name, email, phone, company, role) when you submit the contact form, schedule a call, or email us.
  • Commercial & engagement data (e.g., services of interest, messages, SOW details) needed to respond and manage relationships.
  • Internet / device data (e.g., IP address, approximate location, browser/OS, pages viewed, referring URLs) from server logs and basic analytics.
  • Technical data for apps (if you hire us for app or extension work): project requirements, test artifacts, crash/diagnostic logs, and platform metadata as necessary to deliver contracted Services.
  • No sensitive categories by default. We don't request government IDs, precise geolocation, health information, or similar sensitive categories unless a specific SOW requires it with appropriate safeguards.

Sources. You provide most information directly (forms, meetings, email). We also receive limited data automatically from your device/browser and from service providers (hosting, analytics, scheduling, email/CRM) strictly to operate the Site and Services.

Data minimization. We collect, use, retain, and share only what is reasonably necessary and proportionate to the purposes disclosed below.

2. How We Use Information

  • Provide and improve the Site and Services (respond to inquiries, schedule calls, prepare proposals/SOWs, deliver work, maintain quality).
  • Operate, secure, and debug (detect/prevent abuse, troubleshoot, and improve reliability).
  • Business operations (invoicing, accounting, vendor management, compliance).
  • Legal compliance (respond to lawful requests, enforce agreements, protect rights and safety).

We do not use personal information for automated decision‑making that produces legal or similarly significant effects. If we ever introduce such processing, we will provide required notices and options beforehand. (GDPR Ch. 3 rights include protections around automated decisions.)

3. Cookies, Analytics, and Advertising

Our Site may use:

  • Essential cookies for security and basic functionality.
  • Analytics to understand aggregate Site usage (e.g., pages visited, device types) so we can improve content and performance.

No targeted advertising. We do not sell personal information or "share" it for cross‑context behavioral advertising as defined under California law. If this changes, we will update this Policy and provide a "Do Not Sell or Share My Personal Information" mechanism and honor opt‑out preference signals (e.g., Global Privacy Control) as required.

4. How We Disclose Information

We disclose personal information to:

  • Service providers / processors that help us run the Site and deliver Services (hosting, email, scheduling, analytics, bookkeeping). They may access personal information only to perform contracted work and must protect it.
  • Professional advisors (legal, accounting) and potential acquirers during diligence if we evaluate a corporate transaction.
  • Authorities when required by law or to protect rights, security, and integrity.

We do not publicly use client names or logos without prior written consent (see our Terms). We do not sell or share personal information for targeted advertising.

5. Retention

We retain personal information for as long as needed to deliver the Services, satisfy legal/financial obligations, resolve disputes, and enforce agreements—then delete or de‑identify it per our data retention practices. Retention is aligned with the "reasonably necessary and proportionate" standard under California law.

6. Security

We use reasonable administrative, technical, and physical safeguards to protect personal information (e.g., least‑privilege access, encryption in transit, secure development practices, vendor due diligence). No method of transmission or storage is perfectly secure, and we continuously evaluate controls as our stack evolves.

7. Children's Privacy

Our Site and Services are not directed to children under 13 and we do not knowingly collect their personal information. If we learn we have collected such information, we will delete it. (Children's Online Privacy Protection Rule—COPPA.)

8. International Data Transfers (EEA/UK Visitors)

If we receive personal data from the EEA/UK in connection with business inquiries or engagements, we rely on appropriate transfer mechanisms—such as the EU Standard Contractual Clauses (SCCs)—and apply GDPR‑aligned protections and rights.

Your GDPR rights (where applicable) include access, rectification, erasure, restriction, portability, and objection. We honor these rights consistent with applicable law.

9. California Privacy Notice (CPRA/CCPA)

If you are a California resident, you have the following rights with respect to your personal information:

  • Right to Know / Access the categories and specific pieces we collect, the sources, purposes, and categories of third parties we disclose to.
  • Right to Delete personal information we collected, subject to statutory exceptions.
  • Right to Correct inaccurate personal information.
  • Right to Opt‑Out of Sale/Sharing (not applicable today; we do not sell/share for cross‑context behavioral advertising).
  • Right to Limit the use and disclosure of sensitive personal information (not collected by default).
  • Right to Non‑Discrimination for exercising your rights.

How to exercise your rights: email support@novalabventures.com (subject: California Privacy Request) or use the contact form on our Site. We will verify your request (to a reasonable degree) to protect your data, and you may use an authorized agent with appropriate authorization. If we ever sell/share data or use sensitive personal information beyond allowed purposes, we will provide a clear opt‑out and honor opt‑out preference signals such as Global Privacy Control.

10. Your Privacy Choices

  • Email us to access, correct, or delete your data: support@novalabventures.com.
  • Limit cookies/analytics via your browser settings; you can set your browser to block or delete cookies.
  • Global Privacy Control (GPC): If your browser sends a GPC/opt‑out preference signal, we will treat it as a valid request to opt out of any data sale/sharing if those practices are introduced in the future.

11. Data for App/Extension Projects

For app and extension engagements, we process only the data necessary to scope, build, test, and maintain the deliverables under your SOW. Clients typically provide their own developer accounts and are responsible for platform fees, store policies, and end‑user disclosures/consents; we will implement notices/permission prompts per the SOW.

12. Changes to This Policy

We may update this Policy if our practices change or as required by law. We'll post the revised Policy with an updated Effective Date and indicate material changes when applicable.

13. How to Contact Us

Questions or privacy requests: support@novalabventures.com

Built with v0