For the purpose of the General Data Protection Regulation (GDPR) the data controller is Nova Money Limited, registered at 20-22 Wenlock Road, N17GU London.
In the course of using our Services, or corresponding with the Nova Money team, you may provide us with various pieces of personal data. We collect and use the data outlined below to provide contracted Services to you or to further operate and develop our business.
Nova collects your transaction history, direct debits and balance though its trusted third party provider TrueLayer Ltd, as explained in the terms and conditions. All your financial data will be encrypted using the industry best practice and remain strictly confidential. We never share your financial data with any third party with any third party.
Nova collects your email address and phone number for the purpose of user account registration and authentication as required by the PSD2 regulation.
Nova may explicitly ask you to access your contact list in order to invite your friends. We never store nor share your contact list.
Nova Money may share your personal data with selected third parties, including business partners, suppliers and subcontractors that assist us in the provision of our Services to you. The third-party providers used by us will only collect, use and disclose your information as instructed by us to provide Services to you.
Nova Money does not collect nor process any kind of sensitive user data as defined by GDPR.
Information we anonymously collect
When you use Nova, or visit our website, we automatically collect information, including personal information, about the parts of the product you use, and how you use them:
- Information about your device — your visits to and use of the site or the Service (including without limitation your IP address, geographical location, browser/platform type and version), internet service provider, operating system
- Information about your use of the product — length of visit, page views, website navigation and search terms that you use, referral source/exit pages
This information is collected in an anonymous way to help us to continuously improve our products. We never sell any of this data. The tools and services that we use to collect and process the information are all GDPR compliant.
Nova provides aggregated financial data to allow Nova users to benchmark their spending against their peers (other Nova users) using Benchmark data.
Aggregated information (information about our users that we combine together so that it no longer identifies or references an individual user) is not considered personal data under GDPR as it can’t be used to directly or indirectly identify you.
Benchmark data will be exclusively used for the benefit of Nova users, and will not be sold to any third party.
We generally retain your information for as long as it is necessary for the performance of the contract we have with you, or to comply with our regulatory obligations. If you no longer want us to use your information you can send a request to firstname.lastname@example.org.
Where we store your data
All information you provide to us is stored on secure cloud servers. Any transmission of information to our partners (including information to facilitate payments) are encrypted using TLS technology, the current standard in secure communications over the Internet.
Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Information is stored using state-of-the-art symmetric encryption (AES).
If we do transfer your personal information outside the EEA to our suppliers, we will make sure that it is protected to the same extent as in the EEA.
We value your trust in providing us your Personal Information, thus we are striving to use the best means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.
Your Rights under GDPR
Getting a copy of your data — you have the right to get a copy of the data we hold about you, free of charge. To do this, please reach out to email@example.com.
Rectification of inaccurate or incomplete information — you have the right to ask us to update any information we hold which may be inaccurate.
Erasure of data or the ‘right to be forgotten’ — you have the right to ask us to erase personal information we hold on you, and close your account.
Our Services do not address anyone under the age of 13. We do not knowingly collect personal identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions.
Links to Other Sites
We sincerely aim to provide you the best product and services we can. If we failed to meet your expectations, please contact us at firstname.lastname@example.org to tell us about your satisfaction.
We may ask you additional information to make sure we understand the source of the problem and remediate it appropriately.
Should we fail to resolve your complaint to your satisfaction in a timely manner, you can contact the Financial Ombudsman Service. Details of the Financial Ombudsman Service:
London, E14 9SR