Privacy Policy

This Privacy Policy explains how Novalumic (“we,” “our,” or “us”) collects, uses, stores, and protects information when users access the Novalumic website (www.novalumic.com) and platform services. It applies to all visitors, customers, and users of the platform.

By using our website or services, you agree to the practices described here. We’ve written this document to be clear and direct — if anything is unclear, please reach out to support@novalumic.com.

The data controller responsible for the information described in this policy is:

We collect three categories of information:

Personal Information

Information that identifies you directly, including:

• Full name and contact details (email, phone where provided)
• Organization, role, and professional context
• Account credentials and security information
• Billing and payment information processed by our payment providers
• Any information you voluntarily provide via forms or communications

Technical Information

Information automatically collected when you interact with our services:

• Device identifiers, browser type, operating system
• IP address and approximate geolocation
• Log data including timestamps, page paths, and referrers
• Cookies and similar technologies (see Cookie Policy)

Usage Information

Information about how you use the platform to help us improve it:

• Features and views accessed within the platform
• Project, twin, and dashboard activity (metadata only — not the spatial content itself unless required for processing)
• Performance metrics and error reports
• Aggregate engagement and retention signals

We use information for the following legitimate purposes:

• Provide the service — authenticate users, deliver platform features, and process spatial data on your behalf.
• Support and communication — respond to inquiries, send transactional notices, and provide customer support.
• Improve our platform — analyze usage patterns to enhance performance, reliability, and user experience.
• Security and abuse prevention — detect, prevent, and respond to fraud, abuse, and security incidents.
• Legal compliance — meet obligations under applicable laws and respond to lawful requests.

We use cookies and similar technologies to operate the website, remember preferences, measure performance, and improve the experience. You can control cookie behavior through your browser settings.

For a complete breakdown of cookie categories, durations, and providers, please see our Cookie Policy.

We do not sell personal information. We share information only in the following circumstances:

• Service providers and processors — vendors who help us operate the platform (hosting, analytics, payment, support) under contractual confidentiality and security obligations.
• Within your organization — collaborators on a shared workspace or project, in accordance with your account permissions.
• Legal and safety — when required by law, valid legal process, or to protect rights, safety, or property.
• Business transfers — in connection with a merger, acquisition, or sale of assets, with continued protection of personal information.

We implement administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, alteration, disclosure, or destruction. Our measures include:

• Encryption in transit (TLS) and at rest
• Role-based access controls and least-privilege principles
• Continuous monitoring, logging, and incident response
• Regular security reviews aligned to industry standards

We retain personal information for as long as necessary to provide the services, comply with legal obligations, resolve disputes, and enforce agreements. Specific retention periods depend on the type and purpose of the information.

When information is no longer required, we delete or anonymize it. You may request earlier deletion subject to legal and operational requirements.

Depending on your jurisdiction, you may have the right to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete information
• Request deletion of personal information
• Object to or restrict certain processing
• Receive a copy of your information in a portable format
• Withdraw consent where processing is based on consent

To exercise any of these rights, contact support@novalumic.com. We respond within a reasonable time and in accordance with applicable laws.

The platform may integrate with third-party services chosen by you or your organization (for example, cloud storage, identity providers, or analytics tools). Those services are governed by their own privacy practices, and we recommend reviewing them.

We are not responsible for the privacy practices of third parties that you choose to integrate.

Novalumic operates globally. Where information is transferred across borders, we use safeguards such as contractual clauses and security controls to maintain protection consistent with applicable laws.

Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, please contact us so we can investigate and remove it as appropriate.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you through the platform or by other reasonable means.

The “Last updated” date at the top of this page indicates the most recent revision.

For questions about this Privacy Policy or how we handle your information, contact us: