Nova operates various online services that may collect information or data for either Nova’s own commercial purposes, and/or at the direction and on the behalf of Nova’s clients.
Relevant standards, laws and regulations
Below are direct links to standards, laws, and/or regulations that are applicable to our privacy and data policies:
Special Publication 800-122
National Institute of Standards and Technology (NIST)
U.S. Department of Commerce
(CCPA) California Consumer Privacy Act
California State Legislature
(GDPR) General Data Protection Regulation (EU) 2016/679
European Parliament and Council
Changes to this policy
What we do
Nova provides creative advertising technology to brands and agencies.
What data we collect
We collect data about the services that you use and how you use them, like viewing and interacting with ads:
When you use our services or view content provided by us and/or websites that utilize our services, we automatically collect and store certain data in server logs. This includes:
details of how you used our service (for example: ads you viewed and/or clicked, pages you viewed, and for how long you viewed them).
Internet protocol (IP) address.
device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request, and referral URL.
We may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information).
When you use our services, we may collect and process information about your actual location. We use your IP address to determine your location, and do not attempt to establish your location with greater precision than the city-level.
We may receive information about you and your activities from third-party partners, such as information from a partner when we jointly offer services or from an advertiser about your experiences or interactions with them. This information is only used in conjunction with our services for purposes that the third-party outlined with you when they collected it.
Unique application identifier
Certain services include a unique application identifier. This identifier, and information about your installation (for example, the operating system type and application version number), may be sent to us when that service periodically contacts our servers.
We do not collect any of the following personal information about you: Name, Home or business address, Telephone number, Date & place of birth, Government-issued identification number(s), such as social security number, Gender, Race, Religious affiliations, Political affiliations, Physical, physiological, genetic, biometric, and/or mental attributes.
To the best of our knowledge, a small subset of the data we collect has special classifications under various standards, laws, and regulations:
Some constitutes personal information as defined by the PIPEDA.
Some constitutes personally identifiable information (PII) as defined by NIST Special Publication 800-122, such as your device information and IP address.
Some constitutes personal data as defined by the GDPR, such as your randomly generated user ID and your IP address.
Some constitutes personal information as defined by the CCPA.
Why we collect data
We use the information we collect to:
provide, maintain, protect, and improve our products and services;
develop new products and/or services;
protect Nova, Nova’s customers, and end users;
tailor content and advertisements based on your habits and preferences.
Our general guideline is to collect data only when it is necessary for the proper functioning of the product being used or the services being performed, or for the protection of such services (for example, to prevent fraud).
When you contact Nova directly, we keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.
We use aggregated information from all of our users to produce and publish trend reports and other relevant industry metrics/benchmarks.
We do not sell any personally identifiable data to third parties.
How to opt out
We respect the opt-out and “Limit Ad Tracking” signals of the device and/or compliant website that you are browsing when you see Nova-powered ads. Each publisher and/or device manufacturer offers various ways to opt-out of ad tracking. See the following FTC page for an overview of common tracking mechanisms and how to opt out of each: https://www.consumer.ftc.gov/articles/0042-online-tracking.
How we collect data
Nova primarily collects data by sending AJAX HTTPS requests from the web page to our servers. These servers may be associated with any of our public domain names (or subdomains).
How long we retain data
We normally retain any personally identifiable data for a period of 36 months, or until we receive and process a request for deletion from you. We may retain anonymized and/or aggregated data indefinitely.
How we identify and authenticate you
When you visit a website or app that makes use of Nova’s solutions, we generate a random user ID that identifies your browser. This user ID is sent with tracking data we collect (. The ID is discarded when you leave the page. We are unable to link any data we have with you individually.
Where we are
Nova is a privately held Canadian company headquartered in Toronto, Ontario, Canada. Our data processing and storage takes place in Canada, although data exchanged with Nova over the Internet may (and often does) traverse networks and/or systems in other countries. We make use of various Content Delivery Networks (with worldwide locations) to handle web traffic and deliver content.
On-the-fly access and use of data (for example, in order to serve an ad) may take place on a server located in any of the following countries: Canada, United States, Netherlands, Australia.
Nova’s policies and standards aim to be fully compliant with the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), as well as the European Union’s General Data Protection Regulation 2016/679 (GDPR).
How to access your personal data
Presently, we do not offer a data export facility, as we have no means of linking any data we have collected with you personally. Please contact our team (firstname.lastname@example.org) if you have any questions regarding the lawful data rights to which you are entitled.