Noovy — Privacy Policy

Privacy Policy

Last Updated: July 25, 2025

Noovy (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy and Cookie Policy explains in clear terms what personal data we collect, how we use and protect it, the legal bases for processing, what third-party tools we use (such as Google Analytics, Meta Pixel, and HubSpot), any data transfers, your rights under the GDPR, and how we use cookies on our SaaS website. We aim to provide all information required under EU data protection law – including the purposes of processing, our legal justifications, any recipients of data (like service providers), transfers outside the EU, and your rights (access, correction, deletion, etc.)[1][2]. This policy applies to all visitors and users of our services in the European Union.

What Personal Data We Collect

We only collect the minimum personal data necessary to operate our service. This includes:

Information You Provide: When you interact with our site (for example, by signing up for an account, subscribing to our newsletter, or contacting us), we collect personal information such as your name and email address. These details are used to identify you and communicate with you. We do not require or collect sensitive personal data or any information beyond what you voluntarily provide for using our service.
Information We Collect Automatically: When you visit noovy.com, we use cookies and similar tracking technologies to automatically collect certain data about your device and browsing actions. This may include your IP address, browser type, device identifiers, pages viewed, time spent on pages, and referring website. We utilize tools like Google Analytics, Meta (Facebook) Pixel, and HubSpot to gather this usage information[3]. These tools may set cookies or use tracking pixels to help us understand how visitors use our site and to support our marketing and analytics efforts. This automatically collected data is generally aggregated and does not directly identify you by name; it helps us analyze site traffic and improve our services.

We do not collect any special categories of personal data (such as race, religion, health data) or any unnecessary information. All personal data we collect is limited to what you provide or what is needed for the functionality and analytics of our website.

How We Use Your Personal Data

We use the collected personal data only for the purposes described below and never in a way that is incompatible with these purposes. Specifically, we use your information to:

Provide and Manage Our Services: We use your name and email to create and manage your user account, if applicable, and to provide you with the services or information you request. For example, if you sign up for our SaaS platform, we will use your details to set up your account and authenticate you. If you contact us, we will use your information to respond to your inquiries.
Communicate With You: We may use your email address to send important administrative or service-related emails (e.g. account confirmation, password reset, updates about our service features, or changes to this policy). We will also send you marketing or newsletter emails only if you have opted-in to receive them. You can unsubscribe from marketing communications at any time by clicking the unsubscribe link in the email or contacting us.
Improve and Personalize Our Website and Services: We analyze how users interact with our site (through data from Google Analytics and similar tools) to understand usage patterns and performance. This helps us troubleshoot issues, optimize content layout, and enhance the user experience. For instance, we look at aggregated statistics (like total visitors, popular pages, and general usage trends) to make our website more useful and intuitive. We may also use feedback or information you provide to personalize your experience on our platform (for example, remembering your preferences).
Marketing and Retargeting (With Consent): If you have given consent for marketing cookies (explained below in the Cookie section), we use tools like the Meta Pixel to tailor advertisements and promotional content to your interests. The Meta Pixel helps us measure the effectiveness of our Facebook/Meta advertising campaigns by understanding actions taken on our site after an ad is viewed. Similarly, HubSpot may help automate certain marketing follow-ups or show you relevant content based on your interaction history, only if you have permitted tracking. Any such marketing use of data is done to inform you of relevant Noovy services or updates, and only within the bounds of your chosen preferences.
Compliance and Legal Obligations: We may process and retain personal data as necessary to comply with legal obligations, such as keeping records for financial reporting, or responding to lawful requests by public authorities. We will also use or disclose your information if required to do so by law (for example, in response to a court order or regulators’ request), or to establish or exercise our legal rights or defend against legal claims.
Ensure Security and Prevent Fraud: We may use data (such as IP addresses or activity logs) to maintain the security of our website, to detect and prevent fraudulent or malicious activity, and to enforce our terms of service. This helps protect both you and us from misuse of our site.

We do not use your personal information for any purposes other than those described above, and we do not sell your personal data to third parties[4]. We will never use your data for unrelated third-party advertising or profiling outside of our own analytics and advertising activities described in this policy. Any profiling we perform (such as segmenting our users to send relevant content) is minimal and not used to make any automated decisions that would have legal or significant effects on you.

Legal Basis for Processing

We process your personal data only when we have a valid legal basis under the EU General Data Protection Regulation (GDPR). The legal bases we rely on include:

Performance of a Contract: When you sign up for our services or otherwise engage with Noovy, we process your name and email because it is necessary for the performance of the contract between you and us. For example, we need to use your email to create your account, authenticate you, and provide customer support. Without this information, we cannot provide the core services you expect.
Consent: We rely on your consent for certain types of data processing. In particular, we will ask for your consent before sending you any marketing or promotional emails (e.g., newsletter sign-ups) and before using any non-essential cookies (such as analytics or advertising cookies). If you agree, we will process your data for those purposes, but you have the right to withdraw your consent at any time. For instance, we only deploy Google Analytics, Meta Pixel, HubSpot tracking, and similar technologies on a non-essential basis with your prior consent[5] (you can choose your cookie preferences when you first visit our site – see the Cookies section below). If you opt-in, you can also opt-out later through our cookie settings or by contacting us.
Legitimate Interests: In some cases, we process your data based on our legitimate interests, provided these are not overridden by your data protection rights. Our legitimate interests may include improving and securing our services, understanding how users use our website, and communicating with existing customers about product updates or service notifications. For example, if you are an existing customer, we might use your email to send you product updates similar to what you already use, relying on our interest in developing our services. We only rely on this basis when we believe our use of data is low risk and not intrusive, and we will always balance our interests against your rights and expectations. Remember, you have the right to object to processing based on legitimate interest (see Your Rights section below).

Noovy does not generally rely on “legal obligation” or “vital interest” or “public task” as bases for processing your personal data, as those usually apply in specific circumstances (like law enforcement requests or life-threatening situations). If we ever need to process data under those bases, we will inform you. In summary, our primary grounds are contract, consent, and in limited cases legitimate interests, in accordance with the six lawful bases defined by the GDPR[6][7].

Third-Party Tools and Data Transfers

To provide and improve our services, Noovy uses a few trusted third-party service providers. These third-party tools may process your data on our behalf for specific purposes, as described here:

Google Analytics: We use Google Analytics (a web analytics service provided by Google) to collect information about how visitors use our website. Google Analytics uses cookies to generate reports on website traffic, user behavior, and overall usage patterns. This helps us understand which pages are popular, how users navigate the site, and where we can improve the user experience. The information collected (such as your IP address, which Google may truncate/anonymize in the EU, and activity on our site) is transmitted to Google’s servers. Data Transfer: Google may process this data on servers outside the EU (including the United States). However, we have implemented appropriate safeguards – Google is obliged to handle data in compliance with GDPR, and we have accepted Google’s Standard Contractual Clauses (SCCs) to ensure adequate protection of your data. We only activate Google Analytics with your consent via our cookie banner, and you can disable it at any time (see Cookies section).
Meta (Facebook) Pixel: We use the Meta Pixel (formerly known as Facebook Pixel) on our site for advertising and analytics purposes. The Meta Pixel is a snippet of code from Meta Platforms, Inc. that allows us to track visitor activity on our site when you’ve given consent for targeting cookies. It helps us measure the effectiveness of our Facebook/Instagram ads and understand what actions you take after seeing our ads. For example, if you visit certain pages or sign up after clicking one of our ads, the Pixel reports that action to Meta, allowing us to optimize our advertising. Data Transfer: The Meta Pixel may transmit some information (like a hashed version of your email if you’re logged in to our site, or device and browser info) to Meta’s servers in the U.S. Meta is a third party that may set cookies on your device for tracking. We ensure that the Pixel is only activated with your explicit consent (for targeting cookies) and that we have agreements in place (such as Meta’s data protection terms) to safeguard your data. You can always adjust your preferences to disable the Meta Pixel (see cookie controls below).
HubSpot: We use HubSpot, a customer relationship management (CRM) and marketing automation platform, to help manage our communications and provide a better user experience. HubSpot may set cookies to track your interactions with our site and emails (for example, to know if you visited certain pages or opened an email we sent you). This helps us tailor our outreach and support to your needs – for instance, by providing relevant content or follow-ups based on your expressed interest. HubSpot also stores the contact information (name, email) you provide us (e.g. through a sign-up form) and helps us send emails or provide customer support via chat if available. Data Transfer: HubSpot, Inc. is based in the United States, so personal data (like your contact info and site usage data) may be transferred to and processed on servers in the U.S. We have ensured that HubSpot contractually commits to GDPR-compliant data protection standards (including SCCs or participation in an EU-approved privacy framework), so your data receives adequate protection. As with our other tools, HubSpot’s tracking cookies are only set with your consent, and you can opt out at any time.

No Selling or Unnecessary Sharing: We want to reassure you that aside from the tools listed above (which act as our data processors for specific functions), Noovy does not share, rent, or sell your personal data to any third-party companies for their own independent use[4]. The third-party tools we use are strictly to help us run and improve our own website and services. They act under our instructions and are bound by privacy agreements to protect your information. They will not use your data for any purpose other than providing services to us, in line with this policy.

Data Transfers Outside the EU: Whenever we transfer your personal data out of the European Economic Area (EEA) – for example, to the United States where some of our service providers are located – we ensure that appropriate safeguards are in place. These safeguards may include relying on the European Commission’s Standard Contractual Clauses, which are legal contracts that require the recipient to protect your data to EU standards. In some cases, providers might also rely on an approved certification like the EU-U.S. Data Privacy Framework (if applicable). Our goal is to make sure your data remains protected, no matter where it is processed. If you’d like more information about our international data transfer safeguards, feel free to contact us at any time.

Other Disclosures: Apart from using the above services, we would only disclose your personal data to third parties in a few exceptional situations: (1) if you explicitly ask or consent us to do so; (2) if we are required by law or legal process (for example, in response to a court order or governmental request, we may need to provide data to authorities); or (3) if Noovy undergoes a business transition like a merger, acquisition, or sale of assets, in which case the successor entity would be bound to the same protections described in this policy. In all cases, we will ensure that your privacy remains a priority.

Your Rights Under GDPR

As an EU data subject, you have robust rights regarding your personal data under the General Data Protection Regulation. We are committed to respecting these rights and enabling you to exercise them easily. Your key rights include[8][9]:

Right to Be Informed: You have the right to be informed about how and why your personal data is collected and used – which is the purpose of this very policy. We aim to be transparent by providing all such information here, including what data we collect, who receives it, and how we use it.
Right of Access: You can request a copy of the personal data we hold about you[10]. This means you can ask us to confirm if we are processing your data and provide you with a copy of that data, as well as explanations of how we use it. We will provide this information free of charge (unless the requests are manifestly unfounded or excessive) and within the legally required timeframes.
Right to Rectification: If any of your personal data that we have is incorrect or incomplete, you have the right to request that we correct or update it[11]. For example, if you change your email address or notice a typo in the data we hold, you can ask us to fix it, and we will do so promptly.
Right to Erasure (\"Right to be Forgotten\"): You have the right to request that we delete your personal data[12]. If you no longer want us to have your information, you can ask us to remove it. We will honor such requests provided that we do not have an overriding legal obligation or other lawful reason to retain the data (for instance, we might need to keep certain transaction records for legal compliance). When we no longer need your data, we will securely delete or anonymize it.
Right to Restrict Processing: You can ask us to limit or \"freeze\" the processing of your data in certain circumstances[13]. For example, if you contest the accuracy of your data or object to our processing, you can request a restriction while your concern is being resolved. If processing is restricted, we can store your data but will not use it (except for limited exceptions) until the restriction is lifted.
Right to Data Portability: You have the right to receive the personal data you provided us in a structured, commonly used, machine-readable format, and to have that data transmitted to another data controller where technically feasible[13]. In other words, you can ask us for a copy of the data you gave us (for example, your account information) in a format like CSV or JSON so you can reuse it elsewhere, or you can ask us to transfer it directly to another service provider if possible. This right applies to data processed by us by automated means, based on your consent or on a contract.
Right to Object: You have the right to object to certain types of processing of your personal data[14]. In particular, you can object at any time to the processing of your data for direct marketing purposes – if you object, we will stop using your data for marketing. You can also object to any processing based on our legitimate interests (or those of a third party) if you feel it impacts your rights. If such an objection is made, we will reconsider our reasons for processing and will either stop the processing or explain why we believe we have compelling legitimate grounds to continue (taking into account your rights and interests).
Right to Withdraw Consent: Where we rely on your consent to process data (for example, for optional analytics or marketing emails), you have the right to withdraw that consent at any time[2]. Withdrawing consent will not affect the lawfulness of any processing we did before your withdrawal, but it means we will stop the specific activities that were based on consent. For instance, you can opt out of marketing emails by clicking “unsubscribe” in any email, and you can change your cookie preferences to withdraw consent for analytics/advertising cookies (see below).
Rights Related to Automated Decision-Making: The GDPR provides you the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects or similarly significant effects for you[15][16]. Noovy does not engage in any fully automated decision-making processes that have a legal or significant effect on you. We do not, for example, use algorithms to make decisions about you without human involvement. In the event that this changes in the future, we will inform you and ensure all GDPR safeguards are in place, including the possibility for you to request human intervention or to contest the decision.

How to Exercise Your Rights: You can exercise any of these rights by contacting us using the contact information provided in the “Contact Us” section of this policy. Typically, you can reach out via email to request access to your data, deletion, updates, or to object/withdraw consent. We will respond to your request as soon as possible, and no later than one month from receiving it, as required by GDPR (this may be extendable by a further two months for complex requests, but we will inform you if an extension is needed). We may need to verify your identity before fulfilling certain requests, to ensure we don’t disclose your data to someone who isn’t you.

Right to Lodge a Complaint: If you believe that we have not handled your personal data properly or have infringed your rights, you have the right to lodge a complaint with your national Data Protection Authority (DPA) or supervisory authority[2]. You can do this in the EU Member State where you reside, work, or where the issue took place. For example, if Noovy is based in the Netherlands, you may contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). We would, however, appreciate the chance to address your concerns directly before you approach a DPA, so please feel free to contact us first and we will do our best to resolve any issue.

Cookies and Tracking Technologies

Like most websites and SaaS platforms, noovy.com uses cookies and similar tracking technologies to provide our services and improve your experience. This section explains the types of cookies we use, their purposes, and how you can control them.

What Are Cookies?
Cookies are small text files that are placed on your device (computer, tablet, smartphone) when you visit a website. Cookies serve a variety of functions, like enabling certain site features, keeping you logged in, remembering preferences, and helping us understand how people use our site[17]. Cookies set by us are “first-party cookies,” whereas cookies set by third-party services (like Google or Facebook) are known as “third-party cookies.” Cookies can remain on your device for different periods – some are deleted when you close your browser (session cookies), while others persist for a longer period (persistent cookies). In and of themselves, cookies are not programs and cannot install malware. However, some cookies (especially those used for tracking and advertising) can collect information that may be considered personal data, such as an identifier tied to your device[18].

Cookie Categories:
For transparency, we classify the cookies we use into categories based on their purpose. You have control over non-essential cookies – when you first visit our site, you will be presented with a cookie consent banner allowing you to choose which categories of cookies you want to enable. You can always change your preferences later. The cookie categories we use are:

Strictly Necessary Cookies (Essential): These cookies are essential for the website to function properly and cannot be switched off in our systems. They enable core functionalities such as security, network management, and accessibility. For example, necessary cookies might remember your session login or preferences so you can move around the site and use its features (like accessing secure account areas). These cookies do not collect personal data for marketing or tracking. According to EU law, we do not need to obtain your prior consent for strictly necessary cookies, but we still inform you about them and why they are needed[19]. Without these cookies, certain services you have asked for (such as logging in or adding items to a cart, if applicable) cannot be provided. You can set your browser to block or alert you about these essential cookies, but some parts of the site may not work as a result.
Performance & Analytics Cookies: These cookies help us understand how visitors interact with our website, which pages are visited most often, and whether users encounter errors. By collecting anonymous statistics, performance cookies enable us to improve how our website works. For instance, we use Google Analytics which sets cookies to collect information and report site usage statistics without personally identifying individual visitors (we have configured Google Analytics to anonymize IP addresses, where applicable). The data from these cookies is aggregated and used solely to improve our website’s performance and design[20]. These cookies are not strictly necessary and will only be placed on your device if you enable them (i.e., give consent via the cookie banner). If you disable these cookies, we will not know when you have visited our site, and we will be less able to monitor site performance and improve our service for you.
Targeting & Advertising Cookies: Targeting cookies are used to deliver content or advertisements that are more relevant to you and your interests. They may be set by us or by our advertising partners (in our case, the primary example is the Meta Pixel for Facebook/Instagram ads). These cookies remember that you’ve visited our site and may record your online identifiers (like cookie IDs or device IDs) and browsing patterns. The information enables us to show you tailored advertisements on third-party platforms like Facebook, or measure the effectiveness of our ad campaigns. For example, if you allow these cookies, the Meta Pixel will note that you visited or took a certain action on our site, which can help us ensure you see relevant ads or limit the number of times you see the same ad[21]. Targeting cookies on our site might also include HubSpot cookies that track your visits to personalize marketing content we provide to you. These cookies involve processing of personal data and therefore are only set with your consent. If you disable targeting cookies, you will experience less targeted advertising from us – you’ll still see generic ads, but not based on your interactions with our site.

(We currently do not use a separate category for “Preferences” or “Functional” cookies, as our site does not set any additional cookies to remember choices like language or region beyond what is strictly necessary. If that changes, we will update this policy accordingly.)

Your Cookie Choices:
When you first visit our website, you will see a cookie consent notice. This banner allows you to accept all cookies, reject non-essential cookies, or choose settings for different categories (e.g., “Accept only necessary cookies” or individually enable Performance and/or Targeting cookies). We will not set any performance or targeting cookies unless you opt-in (give consent) to those categories[5]. Once you’ve made your choices, we’ll remember your preferences for future visits (you can always adjust them later). If at any time you wish to change your cookie settings, you can do so by clicking on the “Cookie Preferences” link in our website footer (or a similarly easily accessible location). This will bring up the consent management tool again, allowing you to modify your selections or withdraw consent as easily as you gave it[22].

Browser Settings: In addition to our website controls, most web browsers provide settings that allow you to control or block cookies. You can usually find these options in your browser’s “Options” or “Preferences” menu. For instance, you can configure your browser to refuse all cookies, accept only certain types, or delete cookies when you close your browser. You can also remove cookies that have already been set on your device. For more information on how to manage cookies in popular browsers (Chrome, Firefox, Safari, Edge, etc.), you can visit the browser’s help documentation. Please note that if you choose to block cookies at the browser level, essential functions on our site might be affected, and your cookie preferences on our site (which itself may rely on a cookie to remember your choices) might not be saved.

Do Not Track: Our website currently does not respond to “Do Not Track” signals from browsers. Since there is no common industry standard for DNT signals, we treat cookie consent through our banner as the authoritative choice for cookie usage. We honor the selections you make in our cookie consent tool.

Data Retention and Security

Data Retention: We keep your personal data only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements[23]. In practice, this means: if you create an account or do business with us, we will retain your personal information for as long as your account is active or as needed to provide you with services. If you unsubscribe from our communications or delete your account, we will delete or anonymize your personal data within a reasonable period, unless we are required to keep it longer (for example, retaining transaction records for tax purposes, or if needed for legal disputes). We periodically review the data we hold, and when personal data is no longer needed, we either securely erase it or irreversibly anonymize it. Our policy is to store data for the shortest duration necessary to meet our obligations and your needs[24]. If you would like more specific information on retention periods for different types of data, you can contact us for details.

Data Security: We take the security of your personal data seriously. Noovy implements appropriate technical and organizational measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include, for example, encryption of data in transit (our website is served over HTTPS/TLS, which encrypts information you enter), encryption of sensitive data at rest where applicable, regular software security updates, firewalls, and monitoring for potential vulnerabilities. We also restrict access to personal data to authorized personnel and trusted contractors who need to know that information in order to process it for us, and they are subject to strict confidentiality obligations. We have in place procedures to deal with any suspected data breach – if a personal data breach were to occur, we would notify you and relevant authorities as required by law. While we strive to protect your information, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee absolute security; however, we continuously work to update and improve our security practices to keep your data safe.

Changes to This Policy

We may update this Privacy and Cookie Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will notify you by posting the updated policy on our website and updating the “Last Updated” date at the top. In some cases, we may provide additional notice (such as adding a statement on our homepage or sending you an email notification) about significant changes. We encourage you to review this policy periodically to stay informed about how we are protecting your information. Your continued use of our website or services after we make changes is deemed acceptance of those changes, so please check the policy for updates whenever you visit.

If you have any questions, concerns, or requests regarding this Privacy and Cookie Policy or your personal data, please do not hesitate to contact us. We are here to help and address any issues promptly.

Contact Information:
Email: privacy@noovy.com
Postal Address: Noovy (Attn: Privacy Team) – Chase House, Northern Cross Dublin, D17AK63

(If you email us, please include any relevant details that will help us assist you, such as the email address associated with your account or the context of your request.)

You also have the right to contact our Data Protection Officer (DPO) if we have appointed one, or our EU Representative (if applicable). [If Noovy has a DPO or EU representative, their contact details would be provided here.]

Thank you for reading our Privacy and Cookie Policy. We value your privacy and trust. Noovy is dedicated to handling your personal data in an honest and transparent way, and we will always work to protect your rights and give you control over your information.