Privacy Policy
Your privacy matters to us. Here's how we protect and handle your personal information when you use noventlorax's financial technology tools and services.
Last Updated: March 15, 2025
Information We Collect
When you use noventlorax's financial technology platform, we collect information that helps us provide better services and protect your financial data. This happens in several ways.
Information You Provide
- Account registration details including name, email address, and phone number
- Financial information necessary for our tools to function properly
- Communication preferences and support requests
- Business information when using our commercial features
- Payment information processed through secure, encrypted channels
Automatically Collected Data
Our systems automatically collect technical information to improve functionality and security. This includes device information, usage patterns, and interaction data that helps us understand how our tools perform.
How We Use Your Information
Every piece of information we collect serves a specific purpose in delivering our financial technology services. We don't use your data for purposes unrelated to providing you with excellent financial tools.
| Purpose | Data Types Used | Legal Basis |
|---|---|---|
| Service Delivery | Account, financial, technical data | Contract performance |
| Security & Fraud Prevention | Transaction patterns, device information | Legitimate interest |
| Customer Support | Communication records, account data | Contract performance |
| Legal Compliance | All relevant data types | Legal obligation |
Australian Privacy Compliance
As an Australian-based company, noventlorax strictly adheres to the Privacy Act 1988 and Australian Privacy Principles. We've designed our data practices to exceed local requirements and provide you with comprehensive control over your personal information.
Data Sharing and Third Parties
We limit data sharing to essential services that directly support our financial technology platform. Every third-party relationship is carefully evaluated and contractually bound to protect your information.
- Financial institutions for payment processing and verification services
- Cloud service providers who maintain Australian data residency requirements
- Security vendors who help protect against fraud and cyber threats
- Legal and regulatory authorities when required by Australian law
- Professional service providers under strict confidentiality agreements
We never sell personal information to marketing companies or data brokers. Any data sharing arrangement includes contractual requirements for data protection that match or exceed our own standards.
Your Privacy Rights
Under Australian privacy law, you have significant control over your personal information. We've built systems that make exercising these rights straightforward and efficient.
Access and Correction
You can request access to your personal information at any time through your account dashboard or by contacting our privacy team. We'll provide this information within 30 days, usually much sooner.
Data Portability
Request your data in structured, commonly used formats. This helps if you want to transfer information to another service provider or maintain your own records.
Deletion Requests
We'll delete your personal information when it's no longer needed for business purposes, subject to legal retention requirements. Some financial records must be kept for regulatory compliance.
Data Security Measures
Protecting financial data requires robust security measures. We use enterprise-grade encryption, secure data centers, and regular security audits to safeguard your information.
- AES-256 encryption for data at rest and TLS 1.3 for data in transit
- Multi-factor authentication requirements for all account access
- Regular penetration testing and security vulnerability assessments
- Australian-based data centers with 24/7 monitoring and access controls
- Staff security training and background checks for all personnel
- Incident response procedures tested quarterly with external security experts
We maintain cyber insurance and work with leading security firms to stay ahead of emerging threats. All security incidents are reported to relevant authorities within required timeframes.
Data Retention and Deletion
We keep your information only as long as necessary to provide services and meet legal obligations. Different types of data have different retention periods based on their purpose and regulatory requirements.
Account Information
Basic account details are retained while your account is active, plus seven years after closure to meet Australian financial record requirements.
Transaction Records
Financial transaction data must be kept for seven years under Australian taxation and financial services laws. This applies even after account closure.
Marketing and Communication
Communication preferences and marketing data are deleted immediately upon request or account closure, unless needed for legal compliance.
International Data Transfers
Your data primarily stays within Australia. When international transfers are necessary for service delivery, we use approved safeguards including standard contractual clauses and adequacy decisions.
Some cloud services may involve data processing in other countries, but we maintain contractual requirements for Australian privacy law compliance regardless of processing location.
Cookies and Tracking Technologies
We use cookies and similar technologies to improve platform functionality and security. Most are essential for the service to work properly, while others help us understand usage patterns.
- Essential cookies for login sessions and security features
- Functional cookies that remember your preferences and settings
- Analytics cookies to understand how users interact with our platform
- Security cookies that help detect and prevent fraudulent activity
You can control cookie settings through your browser, though disabling essential cookies may limit platform functionality. We don't use cookies for advertising or tracking across other websites.
Privacy Policy Updates
This privacy policy is reviewed annually and updated when our practices change or laws require modifications. Material changes are communicated directly to users via email and platform notifications.
Previous versions are archived and available upon request. Changes take effect 30 days after notification, giving you time to review and make account decisions if needed.
Privacy Questions and Requests
Our privacy team handles all data protection inquiries promptly and thoroughly. Whether you need to exercise your rights, report a concern, or ask questions about our practices, we're here to help.