Privacy Policy

Last updated: 1st January 2026

Introduction

DataNova B.V. ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and safeguard your personal information when you visit our website, use our services, or interact with us.

As a data controller, DataNova complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the European Union and the Netherlands.

Data Controller Information

The data controller responsible for your personal data is:

DataNova B.V.
Vijverweg 51
9755 VU Groningen
Netherlands
Registration Number: 60398471
VAT Number: NL892417650B01

Data Collection

We collect different types of personal data depending on how you interact with DataNova. The data we collect includes information you provide directly to us and information we collect automatically through your use of our website and services.

Information You Provide

  • Contact details (name, email address, phone number, company name)
  • Business information and cybersecurity requirements
  • Communication preferences and enquiry details
  • Service feedback and support requests
  • Payment and billing information for our services

Information We Collect Automatically

  • Website usage data and analytics information
  • IP address, browser type, and device information
  • Pages visited, time spent on our website, and referral sources
  • Cookies and similar tracking technologies (see our Cookie Policy)

How We Use Your Information

DataNova processes your personal data for specific purposes based on legal grounds as required by GDPR. We use of your data is limited to the following purposes:

  • Service Provision: To deliver cybersecurity services, conduct security assessments, and provide technical support
  • Communication: To respond to your enquiries, provide service updates, and maintain customer relationships
  • Business Operations: To process payments, maintain records, and comply with legal obligations
  • Website Improvement: To analyse website usage, improve user experience, and develop new features
  • Marketing: To send relevant cybersecurity insights and service information (with your consent)
  • Legal Compliance: To meet regulatory requirements and protect our legitimate business interests

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Consent: Where you have given clear consent for specific processing activities
  • Contract Performance: To fulfil our cybersecurity service agreements
  • Legitimate Interests: For business operations, fraud prevention, and service improvement
  • Legal Obligation: To comply with applicable laws and regulations

Data Sharing and Disclosure

DataNova does not sell your personal data to third parties. We may share your information in the following circumstances:

  • With trusted service providers who assist in delivering our cybersecurity services
  • When required by law, legal process, or government authorities
  • To protect our rights, property, or safety, or that of our clients
  • In connection with business transfers or corporate restructuring
  • With your explicit consent for specific purposes

Data Retention

DataNova retains your personal data only for as long as necessary to fulfil the purposes for which it was collected. Our data retention periods are based on business needs, legal requirements, and industry best practices.

  • Customer Data: Retained for the duration of our service relationship plus 7 years for legal compliance
  • Website Analytics: Aggregated data retained for 2 years for statistical analysis
  • Marketing Communications: Until you withdraw consent or unsubscribe
  • Legal Documentation: As required by applicable laws and regulations

Your Rights

Under GDPR and applicable data protection laws, you have specific rights regarding your personal data. These rights include:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete information
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Limit how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for specific processing activities

To exercise any of these rights, please contact us using the information provided in the contact section below.

Data Security

As a cybersecurity company, DataNova implements robust technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and employee training on data protection
  • Incident response procedures and breach notification protocols
  • Compliance with industry security standards and best practices

International Data Transfers

DataNova primarily processes personal data within the European Economic Area (EEA). If we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other approved transfer mechanisms under GDPR.

Cookies and Tracking

Our website uses cookies and similar technologies to enhance your browsing experience and analyse website performance. For detailed information about our use of cookies, please refer to our Cookie Policy.

Contact Information

If you have questions about this Privacy Policy, wish to exercise your data protection rights, or need to contact us regarding your personal data, please reach out to us using the following contact information:

Privacy Contact:
Email: privacy@datanova.world
Phone: +31 50 260 5361
Address: DataNova B.V., Vijverweg 51, 9755 VU Groningen, Netherlands

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data appropriately.

Changes to This Policy

DataNova may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. We will notify you of significant changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy regularly to stay informed about how we protect your personal data.