Privacy Policy

Last updated: February 2026

1. Introduction

At Novad (hereinafter "We"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service, in compliance with the General Data Protection Regulation (GDPR) and the French "Informatique et Libertés" law.

2. Data Controller

The Data Controller responsible for your personal information is the editor of the site (acting as an individual entrepreneur):

3. Information We Collect

Account Information

When you create an account, we collect your email address and any profile information you choose to provide (name, avatar, bio).

Profile & Preferences

To provide personalized recommendations, we collect information about your travel preferences, including:

  • Desired feelings and motivations
  • Lifestyle preferences
  • Practical constraints (budget, etc.)
  • Activity interests

Usage Data

We automatically collect certain information when you use the Service, including your browser type, device information, pages visited, and interactions with features.

4. Legal Basis and Purpose

We process your data based on the following legal grounds:

Contractual NecessityTo provide the Service and personalized destination recommendations.
Legitimate InterestsTo improve our Service, ensure security, and analyze usage patterns.
ConsentFor cookies and marketing communications (which you can withdraw at any time).
Legal ObligationTo comply with applicable laws and regulations.

5. Data Sharing and Transfers

We do not sell your personal information. We may share your information with trusted service providers (Data Processors) who assist in operating our Service (e.g., hosting with Vercel, authentication/database with Supabase).

Some of these providers may be located outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. When you delete your account, we will delete your personal data within 30 days, except where retention is required by law (e.g., billing records).

8. Your Rights (GDPR)

In accordance with the GDPR, you have the following rights regarding your personal data:

  • Right of Access
  • Right to Rectification
  • Right to Erasure
  • Right to Restriction
  • Right to Data Portability
  • Right to Object

To exercise these rights, please contact us at team@hello.novad.app.

You also have the right to lodge a complaint with a supervisory authority. In France, this is the CNIL (Commission Nationale de l'Informatique et des Libertés).

9. Cookies & Tracking

We use essential cookies to maintain your session and preferences. We also use analytics tools (Google Analytics) to understand how users interact with our Service. You can control cookie settings through our Cookie Banner or your browser settings.

10. Children's Privacy

Our Service is not intended for users under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at team@hello.novad.app.