← Home
Legal

Privacy Policy

Last updated: 4 July 2026 · Effective date: 4 July 2026
This Privacy Policy applies to all websites, applications, APIs, dashboards, software tools and services operated by TJ NOVA LTD and explains how we collect, use, share and protect personal data, and what rights you have in relation to it.
1. Who we are 2. Information we collect 3. How we use information 4. Legal bases for processing 5. AI processing and automated decision-making 6. Sharing and processors 7. International transfers 8. Retention 9. Security 10. Children 11. Your rights 12. Complaints to a supervisory authority 13. Cookies 14. Changes to this policy 15. Contact

1. Who we are

TJ NOVA LTD is a private limited company registered in England and Wales (Company No. 17308318), with its registered office at 124-128 City Road, London, EC1V 2NX, United Kingdom. We act as the data controller for personal data processed in connection with the Services, unless stated otherwise for a specific product.

2. Information we collect

3. How we use information

We use personal data to: provide, operate and maintain the Services; process payments and manage subscriptions; authenticate accounts and prevent fraud, abuse and unauthorised access; provide customer support; send service-related communications (and, where you have consented, marketing communications); monitor, secure and improve the Services; comply with legal, tax and regulatory obligations; and enforce our Terms of Service and Acceptable Use Policy.

4. Legal bases for processing

Under UK GDPR, we rely on the following legal bases depending on context: performance of a contract with you (providing the Services you sign up for); legitimate interests (security, fraud prevention, product improvement, direct marketing to existing customers), balanced against your rights; legal obligation (tax, accounting, regulatory compliance); and consent, where required (for example, certain cookies or marketing to new contacts). You may withdraw consent at any time where consent is the basis for processing, without affecting the lawfulness of processing before withdrawal.

5. AI processing and automated decision-making

Some Services use automated systems, including third-party AI models, to process content you submit and generate output. Where automated processing produces effects that could be considered a decision with legal or similarly significant effect on you, we do not rely solely on fully automated decision-making without human oversight for decisions that materially affect your rights, except where necessary to perform a contract with you, authorised by law, or based on your explicit consent, and in each case with appropriate safeguards including the ability to request human review. Fraud-prevention and abuse-detection systems may temporarily restrict access automatically; you may contact support@tjnovaltd.com to request a human review of such a decision.

6. Sharing and processors

We share personal data only as needed to operate the Services, with categories of processors that may include: cloud hosting and infrastructure providers; payment processors; email and communication delivery providers; analytics providers; customer support tooling; and, where a Service is built on third-party AI models, the relevant AI model provider, to the extent necessary to generate the output you request. Each processor is bound by contractual obligations to protect personal data consistent with this Policy and applicable law. We do not sell personal data. We may disclose personal data where required by law, to protect our rights, or in connection with a merger, acquisition or sale of assets, subject to equivalent protections.

7. International transfers

Some of our processors are located outside the United Kingdom, including in the United States and other countries. Where we transfer personal data internationally, we rely on appropriate safeguards recognised under UK data protection law, including the UK International Data Transfer Agreement, the EU Standard Contractual Clauses as incorporated for UK transfers, or transfers to countries or organisations subject to an applicable adequacy decision.

8. Retention

We retain personal data only for as long as necessary for the purposes described in this Policy. As a general guide: account and billing records are retained for the duration of your account plus a period required for tax and accounting obligations (typically up to 6 years after account closure); security and API logs are typically retained for up to 12 months for fraud prevention and troubleshooting, unless a longer period is required for an active investigation or legal obligation; marketing contact data is retained until you opt out or after a period of inactivity. Specific retention periods may vary by product and are available on request.

9. Security

We apply technical and organisational measures appropriate to the risk, including encryption of data in transit, access controls and authentication, logging and monitoring for suspicious activity, and staff access limited on a need-to-know basis. No method of transmission or storage is completely secure; if we become aware of a personal data breach that is likely to result in a risk to your rights, we will notify affected individuals and the ICO in accordance with UK GDPR where required.

10. Children

The Services are not directed at, and are not intended for use by, children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact support@tjnovaltd.com and we will take steps to delete it.

11. Your rights

Subject to applicable law, you have the right to: request access to the personal data we hold about you; request correction of inaccurate data; request deletion of your data; request restriction of processing; object to processing based on legitimate interests or for direct marketing; request portability of data you provided to us; and withdraw consent where processing is based on consent. To exercise any of these rights, contact support@tjnovaltd.com. We will respond within the timeframes required by UK GDPR (generally one month, extendable in complex cases). We may need to verify your identity before actioning a request.

12. Complaints to a supervisory authority

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk, or with your local data protection authority if you are located outside the United Kingdom. We would appreciate the opportunity to address your concerns directly first via support@tjnovaltd.com.

13. Cookies

See our Cookie Policy for details on the cookies and similar technologies we use and how to manage your preferences.

14. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be indicated by updating the "Last updated" date above, and, where required by law, we will provide reasonable advance notice. This Policy is drawn up in English; where we provide a translation for convenience, the English version prevails in the event of any conflict.

15. Contact

Privacy enquiries: support@tjnovaltd.com. Security matters, including suspected data breaches: security@tjnovaltd.com.