Privacy Policy

How we collect, use, and protect your personal information.

Effective Date: April 2, 2026

Privacy Policy

Last Updated: April 2, 2026

Effective Date: April 2, 2026

At Novin Digital, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website or use our services. We are committed to complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Your Privacy Matters

We only collect information necessary to provide our services and will never sell your personal data to third parties. You have full control over your information at all times.

1. What Information We Collect

We collect personal information that you voluntarily provide to us when you:

Contact Forms

When you submit an inquiry through our contact forms, we collect:

  • Your full name
  • Business name
  • Email address
  • Phone number (if provided)
  • Message content and inquiry details
  • Selected service packages and add-ons
  • Business location

Automatically Collected Information

Our website may automatically collect certain technical information:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent on pages
  • Referring website

Note: This information is collected through standard web server logs and is used solely to improve website performance and user experience.

What We Do Not Collect

We do not collect sensitive personal data such as financial information, health records, or government-issued identification numbers.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to your inquiries and provide customer service
  • To deliver the web design and digital services you've requested
  • To communicate project updates, service information, and support
  • To improve our website, services, and customer experience
  • To comply with legal obligations and enforce our terms of service
  • To prevent fraud and maintain the security of our services

Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on:

  • Consent: When you voluntarily submit information through our forms
  • Contractual Necessity: To fulfill our service agreements with you
  • Legitimate Interests: To improve our services and communicate about projects
  • Legal Obligation: To comply with applicable laws and regulations

3. Cookies & Tracking Technologies

Our website uses minimal cookies to ensure proper functionality:

Essential Cookies

These cookies are necessary for the website to function properly. They enable basic features like page navigation, secure areas, and form submissions. The website cannot function properly without these cookies.

Examples: Session cookies, security cookies

Functional Cookies

These cookies remember your preferences (such as language selection) to provide a more personalized experience.

Examples: Language preference, region settings

Analytics Cookies

With your consent, we use Google Analytics 4 to understand how visitors interact with our website. These cookies collect anonymous data about page visits, user behavior, traffic sources, and demographics. This information helps us improve our website and services. You can opt out of analytics cookies through our cookie banner.

Examples: Google Analytics (_ga, \_gid, \_ga_\*)

No Tracking

We do not use advertising or social media tracking cookies. Analytics cookies are only activated with your consent and can be disabled at any time.

Cookie Control

You can control and manage cookies through your browser settings. Please note that disabling essential cookies may affect website functionality. Most browsers allow you to:

  • View what cookies are stored
  • Delete all or specific cookies
  • Block certain or all cookies
  • Set preferences for cookie acceptance

4. Third-Party Services

We use select third-party services to operate our business effectively:

Resend

Purpose: Email delivery service

We use Resend to send and receive emails related to your inquiries. When you submit a contact form, your information is transmitted to Resend's servers to deliver the email to us.

Privacy Policy: https://resend.com/legal/privacy-policy

Web Hosting Provider

Purpose: Website hosting and infrastructure

Our website is hosted on secure servers. The hosting provider has access to technical information (such as IP addresses) through standard server logs but does not access your personal inquiry data.

Note: All hosting services comply with industry-standard security practices.

Google Analytics 4

Purpose: Website analytics and user behavior tracking

We use Google Analytics 4 to collect anonymous data about how visitors use our website. This includes pages visited, time spent on site, traffic sources, geographic location (country/region level), device type, and browser information. Google Analytics may set cookies on your device only if you consent.

Privacy Policy: https://policies.google.com/privacy

Note: Google Analytics data is anonymized and aggregated. We do not collect personally identifiable information through Google Analytics. You can opt out by declining cookies in our cookie banner or by using the Google Analytics Opt-out Browser Add-on.

No Selling of Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer your data internationally, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

5. How Long We Keep Your Data

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy:

  • Contact form inquiries: We retain inquiry data for up to 2 years after your last contact with us, unless you become a client
  • Client data: If you become a client, we retain your information for the duration of our business relationship plus 7 years for legal and accounting purposes
  • Analytics data: Google Analytics data is automatically deleted after 14 months
  • Technical logs: Server logs are typically retained for 90 days

After the retention period, your data is securely deleted or anonymized. You can request earlier deletion at any time (see Your Rights section below).

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

  • Encrypted data transmission (SSL/TLS)
  • Secure server infrastructure
  • Access controls and authentication
  • Regular security assessments
  • Staff training on data protection

Important: While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights regarding your personal data:

Right to Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can request that we correct any inaccurate or incomplete information.

Right to Erasure ('Right to be Forgotten')

You can request that we delete your personal data under certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your data in certain situations.

Right to Data Portability

You can request a copy of your data in a machine-readable format to transfer to another service.

Right to Object

You can object to our processing of your data for certain purposes.

Right to Withdraw Consent

Where we rely on consent, you can withdraw it at any time.

Right to Lodge a Complaint

You can file a complaint with your local data protection authority if you believe we've violated your rights.

How to Exercise Your Rights

To exercise any of these rights, please contact us using the information provided in the Contact Us section below. We will respond to your request within 30 days.

8. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately, and we will delete it.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will update the 'Last Updated' date at the top of this page. We encourage you to review this policy periodically.

If we make material changes that affect how we use your personal data, we will notify you by email (if you've provided one) or through a prominent notice on our website.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

Email: Use the contact form on our website

Response Time: We aim to respond to all privacy inquiries within 48 hours

For GDPR-related matters, you are welcome to address your inquiry to our data protection contact through the same channels.

Data Protection Authority

If you are not satisfied with our response or believe we are processing your data unlawfully, you have the right to lodge a complaint with your local supervisory authority:

  • UK: Information Commissioner's Office (ICO) - https://ico.org.uk
  • EU: Your local Data Protection Authority - https://edpb.europa.eu/about-edpb/about-edpb/members_en

For questions about this privacy policy, please contact us through our contact page.