Introduction
We, Novidea (the “Company,” “we,” “us,” “our”), respect the privacy and data protection rights of our website visitors, business contacts, and actual and potential customers.
This Privacy Notice (the “Notice“) describes the personal information we collect and the policies and procedures we use regarding personal information in each of the following contexts:
- Through our website, novidea.com (the “Website”).
- When you subscribe to receive blog updates or access our webinars.
- When you visit us at trade shows and conferences.
- About representatives of our existing and prospective customers, reseller partners, and vendors (the “Representatives”).
We are committed to complying with applicable data protection laws, including the EU and the UK General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA).
This Notice may be amended from time to time. We will post any changes to this Notice on our Website a reasonable time in advance of the effective date of the change, and we will also endeavor to proactively notify you by email of such changes if we have your email address.
Contact us
If you have any questions, comments, or concerns regarding this Notice or our processing of your personal information, please contact us at [email protected].
What we collect and why
| Scenario | Purposes | Categories of information processed |
| You contact us with an inquiry through the Website’s contact-us form or chatbot. | To contact you to promote our business and market our products and services. | Email address and content of inquiry. |
| You subscribe to our blog or newsletter updates. | To send you updates promoting our business and marketing our products and services. | Email address. |
| You scan your badge at our booth at a conference or trade show where we are present. | To contact you to promote our business and market our products and services. | Name, title, company, email. |
| You request access to a webinar or other content we offer. | To contact you to promote our business and market our products and services. | Email address, and optionally: name, job title, and company. |
| We receive your information as a representative of an existing or prospective customer that uses, or is considering the use of, our products or services. | Administering the business and support/professional services relationship with the customer or prospective customer. Providing customer support and professional services to the customer. | Name; company; title; phone number; communications exchanged with you. |
| We receive your information as a representative of an existing or prospective vendor or service provider. | Administering the business relationship with vendors and service providers. Facilitating Novidea’s use of vendors’ and service providers’ products and services. | Name, email address, company, position, phone number, country, communications exchanged with you. |
| Use of essential cookies on the Website. | To facilitate a website feature that the user specifically requested. | IP address, pages visited, Website functions used, fields completed in forms. |
| Use of non-essential cookies on the Website | Analyze site usage to evaluate and improve its performance, improve user experience on the site, inform and serve personalized ads more relevant to user interests | IP address, pages visited, Website functions used, fields completed in forms. |
Methods and Sources for Collecting Your Personal Information
We collect personal information from several sources:
- Directly from you when you provide it to us through email communications, a form, by scanning your badge at our booth at a conference or trade show where we are present, or during a marketing call with us.
- You are not legally obligated to provide us with your personal information; however, if you choose not to, we will not be able to handle or respond to your inquiry, maintain our business contact with you, or fulfill your request to register for our webinars, conferences, blog, or newsletter updates.
- If another Representative of your organization provides us with your information.
- Through the device you use to access our Website, such as via our use of cookies.
Sharing Your Personal Information
We will not share your information with third parties, except in the events listed below or when you provide us with your explicit and informed consent.We do not sell your personal information to third parties.
| Scenario | Purpose | Examples of Third Parties Involved |
| We will share your personal information with our service providers who assist us with the internal operations of our business and the Website. These companies are authorized to use your personal information in this context only as necessary to provide these services to us and not for their own promotional purposes. | Operating the Website and our business | Salesforce.com, Google |
| If you abuse your rights to use the Website or violate any applicable law while conducting business with us. | Responding to, handling, and mitigating suspected violations of law in connection with our business. | Competent authorities, legal counsel, and advisors. |
| If a judicial, governmental, or regulatory authority requires us to disclose your information. | Complying with a binding request from a competent authority. | Competent authorities. |
| If the operation of the Website or our business is reorganized within a different framework, or through another legal structure or entity (such as due to a merger or acquisition). | Enabling a structural change in the operation of the Website and our business. | The target entity of the merger or acquisition, legal counsel, and advisors. |
| Third-party cookies | For more details, please see the cookie banner on the landing page of our Website. | |
Data Retention and Security
We retain your information for the duration necessary to operate the Website and our business, and to interact with customers, reseller partners, and suppliers, and thereafter as needed for record-keeping purposes.
We will retain your information for the duration needed to support our ordinary business activities, including operating the Website and interacting with existing and potential customers, suppliers, and partners. Thereafter, we will continue to retain your personal information as necessary to comply with our legal obligations, resolve disputes, establish and defend legal claims, and enforce our agreements. The overall retention period is approximately 7 years.
Measures to Secure Your Information
We implement measures to reduce the risks of damage, loss of information, and unauthorized access to or use of information. However, these measures do not provide absolute information security. Therefore, although efforts are made to secure your personal information, there is no guarantee that it will be immune from information security risks.
Additional Information for Individuals in the EEA or UK
Controller
Novo Idea Software Ltd., is the controller of your personal data. Its address is: 4 HaMachshev Street, Netanya 4250713, Israel.
International Data Transfers
To facilitate processing your information within the companies in our corporate group and by our service providers, we will transfer your information to countries such as the United States, United Kingdom, and Israel. We do so under the terms of a data transfer agreement which contains standard data protection contract clauses with adequate safeguards determined by the EU Commission and the UK Information Commissioner’s Office.
Legal Basis for Processing Your Personal Data
| Purpose or Scenario | Legal Basis |
| You contact us with an inquiry through the Website contact-us form or chatbot | Legitimate interests in developing potential leads and responding to business inquiries |
| You subscribe to our newsletters or blog updates | Consent |
| You scan your badge at our booth in a conference or trade show in which we present, and we contact you to promote our business and market our products and services | Consent |
| You ask to access a webinar or other expert content we offer, and we contact you to promote our business and market our products and services | Legitimate interests in developing potential leads |
| We conduct a marketing call with you | Legitimate interests in developing potential leads |
| We receive and use your information as a representative of an existing or prospective customer that uses, or is considering the use of, our products or services. | Legitimate interests in administering relationships with existing and prospective customers using Novidea’s products and services |
| We engage in a business relationship with a vendor or service provider of which you are a representative | Legitimate interests in administering contractual obligations with vendors |
| Use of essential cookies on the Website | Legitimate interests in the proper operation of the website |
| Use of non-essential cookies on the Website | Consent |
| Responding to, handling, and mitigating suspected violations of law in connection with our business | Legitimate interests in defending and enforcing against violations and breaches that are harmful to our business |
| Complying with a binding request from a competent authority | Legitimate interests in complying with mandatory legal requirements imposed on us |
| Enabling a structural change in the operation of the Website and our business | Legitimate interests in our business continuity |
Data Subject Rights
If you are in the EEA or the UK, you have the following rights under the GDPR:
Right to Access: To access and receive a copy of your personal information that we process.
Right to Rectify: To rectify inaccurate personal information we hold concerning you and to have incomplete personal information completed.
Right to Withdraw Consent: To easily and at any time withdraw your consent to us processing your personal data in instances that are based on consent as described in the table above. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Right to Data Portability: To receive the personal information that you provided to us, in a structured, commonly used, and machine-readable format. You have the right to transmit this data to another person or entity. Where technically feasible, you have the right to have your personal information transmitted directly from us to the person or entity you designate.
Right to Object: To object to our processing of your personal information based on our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or if we need to process such personal information for the establishment, exercise, or defense of legal claims.
Right to Restrict Processing: To restrict us from processing your personal information (except for storing it): (a) if you contest the accuracy of the personal information (in which case the restriction applies only for a period enabling us to determine the accuracy of the personal information); (b) if the processing is unlawful and you prefer to restrict the processing of the personal information rather than requiring the deletion of such data by us; (c) if we no longer need the personal information for the purposes outlined in this Notice, but you require the personal information to establish, exercise, or defend legal claims; or (d) if you object to our processing based on our legitimate interest (in which case the restriction applies only for the period enabling us to determine whether our legitimate grounds for processing override yours).
Right to be Forgotten: Under certain circumstances, such as when you object to our processing of your personal information based on our legitimate interest and there are no overriding legitimate grounds for the processing, or if you withdraw consent to processing that was based on your consent (and there is no other legal basis for processing), you have the right to ask us to erase your personal information. However, notwithstanding such request, we may still process your personal information if it is necessary to comply with our legal obligations, or for the establishment, exercise, or defense of legal claims. If you wish to exercise any of these rights, please contact us through the channels listed in this Notice.
When you contact us, we reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you with information that you have asked for, we will explain the reason.
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, then according to Article 77 of the GDPR, you can lodge a complaint with the supervisory authority in the Member State of your residence, place of work, or place of alleged infringement of the GDPR. For a list of supervisory authorities in the EU, click here.
If you are in the UK, you can lodge a complaint with the Information Commissioner’s Office (ICO) pursuant to the instructions provided here.
Additional Information for Individuals in the United State
Below is the information we have collected about you in the past 12 months.
We do not sell your personal information and have not done so in the past 12 months. We also do not use or disclose sensitive personal information.
| Categories of personal information | Specific types of personal information collected | Business purposes for which the information is used |
| Identifiers | Name, email address. | Providing customer service Processing or fulfilling orders and transactions, verifying information, processing payments, auditing related to a current interaction with youDetecting security incidents and protecting against malicious, deceptive, fraudulent, or illegal activityUndertaking internal research for technological development and demonstration.Undertaking activities to verify or maintain the quality of the service and to improve, upgrade or enhance the service.Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards Debugging to identify and repair errors |
| Other information that identifies, relates to, describes, or is capable of being associated with, the individual | Phone number, country | |
| Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies | Products and services used or expressed interest in, communications with you and content of your inquiry. | |
| Professional information | Company affiliation, position, Participation in conferences or trade shows | |
| Internet or other electronic network activity information | IP address, pages visited, Website functions used, fields completed in forms, How and when you viewed content, clicked linked, or completed forms in emails. |
Sharing and Disclosure to Third Parties
The chart below explains the personal information we disclosed in the preceding 12 months. It also explains the personal information we share for online behaviorally targeted ads in the preceding 12 months. Other than this, we have not disclosed and have not sold your personal information for a business purpose in the preceding 12 months.
We do not have actual knowledge that we share the personal information of consumers under 16 years of age for online behaviorally targeted ads.
| Categories of Personal Information | Categories of Third Parties to Whom We Disclose Your Information and the Specific Business or Commercial Purpose for the Disclosure |
| Identifiers | Judicial, governmental, or regulatory authority if they require us to disclose your information. This is to protect against malicious, deceptive, fraudulent, or illegal activity.Target entity of the merger or acquisition, legal counsels, and advisors If the operation of the Website or our business is organized within a different framework, or through another legal structure or entity. This is to improve, upgrade or enhance the service |
| Other information that identifies, relates to, describes, or is capable of being associated with, the individual | |
| Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies | |
| Professional information | |
| Internet or other electronic network activity information | |
| Internet or other electronic network activity information; Inferences | Sharing with advertising networks for online behaviorally targeted ads. |
Your Rights Under State Privacy Laws in the U.S.
Knowing the Personal Information We Collect About You
You have the right to know whether we are processing your personal information. If we are, you have the right to know the following information, which we will provide to you after we receive your request and verify your identity:
- The categories of personal information we collected about you.
- The categories of sources from which the personal information was collected.
- The purposes for which we collect personal information.
- The categories of third parties with whom we share personal information.
- The specific pieces of personal information we have collected about you.
Right to Obtain a Portable Copy of Your Personal Information
If your data is available in a digital format, you have the right to obtain a copy of the personal information that you previously provided to us, in a portable and readable format (to the extent technically feasible).
Right to Correct Information
If we receive a verifiable request from you to correct your information and we determine the accuracy of the corrected information you provide, we will correct inaccurate personal information that we maintain about you.
In determining the accuracy of the personal information that is the subject of your request for correction, we will consider the totality of the circumstances relating to the contested personal information.
We may also require that you provide documentation if we believe it is necessary to rebut our own documentation that the personal information is accurate.
We may deny your request for correction in the following cases:
- We have a good-faith, reasonable, and documented belief that your request for correction is fraudulent or abusive.
- We determine that the contested personal information is more likely than not accurate based on the totality of the circumstances.
- Conflict with federal or state law.
- Another exception to state privacy laws.
- Inadequacy of the required documentation.
- Compliance proves impossible or involves disproportionate effort.
We will provide you with a detailed explanation that includes enough facts to give you a meaningful understanding as to why we cannot comply with the request to correct your information.
Right to Deletion
Subject to certain exceptions set out below, upon receipt of a verifiable request from you, we will:
- Delete your personal information from our records; and
- Direct any service providers to delete your personal information from their records.
Please note that we may not delete your personal information if it is necessary to:
- Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us.
- Help to ensure security and integrity to the extent the use of the consumer’s personal information is reasonably necessary and proportionate for those purposes.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
- Comply with the applicable Electronic Communications Privacy Act.
- Engage in public or peer-reviewed scientific, historical, or statistical research that conforms or adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the ability to complete such research, provided we have obtained your informed consent.
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us and compatible with the context in which you provided the information.
or
- Comply with an existing legal obligation.
We will also deny your request to delete if it proves impossible or involves disproportionate effort, or if another exception applies under privacy laws.
We will provide you with a detailed explanation that includes enough facts to give you a meaningful understanding as to why we cannot comply with the request to delete your information.
Protection Against Discrimination
You have the right not to be discriminated against by us for exercising the rights granted to you under applicable law. If you exercise your rights, we cannot:
- Deny you services.
- Charge different prices or fees for services, including through discounts, benefits, or fines.
- Provide you with a different level or quality of services.
- Propose that you receive different prices or tariffs for services.
Please note that we may charge a different fee or provide a different level or quality of services if the difference is reasonably related to the value we gain from your personal information.
Exercising Your Rights
If you would like to exercise any of your rights as described in this Notice, please contact us through the channel indicated in the “Contact Us” section at the beginning of this Notice.
We may ask you for additional information to confirm your identity and for security purposes before disclosing the personal data requested to you, by using a two- or three-point data verification process, depending on the type of information you require.
Note that you may appoint an authorized agent to file requests to exercise your rights on your behalf. To this end, you must provide your authorized agent with written approval to do so. The authorized agent will have to present us with proof, attesting that you authorized them to act on your behalf. Furthermore, we will require verification of your identity, as explained above.
Our Response to Your Requests
We will respond to your requests within 45 days (or within 90 days, where the law permits, and we determine it necessary considering the complexity and number of the requests you have filed). If we take longer than 45 days, we will inform you of the extension within the initial forty-five-day response period, together with the reason for the extension.
We may deny your request in the following cases:
- If we believe in good faith, based on reasons documented in writing, that your request is fraudulent or constitutes an abuse of your rights under applicable law.
- If we conclude that the request is irrelevant, based on all the circumstances at issue (e.g., if you requested the correction of your personal information and we find that it is likely to be accurate).
- If it is contrary to federal or state law.
- Due to a discrepancy in the required documentation.
- If the fulfillment of your request proves impossible or involves disproportionate effort.
We will provide you with a detailed explanation, including sufficient facts, to enable you to meaningfully understand why we cannot fulfill your request.