Privacy Policy

This Privacy Policy explains how GeNovaLabs collects, uses, and protects information
in connection with the GeNova platform and related services.

Data Collected

The platform may process information such as account data, usage data related to AI
requests, device metadata, and voluntarily submitted content. Sensitive personal data
is not intentionally collected.

Purpose of Data Usage

Data may be used to deliver platform functionality, improve AI performance, enhance
security, prevent fraud, enable analytics, and comply with legal and regulatory
requirements.

Data Protection & Security

GeNovaLabs applies encryption, secure storage solutions, access controls, and threat
mitigation practices. While robust security measures are implemented, no digital
system can be guaranteed to be entirely risk-free.

Third-Party Services

Certain features rely on third-party service providers. These entities operate under
their own privacy and security policies. Users are encouraged to review external
policies when interacting with third-party components.

User Rights

Depending on applicable jurisdiction, users may request access to their data,
correction of inaccuracies, deletion, restriction of processing, or data export.
Requests may be submitted to GeNovaLabs where legally applicable.

Data Retention

Information is retained only for as long as necessary to fulfill operational, legal,
or security purposes. Data may be deleted or anonymized when it is no longer required.

User Responsibility

Users should avoid submitting unnecessary personal data and are responsible for
maintaining the security of their devices, accounts, and communication channels.

Policy Updates

This Privacy Policy may be updated as technology, regulations, or platform operations
evolve. Continued use of the platform signifies acceptance of the updated policy.

GDPR Compliance

GeNovaLabs aligns its data processing practices with GDPR principles where applicable.
Users within the European Union have the right to access, rectify, erase, restrict
processing, object to processing, and request data portability.

Requests related to GDPR rights will be handled in accordance with applicable
regulations. A detailed Data Protection Notice is maintained separately.