Privacy Policy

This Privacy Policy explains how NOVUS DIGITAL VENTURES LTD ("we," "our," or "us") collects, uses, discloses, and safeguards your personal information when you visit our website and use our services. We are registered in England and Wales under company number 16967760.

We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2026, and other applicable UK data protection laws.

Please read this Privacy Policy carefully. By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our Service.

Brand Name: SocialBoostArt is a brand of Novus Digital Ventures LTD

Company Name (Legal): NOVUS DIGITAL VENTURES LTD

Company Number: 16967760

Registered Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom

Jurisdiction: England and Wales

Data Controller: NOVUS DIGITAL VENTURES LTD

Email: [email protected]

3.1 Personal Information

We collect information that you provide directly to us, including:

• Contact Information: Name, email address, phone number (when provided)
• Account Information: Social media usernames or profile URLs for service delivery
• Payment Information: Billing address, payment method details (processed securely through third-party payment processors - we do not store full card details)
• Order Information: Purchase history, order details, and transaction records
• Communication Data: Correspondence with our support team, feedback, and survey responses

3.2 Automatically Collected Information

When you visit our website, we automatically collect certain information about your device, including:

• IP address and approximate location data (city/country level)
• Browser type and version
• Operating system
• Pages visited and time spent on pages
• Referring website addresses
• Device identifiers and usage data
• Cookies and similar tracking technologies

3.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to track activity on our website and hold certain information. Cookies are files with a small amount of data that may include an anonymous unique identifier.

Types of Cookies We Use:

• Essential Cookies: Required for the website to function properly
• Analytics Cookies: Help us understand how visitors interact with our website
• Functionality Cookies: Remember your preferences and settings
• Marketing Cookies: Used to track visitors across websites for marketing purposes (with your consent)

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept essential cookies, you may not be able to use some portions of our Service.

Under UK GDPR, we must have a legal basis for processing your personal data. We process your data on the following bases:

• Contract: To perform our contract with you (processing orders and delivering services)
• Legal Obligation: To comply with legal requirements (e.g., tax, accounting, fraud prevention)
• Legitimate Interests: To improve our services, prevent fraud, and ensure security
• Consent: For marketing communications (you can withdraw consent at any time)

We use the information we collect for various purposes, including:

• To provide, maintain, and improve our services
• To process your orders and deliver services
• To communicate with you about your orders, account, and our services
• To send you marketing communications (only with your explicit consent)
• To respond to your comments, questions, and requests
• To monitor and analyze trends, usage, and activities
• To detect, prevent, and address technical issues and fraud
• To comply with legal obligations and enforce our Terms of Service
• To personalize your experience and provide relevant content
• To ensure the security and integrity of our services

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

• Service Providers: We may share information with third-party service providers who perform services on our behalf, such as payment processing (Stripe, PayPal), data analysis, email delivery, and hosting services. All service providers are contractually bound to maintain confidentiality and security.
• Legal Requirements: We may disclose information if required by law, regulation, or in response to valid requests by public authorities (e.g., UK courts, HMRC, ICO)
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity
• Protection of Rights: We may disclose information to protect our rights, privacy, safety, or property, or that of our users or others

All third-party service providers are required to maintain the confidentiality of your information and are prohibited from using it for any purpose other than providing services to us. We only share data with processors who provide adequate safeguards for data protection.

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Retention Periods:

• Order Data: 7 years (for tax and accounting purposes as required by UK law)
• Account Data: Until account deletion or 3 years of inactivity
• Marketing Data: Until you withdraw consent or opt-out
• Support Communications: 2 years after last contact

After the retention period, we will securely delete or anonymize your personal data.

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• SSL/TLS encryption for data transmission
• Secure payment processing through PCI-compliant providers
• Regular security assessments and updates
• Access controls and authentication procedures
• Regular backups and disaster recovery procedures
• Staff training on data protection
• Encryption of sensitive data at rest

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. In the event of a data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) within 72 hours and inform affected individuals without undue delay.

Under UK GDPR and the Data Protection Act 2018, you have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you (Subject Access Request)
• Right to Rectification: Request correction of inaccurate or incomplete information
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request that we limit how we use your data
• Right to Data Portability: Request transfer of your data to another service provider in a structured format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Rights Related to Automated Decision-Making: Not to be subject to decisions based solely on automated processing
• Right to Withdraw Consent: Withdraw consent for marketing communications at any time

To exercise these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within one month (this may be extended by two months for complex requests).

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

• ICO Website: ico.org.uk
• ICO Helpline: 0303 123 1113

Your personal data may be transferred to and processed in countries outside the UK and European Economic Area (EEA). When we transfer data outside the UK/EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the UK/EU
• Adequacy decisions by the UK government
• Other approved transfer mechanisms

By using our Service, you consent to the transfer of your information to countries outside the UK/EEA where our service providers are located, subject to appropriate safeguards.

Our Service is not intended for children under the age of 13 (UK age of digital consent). We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we become aware that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to remove that information from our servers.

For users aged 13-16, we may require parental consent for certain processing activities in accordance with UK GDPR.

We may update our Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending an email notification (for significant changes)
• Displaying a notice on our website

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about our data practices, please contact us: