Venova

Privacy Policy

Last updated: March 21, 2026

1. Introduction

Venova ("Company", "we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Venova platform and services (the "Service"). Please read this policy carefully.

2. Information We Collect

We collect the following types of information:

  • Account Information: Name, email address, and password when you create an account.
  • Project Data: Business plans, financial plans, flow diagrams, tech stack configurations, and other content you create within the Service.
  • Usage Data: Information about how you use the Service, including pages visited, features used, and AI interactions.
  • Device Information: Browser type, operating system, IP address, and device identifiers.
  • Payment Information: Billing details are processed by Paddle (our payment processor) and we do not store your full payment card details.

3. How We Use Your Information

  • To provide, maintain, and improve the Service.
  • To process AI-powered features such as business plan generation, flow suggestions, and task management.
  • To manage your account and provide customer support.
  • To process payments and subscriptions through Paddle.
  • To send important service notifications and updates.
  • To analyze usage patterns and improve user experience.
  • To detect, prevent, and address technical issues and security threats.

4. Data Sharing

We do not sell your personal data. We may share your information with: (a) Service providers who assist us in operating the Service; (b) Paddle, our payment processor, for billing purposes; (c) AI service providers (such as OpenAI, Anthropic, or Groq) to process your AI-related requests — only the minimal necessary data is sent; (d) Law enforcement when required by law or to protect our rights.

5. Third-Party Services

The Service integrates with the following third-party services:

  • Paddle: Payment processing and subscription management. Paddle acts as the Merchant of Record. See Paddle's Privacy Policy.
  • AI Providers (OpenAI, Anthropic, Groq): We send project-related data to AI providers to generate suggestions, plans, and content. This data is sent in accordance with the respective provider's data processing terms.
  • Jira (Optional): If you choose to integrate with Jira, we access your Jira data through your provided API credentials.

6. Cookies

We use essential cookies to maintain your session and authentication state. We may use analytics cookies to understand how the Service is used. You can control cookie settings through your browser. Disabling essential cookies may prevent you from using certain features of the Service.

7. Data Retention

We retain your account data for as long as your account is active. Project data is retained as long as the associated project exists. Upon account deletion, we will delete your personal data within 30 days, except where retention is required by law. AI usage logs are retained for up to 90 days for billing and analytics purposes.

8. Your Rights (GDPR/CCPA)

Depending on your location, you may have the following rights:

  • Right of Access: Request a copy of your personal data.
  • Right to Rectification: Correct inaccurate personal data.
  • Right to Erasure: Request deletion of your personal data.
  • Right to Data Portability: Receive your data in a structured, machine-readable format.
  • Right to Object: Object to processing of your personal data for certain purposes.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise these rights, contact us at privacy@venova.cloud.

9. Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS/SSL), secure password hashing, token-based authentication, and regular security assessments. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately and we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or a prominent notice on the Service at least 30 days before changes take effect. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

12. Contact Information

If you have any questions about this Privacy Policy, please contact us at privacy@venova.cloud.