Privacy & Data Protection

With our tool, you can generate text in seconds, freeing up your time to focus on other important tasks that matter the most.

1  Introduction

This Privacy Policy describes how PGG WEB SRL – PGG AI Division (“Nova Rafale”, “we”, “us”, “our”) collects, uses, and safeguards your personal information when you use our web platform, desktop add‑ins, or APIs (collectively, the “Service”). By accessing or using the Service, you agree to the practices outlined below.

2  Who We Are

  • Company: PGG WEB SRL (CUI 49365085, J40/156/2024)
  • Headquarters: Str. Argentina 25, Sector 1, 011753 BucureÈ™ti
  • E‑mail: privacy@nova-rafale.com
  • Phone: +40 785 997 789

3  What Data We Collect

Depending on how you interact with us, we collect:

  • Account Data – name, email, password hash, preferred language.
  • Profile Data – avatar, role, organisation.
  • Billing Data – last 4 digits of card, country, VAT ID (processed by Stripe).
  • Content Data – prompts, uploaded files, AI‑generated outputs.
  • Usage Data – IP address, browser type, device identifiers, clicks, timestamps.
  • Support Data – tickets, chat transcripts, recordings.
  • Log Data – error reports containing IP, OS version, configuration, time, and statistics.

4  Legal Bases

  • Contract – to deliver and administer the Service.
  • Legitimate Interests – security, fraud prevention, R&D.
  • Consent – optional marketing emails and analytics cookies.
  • Legal Obligation – accounting, tax, anti‑money‑laundering rules.

5  How We Use Your Data

  1. Operate, maintain, and improve the platform and its features.
  2. Route prompts to third‑party AI providers to generate responses.
  3. Personalise your experience and communicate product updates.
  4. Provide customer support and resolve technical issues.
  5. Detect, prevent, and mitigate security threats or fraud.
  6. Comply with applicable laws and enforce our Terms of Service.

6  Third‑Party Services

  • Cloud hosting – Hetzner Online (EU)
  • Generative AI – OpenAI, Anthropic, Google AI, Stability AI
  • Payments – Stripe
  • Email delivery – Postmark
  • Analytics – self‑hosted Plausible (EU)

7  International Transfers

Production data is stored exclusively in the EU. Where limited transfers to non‑EEA partners are necessary, we rely on Standard Contractual Clauses and strong encryption.

8  Cookies

We use essential authentication cookies and anonymised first‑party analytics cookies. No advertising or retargeting cookies are set.

9  Data Security

TLS 1.3 encryption, AES‑256 at rest, role‑based access, regular penetration testing, and ISO/IEC 27001‑aligned policies safeguard your data.

10  Retention

Account data is retained while your subscription is active and for 24 months after inactivity. Generated content and logs are stored 30 days by default.

11  Your Rights

You may access, rectify, erase, restrict or object to processing, and request data portability. Contact us at the address above or lodge a complaint with ANSPDCP.

12 Children’s Privacy

The Service is not directed to children under 16 and we do not knowingly collect their data.

13 Changes

We may update this policy periodically. Material changes will be announced 30 days in advance.

14 Contact

For privacy questions, please email privacy@nova-rafale.com or write to our Bucharest office.

Still have a question? Browse documentation or submit a ticket.