Back to home

Privacy Policy

Last updated: 15 April 2026 · Effective immediately

Novari Labs LLP ("Novari Labs", "we", "us", or "our") takes your privacy seriously. This Privacy Policy explains what personal data we collect through novarilabs.com, how we use it, the legal bases on which we rely, and the choices and rights you have in relation to your data.

1. Who we are

The data controller responsible for your personal data is Novari Labs LLP, a limited liability partnership registered in England and Wales, with its registered office at 27 Old Gloucester Street, London, WC1N 3AX, United Kingdom. You can contact us at any time at privacy@novarilabs.com.

2. Data we collect

2.1 Data you give us directly

When you contact us through the form on our website or by email, we collect the information you choose to share with us, which may include:

  • your name;
  • your email address;
  • your company or organization name (optional);
  • the subject of your enquiry and any message content you provide;
  • any other information you voluntarily include in your message.

2.2 Data we collect automatically

When you visit the site, our servers and infrastructure providers automatically collect technical information including:

  • your IP address (in a truncated form where technically feasible);
  • your browser type, operating system, device type, and screen size;
  • the pages you visit, the date and time of your visit, and the referring URL;
  • basic performance and error data (for example, page load times and JavaScript errors).

This data is used solely to operate, secure, and improve the site. We do not use it to build advertising profiles or to track you across other websites.

3. How we use your data

We use the personal data we collect for the following purposes:

  • To respond to you. If you contact us, we use your data to reply, to evaluate a potential engagement, and to manage our business relationship with you.
  • To operate the site. We use technical data to keep the site online, secure, fast, and accessible.
  • To improve the site. We analyze aggregated, non-identifying usage data to understand which content is useful and which needs work.
  • To comply with law. We may process data to meet legal, regulatory, or tax obligations.
  • To protect our rights. Where necessary, we may process data to prevent fraud, abuse, or security incidents, or to establish or defend legal claims.

We do not sell your personal data. We do not use your personal data for automated decision-making that produces legal or similarly significant effects.

4. Legal bases for processing

Where the UK GDPR or EU GDPR applies, we rely on the following legal bases to process your personal data:

  • Legitimate interests — to respond to enquiries, to run and secure our website, and to develop our business.
  • Consent — where you have given clear, affirmative consent (for example, where required by law before setting non-essential cookies).
  • Contract — where processing is necessary to take steps at your request prior to entering into a contract, or to perform a contract you have with us.
  • Legal obligation — where we are required by law to process your data.

5. Cookies and similar tracking

Our website is designed to be privacy-light. We do not use third-party advertising cookies, cross-site trackers, social media pixels, or session-replay tools. We may use a small number of strictly necessary cookies or local-storage items to remember preferences (for example, whether you have dismissed a notice).

If, in the future, we introduce optional analytics or other non-essential cookies, we will first ask for your consent through a clear cookie banner and provide a way to opt out at any time.

6. Sharing of data

We share personal data only where it is necessary for the purposes described in this policy and subject to appropriate safeguards. Recipients may include:

  • Service providers acting on our behalf under written data-processing agreements, including hosting providers, email providers, and customer-communication tools.
  • Professional advisors such as lawyers, accountants, and auditors, under duties of confidentiality, where reasonably required.
  • Authorities where we are required to disclose information to comply with a legal obligation, a lawful request from a regulator, or an order of a competent court.

We do not sell, rent, or trade your personal data, and we do not share it with third parties for their own marketing.

7. International transfers

Your personal data is primarily stored and processed in the United Kingdom and the European Economic Area. Where we use service providers located in other jurisdictions, we put appropriate safeguards in place, such as the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or the EU Standard Contractual Clauses, to ensure your data receives an adequate level of protection.

8. Data retention

We keep personal data only for as long as is necessary for the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. As a rule:

  • enquiry correspondence is kept for up to 24 months from the last interaction, unless we enter into a commercial engagement with you;
  • engagement records are kept for the duration of our relationship and for up to 7 years thereafter, to comply with applicable legal and tax obligations;
  • server access logs and technical data are kept for up to 90 days, after which they are deleted or fully anonymized.

9. Security

We use reasonable technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit (TLS), access controls on our internal systems, and periodic reviews of our security practices. No method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

10. Your rights

Subject to applicable law, you have the following rights in relation to your personal data:

  • Access — you can ask for a copy of the personal data we hold about you.
  • Rectification — you can ask us to correct inaccurate or incomplete data.
  • Erasure — you can ask us to delete your data, subject to certain legal exceptions.
  • Restriction — you can ask us to restrict processing in certain circumstances.
  • Objection — you can object to processing based on our legitimate interests.
  • Portability — where applicable, you can ask to receive your data in a structured, machine-readable format.
  • Withdraw consent — where processing is based on consent, you can withdraw it at any time, without affecting the lawfulness of prior processing.
  • Complain — you can lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk, or with your local data-protection authority.

To exercise any of these rights, email us at privacy@novarilabs.com. We will respond within one month, or sooner where feasible.

11. Children

Our website is not directed at children under the age of 16, and we do not knowingly collect personal data from children. If you believe that a child has provided us with personal data, please contact us and we will take appropriate steps to delete it.

12. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, provide additional notice on the site or by other reasonable means.

13. Contact

If you have any questions about this Privacy Policy or about how we handle your personal data, please contact us at privacy@novarilabs.com or by post at:

Novari Labs LLP
27 Old Gloucester Street
London, WC1N 3AX
United Kingdom