top of page

Privacy Policy

Supernova-AI Privacy & Fair Processing Notice

Last updated: 01/01/2025

​

Who we are

SUPERNOVA-AI LIMITED (Seychelles IBC No. 245456) (“Supernova-AI”, “we”, “us”, “our”) supplies B2B business data and related services. Registered agent: AAA International Services Limited, House of Francis, Room 303, Ile du Port, Mahé, Seychelles.

  • Website: supernova-ai.com

  • All privacy/contact requests (DSARs, opt-out/suppression, billing & legal notices): support@supernova-ai.com

Controller/processor roles.

  • For our website, marketing, sales, billing, support, and supplier management, Supernova-AI acts as a data controller.

  • For licensed B2B datasets, we act as an independent data supplier. Our clients are data controllers for any outreach they conduct using our data (see Terms). We are not their processor for those outreach activities.

We primarily process business-context data (e.g., company, role, work email/phone) from publicly available and licensed sources. We do not knowingly collect children’s data and our services are not for individuals under 16.

What we collect

1) Business-context data (B2B)

  • Name, job title/role, employer, business addresses, business emails/phones, industry, public social/business profiles, technologies used, firmographics (size, revenue ranges), and similar.

  • Sources: official registers, government filings, company websites, public bios, news/press, tender portals, conference/speaker lists, open web, and licensed partners. We may also incorporate client-provided suppression lists to honour opt-outs.

2) You interacting with us

  • Details you submit (forms, emails, contracts, support requests, surveys).

  • Transaction/order records and delivery history for licensed data.

  • Communications records (including lawful call/meeting notes).

3) Website/technical

  • IP address, device/OS/browser, pages viewed, timestamps, referring URLs, approximate geolocation (city/region), and diagnostics (error logs).

  • Cookies and similar tech (see Cookies below).

We do not collect or create special category data (e.g., health, religion) or credit/consumer reports for eligibility decisions.

Why we use your data (purposes) and legal bases

A) Business-context B2B data

  • To build and maintain accurate B2B datasets and provide data licensing to clients (legitimate interests).

  • To help clients discover relevant businesses/contacts for lawful B2B outreach (legitimate interests).

  • To maintain suppression/opt-out lists and prevent unwanted contact (legal obligation/legitimate interests).

  • To protect our services, investigate abuse, and enforce licence terms (legitimate interests).

Legitimate interests test. We process business-context data in a way that’s proportionate, with low privacy impact, and include easy opt-out/suppression controls.

B) Our own operations

  • Contracting, customer service, invoicing (contract).

  • Marketing our services to prospective business users (legitimate interests / consent where required).

  • Security, fraud prevention, auditing, and compliance (legitimate interests / legal obligation).

C) Where consent applies

  • Certain email marketing where required, non-essential cookies/analytics, or where local law requires consent. You can withdraw consent at any time.

Cookies & similar technologies

We use session and persistent cookies to:

  • keep the site secure and working,

  • remember preferences,

  • measure usage (aggregated analytics), and

  • improve content and performance.

Non-essential cookies run only with your consent where required. You can change browser settings to block cookies; essential cookies may be needed for core functionality.

Disclosures (who we share with)

  • Vetted service providers (hosting, security, analytics, CRM, billing, email delivery, SFTP/file delivery) under contract and only as needed.

  • Clients who license our B2B datasets (subject to licence and legal compliance).

  • Professional advisors (legal, tax, audit), regulators/law enforcement where required, and potential acquirers in a corporate transaction (subject to confidentiality).

We do not sell consumer data. For US law: certain B2B disclosures may be considered “sale”/“sharing” under CPRA; see Your US state rights.

International transfers

We operate globally. Data may be stored/processed in the EU/EEA, UK, US, or other locations using appropriate safeguards (e.g., EU Standard Contractual Clauses, UK IDTA/Addendum, and additional security/transfer impact assessments). We use encryption in transit, access controls, and least-privilege practices.

Security

We apply technical and organisational measures appropriate to the risk, including: encryption in transit, network segmentation, access governance (MFA/least privilege), logging/monitoring, supplier reviews, and staff confidentiality undertakings. No system is 100% secure; we maintain incident response processes.

Retention

  • B2B datasets: retained while accurate, relevant, and useful for B2B purposes, with rolling verification; outdated records are pruned.

  • Contracts/billing: retained per legal/accounting requirements (typically 6–10 years).

  • Marketing & web logs: retained for proportionate periods to support analytics, security, and opt-out enforcement.

  • We maintain suppression lists indefinitely (minimal data) to honour future opt-outs unless you ask us to delete those entries and understand that could allow future re-addition from public sources.

Your choices: opt-out & suppression

  • To opt-out of B2B outreach or to have your business contact details suppressed from licensed outputs, email support@supernova-ai.com with subject “OPT-OUT” (include your name, role, company, and the business email/phone to suppress).

  • If you received an email via a client using our data, you can reply “unsubscribe” to that sender; we encourage clients to pass such signals to us so we can update suppression.

Your rights

UK/EU/EEA (GDPR)

You may have the right to access, rectify, erase (in some cases), restrict or object to processing (including direct marketing), and portability of the data you provided. Where we rely on legitimate interests, you may object and we will assess your request. Where we rely on consent, you may withdraw it at any time.

How to exercise: email support@supernova-ai.com.
We may ask for reasonable identity verification. You also have the right to complain to your local supervisory authority (e.g., ICO in the UK at ico.org.uk, or any EU data protection authority).

If we processed your business contact data from public sources, we may keep minimal information on a suppression list to ensure you are not re-added.

US state rights (e.g., California CPRA, Colorado, Virginia, etc.)

Subject to applicability, you may request:

  • to know/access categories/specific pieces of personal information collected;

  • to delete personal information (with lawful exceptions);

  • to correct inaccuracies;

  • to opt-out of sale or sharing for cross-context behavioral advertising;

  • to limit use/disclosure of sensitive personal information (we do not knowingly process SPI);

  • non-discrimination for exercising your rights.

Submit requests to support@supernova-ai.com with “US PRIVACY REQUEST” and your state of residence. For CPRA “sale/sharing,” our B2B data licensing may be deemed a “sale”/“sharing” — you can opt-out at any time via support@supernova-ai.com.

Legal bases summary (GDPR)

  • Contract – to provide services you purchase from us.

  • Legitimate interests – developing/licensing B2B data; securing our services; marketing to business users; enforcing terms; maintaining suppression.

  • Consent – where required for non-essential cookies/analytics or certain marketing.

  • Legal obligation – tax, accounting, compliance, and responding to lawful requests.

Special restrictions (prohibited uses)

Our data must not be used for consumer credit, employment, housing, insurance eligibility, health decisions, or other regulated purposes (e.g., FCRA/HIPAA or equivalents), nor to target minors or sensitive categories. See our Terms.

Where we store data

We use reputable infrastructure providers and secure systems in the EU/EEA, UK, US, and Seychelles (and other locations as needed with safeguards). Access is limited to authorised personnel and providers under contract.

Third-party links

Our site may link to third-party sites/services we don’t control. Their privacy policies govern their processing.

Changes to this notice

We’ll post updates here and adjust the “Last updated” date. Material changes may be communicated via email or website banners where appropriate.

​

Contact us

SUPERNOVA-AI LIMITED
c/o AAA International Services Limited
House of Francis, Room 303, Ile du Port, Mahé, Seychelles

bottom of page