Privacy Policy

Novos Ventures

Effective Date: 04 May 2026

Introduction

Welcome to Novos Ventures. We are committed to protecting and respecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Irish Data Protection Act 2018.

Novos Ventures is owned by Truway Synergy, a company registered in Ireland, with its principal office at 67 Adamstown Way, Lucan, Dublin, K78H 8A6. As our principal place of business is in Ireland, Irish law governs this Privacy Policy and any disputes arising from it.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website or use our services. Please read it carefully. By using our services, you acknowledge that you have read and understood this policy.

1. Data Controller

Novos Ventures (owned by Truway Synergy) is the Data Controller responsible for your personal data within the meaning of the GDPR. If you have any questions about this policy or wish to exercise any of your rights, please contact us:

• Company name: Novos Ventures (owned by Truway Synergy, registered in Ireland)
• Principal office: 67 Adamstown Way, Lucan, Dublin, K78H 8A6, Ireland
• Website: novosventures.com
• Email: legal@novosventures.com

We are registered with the Data Protection Commission (DPC) of Ireland as required under the GDPR and the Irish Data Protection Act 2018. You can verify our registration on the DPC’s register at dataprotection.ie.

2. Information We Collect

We may collect and process the following categories of personal data:

2.1 Information You Provide Directly

• Personal Identification Information: your name, postal address, email address, telephone number, and other contact details.
• Financial Information: bank account details, payment card information, and billing details.
• Business Information: information about your business operations, financial circumstances, and other relevant business data you share with us.

2.2 Information Collected Automatically

• Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system, platform, and other technology identifiers from the devices you use to access our website.
• Usage Data: information about how you navigate and use our website, products, and services.

2.3 Marketing and Communications Preferences

• Your preferences for receiving marketing communications from us and your communication preferences.

3. Lawful Basis for Processing

Under the GDPR, we must have a lawful basis before processing your personal data. Depending on the purpose, we rely on one or more of the following:

• Performance of a contract (Article 6(1)(b)): processing is necessary to deliver the services you have engaged us to provide, or to take steps at your request before entering into a contract.
• Legal obligation (Article 6(1)(c)): processing is necessary to comply with our legal and regulatory obligations under Irish and EU law, including tax, accounting, and anti-money laundering requirements.
• Legitimate interests (Article 6(1)(f)): processing is necessary for our legitimate business interests, such as improving our services, preventing fraud, and maintaining the security of our systems, provided those interests are not overridden by your rights and interests.
• Consent (Article 6(1)(a)): where we rely on your consent — for example for direct marketing emails — you may withdraw your consent at any time by contacting us at legal@novosventures.com.

4. How We Use Your Information

We use the personal data we collect for the following purposes:

• To provide and manage our services: to deliver the services you have requested, manage your account, process transactions, and provide customer support.
• To communicate with you: to send service-related correspondence, updates, and — where you have given consent or we have a legitimate interest — promotional materials.
• To improve our services: to analyse usage trends, troubleshoot issues, and develop and improve our website, services, and client experience.
• To comply with legal obligations: to fulfil our legal, regulatory, and contractual obligations, including financial reporting, anti-money laundering checks, and responding to lawful requests from authorities.
• To prevent fraud and ensure security: to protect our business and clients from fraudulent activity and to maintain the integrity of our systems.

5. Sharing Your Information

We do not sell your personal data. We may share your information only in the following circumstances:

• Service providers and processors: we share data with trusted third-party service providers who perform services on our behalf, such as payment processing, IT hosting, and email delivery. These parties act as data processors and are contractually bound to handle your data securely and only for the purposes we specify.
• Professional advisers and partners: our accountants, legal advisers, and business partners, where necessary, to deliver our services or meet our obligations.
• Regulatory and legal authorities: where we are required by Irish or EU law, court order, or governmental regulation to disclose information, or where disclosure is necessary to protect our legal rights.
• Business transfers: in the event of a merger, acquisition, or sale of all or part of our business assets, your data may be transferred as part of that transaction. We will notify you in advance where reasonably possible.

6. International Data Transfers

As a company based in Ireland, we operate within the European Economic Area (EEA). Where we transfer your personal data to countries outside the EEA, we ensure that appropriate safeguards are in place in accordance with GDPR requirements. This may include:

• Transfers to countries that the European Commission has recognised as providing an adequate level of data protection (adequacy decisions).
• The use of Standard Contractual Clauses (SCCs) approved by the European Commission.
• Other appropriate safeguards as permitted under Article 46 of the GDPR.

You may request details of the safeguards in place for any specific transfer by contacting us at legal@novosventures.com.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure, in accordance with Article 32 of the GDPR. These measures include encryption, access controls, and regular security reviews.

Please be aware that no method of electronic transmission or storage is completely secure. Whilst we take all reasonable steps to protect your data, we cannot guarantee absolute security. If you suspect any unauthorised access to or misuse of your data, please contact us immediately at legal@novosventures.com.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Data Protection Commission (DPC) within 72 hours of becoming aware of the breach, and will inform you directly where required.

8. Data Retention

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or regulatory requirements under Irish and EU law. Criteria we use to determine retention periods include:

• The nature of the data and the purposes for which it is processed.
• Legal and regulatory requirements (for example, Irish Revenue requires that financial records are kept for a minimum of six years).
• Whether there is an ongoing contractual relationship with you.

When your data is no longer required, we will securely delete or anonymise it in accordance with our data retention procedures.

9. Your Data Protection Rights

Under the GDPR and the Irish Data Protection Act 2018, you have the following rights in relation to your personal data. You may exercise any of these rights by contacting us at legal@novosventures.com. We will respond to your request within one calendar month as required by Article 12 of the GDPR.

• Right of access (Article 15): you have the right to request a copy of the personal data we hold about you and information about how we process it (a Data Subject Access Request).
• Right to rectification (Article 16): you have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
• Right to erasure — ‘right to be forgotten’ (Article 17): you have the right to request deletion of your personal data in certain circumstances, for example where it is no longer necessary for the purpose for which it was collected.
• Right to restrict processing (Article 18): you have the right to request that we limit how we use your personal data in certain circumstances.
• Right to data portability (Article 20): where processing is based on consent or the performance of a contract and is carried out by automated means, you have the right to receive your data in a structured, commonly used, machine-readable format.
• Right to object (Article 21): you have the right to object to processing based on legitimate interests, including for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds.
• Rights in relation to automated decision-making (Article 22): you have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal or similarly significant effects, unless you have given explicit consent or it is necessary for a contract.

You will not normally be charged a fee for exercising your rights. We reserve the right to charge a reasonable administrative fee or decline requests that are manifestly unfounded or excessive, as permitted under Article 12(5) of the GDPR.

10. Right to Lodge a Complaint

If you are concerned about how we handle your personal data, or if you believe we have not complied with your data protection rights, you have the right to lodge a complaint with the Data Protection Commission (DPC), the supervisory authority for data protection in Ireland:

• Data Protection Commission (DPC)
• Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
• Website: dataprotection.ie
• Phone: +353 (0)1 765 0100
• Email: info@dataprotection.ie

We would, however, appreciate the opportunity to address your concerns before you contact the DPC, so please reach out to us in the first instance at legal@novosventures.com.

11. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies in accordance with the EU ePrivacy Directive and applicable Irish law. We use the following types of cookies:

• Strictly necessary cookies: essential for the website to function and cannot be disabled.
• Analytics cookies: help us understand how visitors interact with our website so we can improve it. These are only set with your consent.
• Marketing cookies: used to deliver relevant advertising. These are only set with your consent.

You can manage or withdraw your consent for non-essential cookies at any time through your browser settings or our cookie preference centre. Please note that disabling certain cookies may affect the functionality of some parts of our website.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in Irish or EU law, our data practices, or our services. The effective date at the top of this document indicates when it was last revised. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by direct communication.

We encourage you to review this policy periodically to stay informed about how we protect your information.

13. Governing Law and Jurisdiction

This Privacy Policy and any disputes arising from or in connection with it shall be governed by and construed in accordance with the laws of Ireland. The courts of Ireland shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this policy.

Where applicable, EU data protection law — including the GDPR — applies to the processing of personal data carried out by Novos Ventures.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please contact us:

• Novos Ventures (owned by Truway Synergy)
• Principal office: 67 Adamstown Way, Lucan, Dublin, K78H 8A6, Ireland
• Website: novosventures.com
• Email: legal@novosventures.com

Thank you for trusting Novos Ventures with your personal and business information.

This policy was last updated: 04 May 2026