Privacy Policy
This Privacy Policy describes how ninovio LLC ("we," "us," or "our"), operating at ninov.io, collects, uses, and shares information about you when you visit our website or use our services. By using this site you agree to the practices described here.
1. Information We Collect
We collect only the information necessary to operate our services:
- Contact form submissions: When you use our contact form we collect your name, email address, and the content of your message.
- Payment information: If you purchase a product or service, payment details (card number, billing address, etc.) are collected and processed directly by our payment processor, Stripe, Inc. We do not receive or store your full payment card data on our servers. Stripe is PCI-DSS Level 1 certified. See Stripe's Privacy Policy.
- Server logs: Our hosting provider (Cloudflare Pages) automatically records standard server log data including IP address, browser type, referring URL, and pages visited. This data is used for security and operations and is not linked to personal identifiers by us.
- Email correspondence: If you contact us by email, we retain those messages to respond to your inquiry and for record-keeping.
We do not use analytics platforms, advertising networks, or third-party tracking scripts. No first-party cookies are set by this site beyond those technically required by our hosting infrastructure.
2. How We Use Your Information
- Respond to your inquiries and provide requested services
- Process payments through Stripe
- Send service-related communications (receipts, support responses, order confirmations)
- Comply with applicable legal obligations
- Detect and prevent fraud or security incidents
- Improve the operation of our website
We do not use your information for automated profiling that produces legal or similarly significant effects.
3. How We Share Your Information
We do not sell, rent, or trade your personal information. We share information only as described below:
- Stripe, Inc.: Receives payment and billing information required to complete your transaction. Stripe's handling of that data is governed by their own privacy policy.
- Cloudflare, Inc.: Provides website hosting and content delivery. Cloudflare processes network traffic (including IP addresses) as part of its infrastructure. See Cloudflare's Privacy Policy.
- Legal requirements: We may disclose information when required by law, court order, or governmental authority, or to protect the rights, property, or safety of our business, customers, or others.
- Business transfer: If our business is acquired or merged, your information may transfer as part of that transaction. We will provide notice before your data becomes subject to a different privacy policy.
4. Cookies and Tracking Technologies
This website does not set first-party cookies for tracking or advertising. Cloudflare Pages may set technically necessary cookies for security (e.g., bot-challenge cookies). These do not identify you personally and are not used for marketing.
5. Data Retention
We retain personal information for as long as necessary to fulfill the purposes described in this policy, typically 7 years from the date of collection or your last interaction with us, unless a longer period is required by law (e.g., tax or accounting records). You may request earlier deletion — see Section 6 below.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete information.
- Deletion: Request deletion of your personal information, subject to legal retention requirements.
- Restriction: Request that we restrict processing of your information in certain circumstances.
- Portability: Receive your information in a structured, machine-readable format where technically feasible.
- Objection: Object to processing of your information based on our legitimate interests.
- Withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting prior lawful processing.
Residents of the European Economic Area (EEA), United Kingdom, and California have additional rights under GDPR, UK GDPR, and the CCPA respectively. We will respond to verified rights requests within 30 days.
To exercise any right, contact us at mike@ninov.io or via our contact page. We may need to verify your identity before processing your request.
7. Data Security
We implement technical and organizational measures to protect your information:
- HTTPS encryption for all data in transit, enforced via HSTS
- PCI-DSS Level 1 payment processing through Stripe — we never handle raw card data
- Security headers (CSP, X-Frame-Options, X-Content-Type-Options) on all pages
- Regular review of access controls and retention practices
No method of transmission or storage is 100% secure. In the event of a data breach affecting your rights or freedoms, we will notify you as required by applicable law.
8. Children's Privacy
Our services are not directed to children under 13. We do not knowingly collect personal information from children. If you believe we have done so inadvertently, please contact us immediately so we can delete it.
9. Third-Party Links
This site may contain links to third-party websites (e.g., Stripe). We are not responsible for the privacy practices of those sites and encourage you to review their policies.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will post the revised policy on this page with a new "Last updated" date. For material changes we will provide additional notice (such as an email to customers on record). Continued use of the site after changes constitutes acceptance of the revised policy.
11. Contact
ninovio LLC
9920 Wellington Road, Manassas, VA 20110
571-778-0122 | mike@ninov.io
We aim to respond to all privacy inquiries within 30 days.