Data Protection
Our commitment to protecting your data and ensuring compliance with global privacy regulations.
Overview
This Data Processing Addendum ("DPA") is entered into between Inceptica LLC, doing business as Nova, and the Customer. It forms part of any agreement, terms of service, or order under which Customer uses Nova's compliance automation and assessment platform and related services.
By using the Services, Customer agrees to this DPA. The document outlines our data processing practices, security measures, and commitments to protecting your Personal Data in compliance with GDPR, CCPA, and other applicable Data Protection Laws.
Document Information
Effective Date
Date Customer first uses the Services
Last Updated
November 2025
Format
50+ pages, 20 sections, 5 annexes
Key Highlights
01
Full compliance with EU GDPR, UK GDPR, Swiss DPA, and California CCPA/CPRA.
02
EU SCCs, UK Transfer Addendum, and Swiss modifications for international transfers.
03
AES-256 encryption, MFA, WAF, 24/7 monitoring, and SOC 2 Type II commitment.
04
Rapid incident response with notification within 24 hours of discovery.
05
Full disclosure of sub-processors with 30-day advance notice of changes.
06
Assistance with access, rectification, erasure, and portability requests.
What's Included
Main Sections (1–20)
Annexes (1–5)
Questions
Address
2389 Main St. STE 100, Glastonbury, CT 06033
Response Time
Within 48 hours · 24 hours for urgent matters
Download
Access all 20 sections and 5 detailed annexes — including security measures, sub-processors, and data subject rights procedures.