Learn how Nova protects customer data, secures integrations, enables AI-powered compliance automation, and supports modern security, privacy, and governance programs.
Security Overview
The principles that guide how Nova protects your data and your compliance program.
Data is protected using industry-standard encryption for data in transit and at rest.
Role-based access controls help ensure users only access the information necessary for their responsibilities.
Security-relevant actions are tracked and recorded to support visibility, accountability, and compliance.
Ongoing monitoring helps organizations maintain visibility into compliance posture and security controls.
Compliance & Regulatory Coverage
Nova helps organizations automate and operationalize compliance across leading security, privacy, and AI governance requirements.
Nova provides tooling to help you prepare for and operationalize these frameworks. Certifications and attestations are issued by independent third-party auditors and certification bodies.
AI Transparency & Governance
How Nova applies AI to your compliance program — transparently, with you in control.
Nova applies AI to accelerate the work of your compliance team across the program lifecycle:
Your data remains customer-owned and under your control at all times. Nova processes it solely to deliver the service you have configured.
We are committed to protecting customer information and maintaining transparency around how AI-assisted workflows operate and what they produce.
Customers retain full review and decision-making authority over AI-generated outputs and recommendations — AI assists, people decide.
Nova is committed to secure, explainable, and accountable AI practices throughout the platform.
Nova helps organizations prepare for evolving AI governance and privacy requirements as the regulatory landscape matures.
Integrations Security
Nova connects to external systems using secure authentication, secure credential handling, and only the minimum permissions required.
Credentials are handled securely and integrations request only the minimal permissions required to function.
Data Handling & Privacy
How Nova protects compliance information across its full lifecycle.
Customer data is safeguarded throughout its lifecycle using layered controls and encryption.
Compliance-related information is stored using secure storage practices designed to protect confidentiality and integrity.
Retention follows configurable, policy-driven practices aligned to your compliance and business requirements.
Systems are designed to support data resiliency, with backup and recovery practices that promote continuity.
Customer-requested deletion processes and data lifecycle management help you stay in control of your information.
Security Architecture
Data flows through encrypted, access-controlled layers — from your systems to defensible, audit-ready evidence.
Connects external systems through encrypted channels and securely managed credentials with least-privilege scopes.
The orchestration core — role-based access, audit logging, and tenant isolation govern every action.
Analyzes evidence, maps controls, and surfaces gaps with explainable, human-reviewable recommendations.
A traceable, tamper-evident store linking evidence to controls and frameworks for defensible audits.
Continuous monitoring, dashboards, and workflow automation keep your compliance posture current.
Responsible Disclosure
If you believe you have identified a potential security vulnerability, please contact our security team. We appreciate responsible disclosure and work to investigate and address reports appropriately.
security@teamnova.aiPolicies & Documentation
Frequently Asked Questions
Nova protects data with industry-standard encryption in transit and at rest, role-based access controls, audit logging, and continuous monitoring. Access follows least-privilege principles and security-relevant actions are recorded for accountability.
Customer data remains customer-owned and under your control. Nova uses AI to assist with compliance workflows for your organization, and customers retain review and decision-making authority over AI-generated outputs.
Nova securely connects with Google Workspace and GitHub today, with additional integrations on the roadmap. Integrations use secure authentication, minimal required permissions, and secure credential handling.
Nova automates evidence collection, control mapping, gap identification, and remediation tracking across leading security, privacy, and AI governance frameworks — helping you operationalize compliance and prepare for independent audits.
Use the "Request Documentation" button above or email security@teamnova.ai. Our security team will follow up with the appropriate materials for your review.
If you believe you have identified a potential security vulnerability, please contact security@teamnova.ai. We appreciate responsible disclosure and work to investigate and address reports appropriately.
Our team is happy to walk you through Nova's security architecture, data handling, and AI governance practices.