Privacy Policy

The data controller responsible for your personal data is NOVA INNOVATIONS SOFTWARE DESIGN L.L.C S.O.C, registered in Dubai, United Arab Emirates. You can reach us for any data protection inquiries at zee@novakhan.com.

We collect the following categories of personal data:

• Account data — name, work email, phone number, company name, role, and password (hashed).
• Operational telemetry — device IDs, GPS coordinates, sensor readings, asset metadata, driver IDs and event timestamps emitted by hardware you connect to the platform.
• Usage data — pages visited, features used, IP address, browser, OS, device type, and approximate location derived from IP.
• Billing data — invoice details and limited payment metadata. Card numbers are processed only by our PCI-DSS Level 1 payment processors and never stored on TakeOvr servers.
• Support data — the contents of any communication you send us, including email, chat and contact forms.

We use personal data to:

• provide, operate, secure and improve the Service;
• authenticate you, enforce tenant isolation and prevent abuse;
• process telemetry to detect anomalies, fire alarms and generate analytics for the tenant that owns the assets;
• respond to inquiries, support tickets and contracts;
• comply with legal, tax, regulatory and audit obligations;
• send service emails (transactional) and, with consent, marketing communications.

Telemetry collected from connected devices belongs to the tenant that owns those devices. TakeOvr processes it on the tenant's behalf as a data processor.

We rely on the following GDPR legal bases:

• Contract — to deliver the Service to the customer that purchased it.
• Legitimate interests — to secure, debug, improve and protect the Service.
• Consent — for optional analytics, marketing emails and non-essential cookies.
• Legal obligation — to comply with tax, fraud-prevention and law-enforcement requirements.

We share personal data only with vetted subprocessors who support the Service. Current subprocessors include cloud infrastructure providers, transactional email providers, payment processors, error monitoring, product analytics and customer support tooling. A current list is available on request.

We do not sell personal data, and we do not use customer telemetry to train third-party AI models.

TakeOvr operates globally. Where personal data is transferred outside the EEA, UK or UAE, we rely on Standard Contractual Clauses, the UK Addendum, UAE adequacy decisions, or other recognised safeguards. Customers can request data residency in specific regions under enterprise contracts.

We retain personal data only as long as needed for the purposes described in this Policy:

• Account data — for the duration of the contract plus 12 months;
• Telemetry data — per the customer's configured retention policy (default 24 months);
• Billing data — 7 years where required by tax law;
• Support communications — 24 months from last contact.

Backups are rotated and deleted within 90 days after the primary record is removed.

Subject to applicable law, you have the right to:

• access the personal data we hold about you;
• request correction of inaccurate personal data;
• request erasure where there is no overriding legitimate ground;
• object to or restrict certain processing;
• data portability for data you provided directly;
• withdraw consent at any time;
• lodge a complaint with your supervisory authority.

To exercise these rights, email zee@novakhan.com. We respond within 30 days.

We implement administrative, technical and organisational measures appropriate to the risk, including TLS 1.2+ in transit, AES-256 at rest, RBAC, mandatory SSO/SAML for enterprise tenants, audit trails and a documented vulnerability disclosure program. See our Security & Compliance page for details.

We use a small set of essential cookies for authentication, language preferences and security. Optional analytics cookies fire only after consent. See our Cookie Policy for the full list and how to opt out.

The Service is a B2B platform not directed at children under 16. We do not knowingly collect personal data from children.

We may update this Policy from time to time. Material changes will be announced via email to account administrators and posted at the top of this page with a new effective date.

Questions about this Privacy Policy? Email zee@novakhan.com or use the contact form.