Privacy Policy

This privacy policy (the "Policy") for IPNovo, Inc."(together with our affiliates, "Company," "we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you use our services ("Services"), such as when you:

• Visit our website at"https://www.ipnovo.ai/ or any other website of ours ("Website"), or any mobile application of ours ("App", together with the "Website", "Platform"), that links to this Policy; and

• Engage with us in other related ways, including any sales, marketing, or events.

Personal Information That You Disclose to Us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Data (as provided):

• Names (first and last)
• Contact details (email address, phone number, address)
• Professional information (company)
• Service access credentials (username)
• Other data as you provided to us from time to time

Communication Data:

• Contact details communicated through interactions with us, including online chats.

Payment Data:

• Financial information necessary for transactions handled securely by Stripe, with privacy details at https://stripe.com/privacy

User-Generated Data: Content and metadata provided by users through our Services, including Customer Inputs and Outputs (as defined in our Terms of Service). Customer Inputs and Outputs may include personal information, such as the names or contact details of inventors or employees contained in invention disclosures, supporting documents, or generated drafts. To the extent such Inputs or Outputs contain personal information, we treat that information in accordance with this Policy. We do not claim any ownership of your Customer Inputs and Outputs; they remain your property. We will only process Customer Inputs and Outputs to provide, maintain, or improve the Services as described in this Policy and our Terms of Service, and we will not use or disclose them for any other purpose without your consent.

Automatic Data Collection:

• Internet Protocol (IP) address and device information.
• Browser and device characteristics, operating system, and language preferences.
• Usage data, including service interaction details and device specifics.
• Location data derived from IP address

We do not intentionally collect or process sensitive personal information as defined by applicable law, including but not limited to information revealing racial or ethnic origin, religious beliefs, mental or physical health, sexual orientation, citizenship or immigration status, genetic or biometric information, precise geolocation, or personal data from children. If we need to collect or process sensitive personal information in the future, we will obtain your explicit, affirmative consent (or, for a known child, the consent of a parent or legal guardian) before doing so. We will process such information only for the purposes disclosed at the time of collection and in accordance with applicable law.

In Short: We process your personal information to provide, improve and administer our Services, communicate with you, and fulfill any other purpose you provide it for, while also ensuring compliance with legal obligations and safeguarding our legitimate business interests.

We process information that we collect about you or that you provide to us, including any personal information:

1. (i) To present our Platform and its contents to you;

1. (ii) To provide, maintain, deliver and update the Services;

1. (iii) To create and maintain your account with our Service;

1. (iv) To communicate with you about the Service;

1. (v) To develop new tools, products or services based on your feedback, using aggregated or deidentified information when reasonably possible;

1. (vi) To carry out identity verification and authentication services;

1. (vii) To fulfill any other purpose for which you provide it;

1. (viii) To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;

1. (ix) To comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.

1. (x) To notify you about changes to our Services, Platform, or terms and conditions of our Services, including this Policy; and

1. (xi) For other purposes disclosed to you and with your consent where required by law.

No Use of Data for Model Optimization

We do not use your personal information for training or fine-tuning AI models, and we do not permit our third-party providers to do so.

In Short: We may share information in specific situations described in this section and/or with the following third parties.

We may disclose personal information that we collect or you provide as described in this Policy:

1. (i) To our subsidiaries and affiliates;
2. (ii) To third-party service providers (in the U.S. or other countries) engaged to support the Services and Platform. These may include hosting and cloud infrastructure providers, security and payment processors;

1. (iii) To fulfill the purpose for which you provide it;

1. (iv) To a buyer or other successor during a change of control event;

1. (v) For any other purpose disclosed by us when you provide the information; or

1. (vi) With your consent.

We do not sell your personal information or share it with third parties for cross?context behavioral advertising or targeted advertising, and we do not permit our service providers to do so. If our practices change, we will update this Policy and provide you with appropriate notice and the ability to opt out. You may request a list of third parties to whom we have disclosed your personal information, as described in the "Your Privacy Rights" section below.

We may also disclose your personal information:

(a) To comply with any court order, law, or legal process, including to respond to any government or regulatory request;

(b) To enforce or apply our terms of services at https://www.ipnovo.ai/terms and other agreements, including for billing and collection purposes.

(c) If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

In Short: We keep your personal information for as long as necessary to fulfill the purposes outlined in this Policy unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Policy, unless otherwise required by laws. No purpose in this policy will require us keeping your personal information for longer than the period of time in which users have an account with us. However, we may retain certain limited information after account closure to prevent fraud, resolve disputes, enforce our agreements, or comply with legal obligations (such as tax or accounting requirements). Once these purposes end, we will delete or anonymize the retained information. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible, securely store your personal information and isolate it from any further processing until deletion is possible.

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

Data Encryption

We have implemented appropriate and reasonable technical and organizational security measures to protect your personal information. Our Services are hosted on Amazon Web Services (AWS) and use AWS-managed databases. Personal information is encrypted at rest using AES-256 (Advanced Encryption Standard, 256-bit keys) and in transit using TLS 1.2 or higher. Each customer"s data resides in a dedicated, isolated environment, with no cross-customer data sharing. We periodically review and update our security controls, including access controls, multifactor authentication, encryption, intrusion detection, and regular audits. We are undergoing the process to obtain SOC 2 Type II and ISO 27001 certifications. During this period, we continue to align our security controls with these standards. In the event of a data breach or security incident, we will notify affected users and relevant authorities as required by law.

However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, the transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

In Short: While your rights with respect to your personal information may vary depending on your location, we provide certain rights to all users.

The following are the rights and choices available to all users:

• Access: You may request to see the personal information we hold about you and understand how it"s being processed by logging in to your account settings and updating your user account or contact us using the contact information provided.
• Deletion: You have the right to ask us to erase your personal information from our records.
• Rectification: If your personal information is inaccurate or incomplete, you can have it corrected or completed.
• Restriction: You may limit the ways we use your personal information.
• Withdrawal of Consent: You can retract any consent given for processing your personal information at any time.
• Objection: You may challenge the processing of your personal information by us.
• Data Portability: You may request to receive your personal information in a structured, commonly used and machinereadable format and to have it transmitted to another entity, where technically feasible.
• Optout of Sale or Sharing: If we ever sell your personal information or share it for targeted advertising, you have the right to opt out of such processing.
• Limit Use of Sensitive Information: Where permitted by law, you may instruct us to limit our use and disclosure of your sensitive personal information.
• Optout of Targeted Advertising or Profiling: You may opt out of the processing of your personal information for targeted advertising or certain automated decisionmaking that produces legal or similarly significant effects.
• Request ThirdParty Disclosure List: You may request a list of specific third parties or categories of third parties to whom we have disclosed your personal data, subject to applicable laws.
• Termination Account: We will deactivate or delete your account and information from our active databases upon your request. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms, and comply with applicable legal requirements. Once these purposes are satisfied, we will delete or anonymize the retained information.
• Lodging Complaints: You can file a complaint with your local data protection authority regarding our handling of your personal information[MS11].

Please note that, notwithstanding anything to the contrary above, we do not currently intend to sell or share personal information or process sensitive personal information for purposes that would require an opt-out or limitation right.

We respond to all privacy-related requests in accordance with applicable law. Certain individualized privacy or data-handling requests may not be technically feasible or may require significant infrastructure changes. In such cases, we will assess the request in good faith and notify you if we are unable to implement it. If a requested restriction would prevent us from providing essential aspects of the Services, we may not be able to continue providing the Services to you, to the extent permitted by applicable law.

For your specific rights under the applicable laws, please refer to Section VIII "WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?"

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. We also do not engage in targeted advertising to minors. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent"s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data that we may have collected from children under age 18, please contact us at support@ipnovo.ai.

In Short: We acknowledge the global reach of our user base and are committed to protecting the personal data of all our users, adhering to applicable data protection laws worldwide.

If you are a California resident, please see how we protect data of California users https://www.ipnovo.ai/california-users . If you are located in other states of the United States, please see how we protect data of US users outside California https://www.ipnovo.ai/us-users . If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process your personal information on the following legal bases: (i) performance of a contract with you (for example, to deliver the Services); (ii) our legitimate interests (for example, to improve our Services, to prevent fraud and abuse, or to secure our systems), provided these interests do not override your fundamental rights and freedoms; (iii) compliance with our legal obligations (for example, for tax and accounting purposes); and (iv) your consent where required (for example, for direct marketing or processing of sensitive personal data). We may transfer personal information to countries other than the country in which you reside; when we do so, we rely on appropriate transfer mechanisms such as standard contractual clauses approved by the European Commission or the UK Information Commissioner"s Office.

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Policy.

In Short: Yes, we will update this Policy as necessary to stay compliant with relevant laws.

We may update this Policy from time to time. The updated version will be indicated by an updated Revised date and the updated version will be effective as soon as it is accessible. If we make material changes to this Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Policy frequently to be informed of how we are protecting your information.

If you have questions or comments about this Policy, you may email us at support@ipnovo.ai.

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please contact us at support@ipnovo.ai to request access, update, or deletion of your personal information.