Our commitment
At Novara, protecting your privacy is as important as protecting your money. We are committed to collecting only the data strictly necessary to provide our banking services, in compliance with the General Data Protection Regulation (GDPR) and equivalent UK law (UK GDPR).
We never sell your data to third parties. Ever.
Data collected
- Identity data: name, surname, date of birth, nationality, ID document
- Contact data: postal address, e-mail, phone number
- Financial data: transactions, balances, banking operations
- Technical data: IP address, device type, session identifiers
- Location data: only with your explicit consent
Processing purposes
Your data is processed exclusively for: opening and managing your account, executing your banking operations, fraud and money-laundering prevention (legal obligation), improving our services, and communicating with you.
Storage and security
Your data is encrypted at rest (AES-256) and in transit (TLS 1.3). It is stored exclusively in ISO 27001 certified data centres located in Europe. No transfer outside the EEA takes place without appropriate safeguards (standard contractual clauses, adequacy decision).
Your rights
Under GDPR, you have the following rights: access, rectification, erasure, restriction of processing, portability, objection. You can exercise these rights at any time from your Novara app, or by contacting our Data Protection Officer at [email protected].
You also have the right to lodge a complaint with a supervisory authority (CNIL in France, Garante in Italy, ICO in the UK).
Retention period
Your data is kept for the duration of the contractual relationship, then for 5 years from the closing of the account (legal anti-money-laundering obligation). After this period, it is permanently deleted or anonymised.