Privacy Policy
How TJ NOVA LTD collects, uses, shares, protects and retains personal data.
Last updated: 10 July 2026. This Privacy Policy applies to TJ NOVA LTD websites, applications, products, support channels, orders and related services. The English version is authoritative; the complete Chinese translation is provided for convenience.
1. Controller and contact
TJ NOVA LTD, Company No. 17308318, registered office 124-128 City Road, London, EC1V 2NX, United Kingdom, is the controller of personal data described in this Policy unless a product notice identifies another role. Privacy questions and rights requests may be sent to info@tjnovaltd.com. Security incidents should be reported to security@tjnovaltd.com.
2. Data we collect
- Identity and contact data: name, organisation, email address, postal address and communication preferences.
- Account data: account identifier, authentication events, settings, language, plan, access rights and security history. Passwords should be stored only in protected hashed form by the relevant authentication provider.
- Order and billing data: products, order references, invoices, amount, currency, tax status, payment status, refunds and limited transaction metadata.
- Product and content data: prompts, files, images, resumes, reviews, CSV data, form responses, custom-work instructions and outputs you choose to submit or save.
- Support and communications: messages, attachments, survey responses, complaint records and support history.
- Technical and usage data: IP address, device and browser information, timestamps, requested URLs, referral source, diagnostic events, approximate location derived from IP and interactions with the Service.
- Cookie and local-storage data: session, security, consent, theme, language and analytics identifiers as described in our Cookie Policy.
Please do not submit passwords, private keys, secret tokens, full payment-card numbers, government identifiers, health records or other highly sensitive data unless a Service clearly requests it through an appropriate secure channel.
3. Sources of data
We obtain data directly from you; automatically from your device when you use a Service; from payment, authentication, hosting and analytics providers; from an organisation that provides your access; and from public sources where reasonably necessary for company verification, security, fraud prevention or the requested research service.
4. Purposes and lawful bases
- Contract: create and administer accounts, process orders, provide products, deliver custom work, manage subscriptions and credits, respond to support and issue refunds.
- Legitimate interests: secure and improve Services, diagnose faults, prevent fraud and abuse, keep business records, understand aggregate use and protect legal rights, balanced against your rights.
- Legal obligation: maintain tax and accounting records, respond to lawful requests, enforce sanctions and comply with consumer, company and data-protection law.
- Consent: use non-essential cookies, send consent-based marketing or process data where consent is the appropriate basis. You may withdraw consent at any time without affecting earlier lawful processing.
5. Product content, local tools and AI
Some tools state that processing occurs locally in your browser. For those features, imported content is intended to remain on your device unless you choose an export, synchronisation, support or external-provider function. Browser storage may retain preferences or in-progress work until you clear it.
Where a Service sends prompts or files to an external AI or infrastructure provider, we disclose that boundary in the product or its workflow where reasonably possible. The provider receives only data needed to perform the request and processes it under its contract and applicable terms. Remove unnecessary personal data before importing reviews, resumes, images, CSV files or prompts. Do not use outputs as the sole basis for decisions with legal or similarly significant effects on a person.
6. Payments
TJ NOVA LTD does not operate as a bank, wallet, money transmitter or regulated payment service provider. Payments are handled through third-party provider-hosted payment flows or manual payment instructions. Payment providers collect and process payment credentials under their own privacy notices. We may receive payment status, transaction reference, billing email, amount, currency, fraud indicators and refund status. We do not intentionally store full payment-card numbers on our servers.
7. Sharing and processors
We disclose personal data only where reasonably necessary to: cloud hosting and storage providers; authentication, email and support providers; payment processors; analytics and security providers; AI model providers selected by a Service; professional advisers; logistics and fulfilment providers; and authorities or counterparties where required by law or a legitimate corporate transaction. Providers may use data only for contracted services, subject to appropriate confidentiality and data-protection terms. We do not sell personal data for money.
8. International transfers
Providers may process data outside the United Kingdom. Where UK data-protection law requires safeguards, we use an adequacy regulation, the UK International Data Transfer Agreement or Addendum, or another lawful transfer mechanism, together with supplementary measures where appropriate.
9. Retention
We retain personal data only as long as needed for the purpose collected, including service delivery, support, security, dispute resolution and legal, tax and accounting duties. Retention varies by record: account data normally lasts for the account plus a reasonable closure period; transaction and tax records may be kept for the legally required period; security logs are kept for a shorter risk-based period; and local-browser data remains until you clear it. We delete or anonymise data when it is no longer required, subject to backups and legal holds.
10. Security
We use proportionate technical and organisational measures, which may include access controls, encryption in transit, protected authentication, logging, backups, provider review and least-privilege access. No system is completely secure. Report suspected compromise promptly and do not send live credentials by email.
11. Your rights
Depending on applicable law, you may have rights to access, correct, erase or restrict personal data; object to processing; receive portable data; withdraw consent; and complain to a supervisory authority. We may need to verify identity and may retain information where law permits or requires it. In the United Kingdom, you may complain to the Information Commissioner's Office at ico.org.uk. Please contact us first where possible so we can investigate.
12. Marketing, children and automated decisions
Service messages may be sent where necessary to operate your account or order. Marketing is sent only where lawful, and every marketing message will provide an unsubscribe route. Our general Services are not directed to children under 13, and we do not knowingly collect their data without a lawful basis. We do not make solely automated decisions that produce legal or similarly significant effects unless a product notice explains the logic, significance and available safeguards.
13. Changes and contact
We may update this Policy to reflect changes in products, providers or law. The current version and update date will remain on this page; material changes will receive additional notice where required. Contact info@tjnovaltd.com for privacy questions or rights requests.
TJ NOVA LTD 如何收集、使用、共享、保护和保留个人数据。
最近更新:2026 年 7 月 10 日。本隐私政策适用于 TJ NOVA LTD 的网站、应用、产品、支持渠道、订单及相关服务。英文版本为权威文本,完整中文译文仅为阅读便利。
1. 数据控制者与联系方式
除非产品通知另有说明,TJ NOVA LTD(公司注册号 17308318,注册地址 124-128 City Road, London, EC1V 2NX, United Kingdom)是本政策所述个人数据的控制者。隐私问题和权利请求请发送至 info@tjnovaltd.com;安全事件请报告至 security@tjnovaltd.com。
2. 我们收集的数据
- 身份与联系数据:姓名、组织、邮箱、邮寄地址和通信偏好。
- 账户数据:账户标识、认证事件、设置、语言、方案、访问权限和安全历史。密码应仅由相关认证服务商以受保护的哈希形式存储。
- 订单与账单数据:产品、订单编号、发票、金额、币种、税务状态、付款状态、退款和有限交易元数据。
- 产品与内容数据:您选择提交或保存的提示词、文件、图像、简历、评论、CSV 数据、表单回答、定制需求和输出。
- 支持与通信:消息、附件、问卷回答、投诉记录和支持历史。
- 技术与使用数据:IP 地址、设备与浏览器信息、时间戳、请求网址、来源页面、诊断事件、由 IP 推断的大致位置及服务交互。
- Cookie 与本地存储数据:会话、安全、同意、主题、语言和分析标识,详见Cookie 政策。
除非服务通过适当安全渠道明确要求,请勿提交密码、私钥、秘密令牌、完整银行卡号、政府身份标识、健康记录或其他高度敏感数据。
3. 数据来源
数据可能直接来自您;在您使用服务时由设备自动提供;来自支付、认证、托管和分析服务商;来自为您提供访问权限的组织;以及在公司核验、安全、反欺诈或您请求的研究服务合理需要时来自公开来源。
4. 处理目的与合法依据
- 履行合同:创建和管理账户、处理订单、提供产品、交付定制工作、管理订阅和额度、回应支持及办理退款。
- 合法利益:保护和改进服务、诊断故障、防止欺诈和滥用、保存业务记录、了解汇总使用情况并保护法律权利,同时权衡您的权利。
- 法律义务:保存税务和会计记录、回应合法请求、执行制裁要求并遵守消费者、公司及数据保护法律。
- 同意:使用非必要 Cookie、发送基于同意的营销,或在同意是适当依据时处理数据。您可随时撤回同意,不影响撤回前处理的合法性。
5. 产品内容、本地工具与 AI
部分工具明确在浏览器本地处理。对于这些功能,导入内容原则上留在您的设备上,除非您主动选择导出、同步、支持或外部服务商功能。浏览器存储可保留偏好或进行中的工作,直至您清除。
如服务将提示词或文件发送给外部 AI 或基础设施服务商,我们会在合理可行时在产品或流程中说明边界。服务商仅接收完成请求所需的数据,并依据合同和适用条款处理。导入评论、简历、图像、CSV 或提示词前,请删除非必要个人数据。不得仅依赖输出作出对个人产生法律或类似重大影响的决定。
6. 付款
TJ NOVA LTD 不作为银行、钱包、汇款机构或受监管支付服务提供商运营。付款通过第三方服务商托管的支付流程或人工付款说明完成。支付服务商依据其隐私通知收集和处理支付凭据。我们可能收到付款状态、交易编号、账单邮箱、金额、币种、欺诈指标和退款状态,但不会有意在自有服务器上存储完整银行卡号。
7. 共享与处理服务商
我们仅在合理必要范围内向以下类别披露个人数据:云托管和存储、认证、邮件和支持、支付处理、分析和安全、服务选用的 AI 模型、专业顾问、物流履约服务商,以及法律或合法公司交易要求的机关或交易方。服务商仅可依据合同提供服务,并受适当保密和数据保护条款约束。我们不会以收取金钱为目的出售个人数据。
8. 跨境传输
服务商可能在英国境外处理数据。英国数据保护法要求保障措施时,我们会采用充分性法规、英国国际数据传输协议或附录,或其他合法传输机制,并在适当情况下采取补充措施。
9. 保留期限
我们仅在收集目的所需期间保留个人数据,包括服务交付、支持、安全、争议解决及法律、税务和会计义务。期限因记录而异:账户数据通常保留至账户关闭后合理期间;交易和税务记录按法定期限保存;安全日志按较短的风险期限保存;浏览器本地数据保留至您清除。数据不再需要时会删除或匿名化,但备份和法定保全除外。
10. 安全
我们采用与风险相称的技术和组织措施,可能包括访问控制、传输加密、受保护认证、日志、备份、服务商审查和最小权限访问。任何系统都无法绝对安全。请及时报告疑似失陷,不要通过邮件发送真实凭据。
11. 您的权利
根据适用法律,您可能有权访问、更正、删除或限制个人数据;反对处理;获取可携带数据;撤回同意;及向监管机构投诉。我们可能需要核验身份,并可在法律允许或要求时保留信息。在英国,您可向 Information Commissioner's Office 投诉:ico.org.uk。如可能,请先联系我们以便调查。
12. 营销、儿童与自动化决定
为运营账户或订单所必需时,我们可发送服务消息。营销仅在合法情况下发送,并提供退订方式。一般服务不面向 13 岁以下儿童,我们不会在缺乏合法依据时故意收集其数据。除非产品通知说明逻辑、意义和可用保障,我们不会仅依靠自动化处理作出产生法律或类似重大影响的决定。
13. 变更与联系
我们可因产品、服务商或法律变化更新本政策。本页会保留当前版本和更新日期;法律要求时会对重大变更另行通知。隐私问题或权利请求请联系 info@tjnovaltd.com。