Privacy Policy

1. Introduction

Knova ("Knova", "we", "us", or "our") operates an on-premise AI-powered workplace intelligence platform. This Privacy Policy explains how we handle data when organizations use the Knova platform.

Knova is fundamentally designed with privacy at its core. As an on-premise solution, all data processing occurs entirely within our customers’ own infrastructure. No corporate data is transmitted to, stored on, or accessible by Knova or any third-party servers.

2. Scope of This Policy

This Privacy Policy applies to:

• Organizations (“Customers”) that deploy the Knova platform on their infrastructure
• Employees and users within those organizations who interact with the Knova platform
• Visitors to our website (knovaapp.com)
• Individuals who contact us for sales, support, or general inquiries

3. Data We Collect

3.1 Website Visitors (knovaapp.com)

When you visit our website, we may collect:

• Usage data such as pages visited, time spent, and referral sources (via analytics tools)
• Contact information you voluntarily provide through forms (name, email, company name, phone number)
• Cookies and similar tracking technologies for website functionality and analytics

3.2 On-Premise Platform Data

Important: Knova’s on-premise platform processes data entirely within the customer’s own infrastructure. Knova does not collect, access, store, or process any of this data. The following describes what the Knova platform processes locally on the customer’s servers:

• Corporate communications: Messages from email platforms, instant messaging platforms, and meeting metadata
• Business documents: Files from document management and cloud storage platforms
• Project management data: Tasks, issues, and project information from project management platforms
• CRM data: Customer records and interactions from CRM platforms
• Calendar and scheduling data: Meeting schedules, participants, and related metadata from calendar and scheduling platforms
• User interaction data: Queries made to the Knova AI assistant, search history, and usage patterns within the platform

All of the above data remains on the customer’s servers at all times. Knova has no access to this data.

4. How Data Is Used

4.1 Website and Business Data

Data collected through our website and business interactions is used to:

• Respond to inquiries and provide customer support
• Send product updates and relevant communications (with consent)
• Improve our website and marketing efforts
• Process transactions and manage customer accounts

4.2 On-Premise Platform Usage

The Knova platform, running on customer infrastructure, processes data locally to:

• Provide AI-powered enterprise search across connected data sources
• Generate summaries, reports, and insights from corporate data
• Deliver AI assistant functionality for employees at all organizational levels
• Build and maintain corporate memory – a searchable knowledge base of organizational information
• Provide analytics on communication patterns and workflows (configurable by the customer)

5. Third-Party Integrations and OAuth

Knova integrates with third-party platforms through OAuth authentication to access corporate data sources. These integrations include but are not limited to:

• Email and productivity platforms
• Document management and cloud storage platforms
• Instant messaging, video conferencing, and project management platforms
• CRM and customer management platforms

When a customer authorizes these integrations:

• OAuth tokens are stored securely on the customer’s own server
• Data retrieved through these integrations stays on the customer’s infrastructure
• Knova does not act as an intermediary for these connections
• Customers can revoke access to any integration at any time through their Knova admin panel or directly through the third-party platform

6. Data Security

We implement appropriate technical and organizational measures to protect data:

6.1 On-Premise Platform Security

• All data processing occurs within the customer’s own network perimeter
• No external network calls are made for data processing – AI models run locally
• Encryption at rest and in transit within the customer’s infrastructure
• Role-based access control (RBAC) for platform administration
• Audit logging of all system access and operations
• Regular security updates and patches provided by Knova

6.2 Website and Business Data Security

• SSL/TLS encryption for all website communications
• Secure storage of contact information and business records
• Access controls and authentication for internal systems

7. Data Retention

On-Premise Platform: Data retention policies are configured and controlled entirely by the customer. Knova provides tools for customers to set retention periods, archive data, and permanently delete data according to their own policies and regulatory requirements.

Website and Business Data: We retain contact information and business records for the duration of the business relationship plus a reasonable period thereafter for legal and operational purposes. You may request deletion of your data at any time.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right of Access: Request information about what personal data we hold about you
• Right to Rectification: Request correction of inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Restriction: Request limitation of processing of your personal data
• Right to Data Portability: Request a copy of your data in a structured, machine-readable format
• Right to Object: Object to certain types of processing
• Right to Withdraw Consent: Withdraw previously given consent at any time

For data processed by the on-premise Knova platform, these rights should be exercised through your organization’s data protection officer or IT administrator, as Knova does not have access to this data.

For data we hold directly (website, business communications), please contact us at privacy@knovaapp.com.

9. International Data Transfers

The Knova platform is designed to eliminate cross-border data transfer concerns. Since all data processing occurs on-premise within the customer’s own infrastructure, data does not leave the customer’s chosen jurisdiction.

For our website and business operations, if data is transferred internationally, we ensure appropriate safeguards are in place in compliance with applicable data protection laws.

10. Compliance with Turkish Data Protection Law (KVKK)

For our customers in Turkey, Knova’s on-premise architecture is designed to support compliance with the Turkish Personal Data Protection Law (KVKK, Law No. 6698):

• Data remains within Turkey when deployed on local infrastructure
• No cross-border data transfer occurs through the Knova platform
• Customers maintain full control as data controllers
• Knova provides tools to support data subject rights under KVKK
• Explicit consent mechanisms can be configured within the platform

11. Compliance with GDPR

For customers in the European Economic Area, Knova supports GDPR compliance:

• Privacy by design and by default – on-premise architecture ensures data minimization
• Data processing occurs within the customer’s own EU-based infrastructure
• Tools provided for data subject access requests (DSAR)
• Configurable data retention and deletion policies
• Audit trail capabilities for accountability requirements

12. Children’s Privacy

Knova is a business-to-business enterprise platform and is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify customers of significant changes through email or through the Knova platform. The updated policy will be posted on our website with a revised effective date.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Knova

Email: privacy@knovaapp.com

Website: https://knovaapp.com

Address: Istanbul, Turkey