1. Controller
NPOV, Inc. is the data controller for personal data processed through this website.
NPOV, Inc.
2093 Philadelphia Pike #6095
Claymont, DE 19703
Privacy email: loading...
2. Personal Data We Collect
Information you submit
- Contact form data: name, email, organization, role, inquiry type, and message.
- Narrative Risk Registry data: name, email, page/topic details, affected-party type, urgency, and report details.
Technical and security data
- IP address, device/browser metadata, timestamps, and anti-abuse signals generated during form submission and security checks.
3. Purposes and Legal Bases (GDPR)
- Responding to inquiries and case submissions (Article 6(1)(b), steps at your request before entering a contract, and Article 6(1)(f), legitimate interests in operating and growing our services).
- Operating and securing the website and forms (Article 6(1)(f), legitimate interests in service integrity, abuse prevention, and fraud/security detection).
- Complying with legal obligations and protecting rights (Article 6(1)(c) and 6(1)(f)).
4. Recipients and Processors
We share personal data only as necessary with service providers and legal recipients, including:
- Web3Forms (form processing provider) and its infrastructure/security subprocessors.
- hCaptcha by Intuition Machines, Inc. (bot and abuse prevention).
- Hosting, infrastructure, and technical support providers that operate this website.
- Authorities, courts, advisors, or counterparties where disclosure is required by law or necessary to establish, exercise, or defend legal claims.
Provider references: Web3Forms Privacy, hCaptcha Privacy.
5. International Data Transfers
NPOV, Inc. is based in the United States. Personal data may be processed in the U.S. and other countries where our providers operate. When required, we rely on appropriate safeguards for international transfers, such as Standard Contractual Clauses, adequacy decisions, or other legally recognized transfer mechanisms.
6. Retention
- Contact form submissions: retained for up to 10 years from the last substantive interaction.
- Narrative Risk Registry submissions: retained for up to 10 years from the last substantive interaction or case closure.
We may retain data longer if reasonably necessary for legal claims, dispute resolution, legal obligations, or documented litigation holds.
7. Your Privacy Rights
EEA/UK/Switzerland rights (GDPR/UK GDPR)
- Access, correction, deletion, restriction, objection, portability, and withdrawal of consent where processing is consent-based.
California and other U.S. state rights
- Right to know/access, delete, correct, and (where applicable) opt out of sale/sharing and targeted advertising.
- Right to non-discrimination for exercising your rights.
Sale/share statement: We do not sell or share personal information for cross-context behavioral advertising.
To exercise rights, contact us using the privacy email listed in this policy. We may request information reasonably necessary to verify your request.
8. Complaints
If you are in the EEA, you can lodge a complaint with the supervisory authority in your country of habitual residence, place of work, or where the alleged infringement occurred. If you are in the UK, you can complain to the UK Information Commissioner's Office (ICO).
9. Cookies and Similar Technologies
We do not deploy analytics or advertising cookies on this website at this time. We use only strictly necessary technologies for core site functions and abuse prevention, including anti-bot services used on form pages (for example, hCaptcha via Web3Forms). If this changes, we will update this policy and implement any required consent controls.
10. Children
This website is not directed to children, and we do not knowingly collect personal data from children under 16.
11. Changes to This Policy
We may update this policy from time to time. We will post the updated version on this page and update the effective date above.