Privacy Policy

Effective Date: June 10, 2026

Nova Wallet (“Nova,” “we,” “our,” or “us”) is owned and operated by 404 ENTERPRISE LLC. We respect your privacy and are committed to protecting your information.

This Privacy Policy explains how we collect, use, disclose, retain, and protect information in connection with the Nova Wallet iOS application, related software features, websites, support channels, documentation, and associated services (collectively, the “Services”).

Nova Wallet is a non-custodial crypto wallet. Nova does not custody your Digital Assets, does not control your private keys, and does not have access to your recovery phrase unless you choose to disclose it to us, which you should never do.

This Privacy Policy does not govern MoonPay’s services. If you use MoonPay through or from Nova Wallet, MoonPay collects and processes information under MoonPay’s own terms and privacy policy.

1) Overview

Non-custodial design. Nova Wallet is designed so that you control your Wallet, private keys, recovery phrase, and Digital Assets. Nova does not custody your Digital Assets and cannot initiate, reverse, freeze, recover, or modify blockchain transactions.

Private keys and recovery phrases. Nova does not intentionally collect, store, transmit, sell, rent, or share your private keys, seed phrases, recovery phrases, passwords, or device passcodes. You should never send this information to us, MoonPay, support staff, or any third party.

MoonPay only for fiat purchase and sale. The only fiat crypto purchase/sale provider integrated in Nova Wallet is MoonPay. MoonPay, not Nova, handles onboarding, KYC, AML screening, sanctions screening, fraud screening, payment processing, transaction limits, supported jurisdictions, fees, refunds, chargebacks, and compliance decisions.

Public blockchain data. Blockchain networks are public. Wallet addresses, balances, token holdings, transaction history, and other on-chain data may be publicly visible and may not be deleted, modified, or controlled by Nova.

Limited collection. We aim to collect only the information needed to provide, secure, support, maintain, and improve the Services, comply with law, and support user-requested features.

No sale of personal information. We do not sell personal information. We do not use personal information for third-party targeted advertising.

2) Information We Collect

a) Information you provide directly

Support and communications. If you contact us for help, submit feedback, report bugs, or send us emails, we may collect your name, email address, message contents, attachments, screenshots, wallet addresses, transaction hashes, device details, app version, and any other information you choose to provide.

Account or authentication information. If Nova offers optional account, sign-in, backup, sync, beta, waitlist, support portal, or newsletter features, we may collect identifiers such as your name, email address, username, authentication provider identifier, and related account information.

User-submitted wallet information. If you voluntarily provide a wallet address, transaction hash, public blockchain address, token contract, screenshot, or related information to receive support or use a feature, we may process that information for the purpose you provided it.

Feedback and survey information. If you respond to surveys, beta prompts, product feedback forms, or research requests, we may collect your responses and any contact information you provide.

b) Information collected automatically

Device and app information. We may collect limited technical information such as device model, iOS version, app version, language, region, crash data, diagnostic logs, performance data, feature usage, and general system status.

Network and security information. We may process IP address, approximate location derived from IP address, device and request metadata, timestamps, and similar technical information to provide the Services, protect against abuse, prevent fraud, support sanctions/export-control compliance, maintain security, diagnose outages, and operate infrastructure.

Wallet and blockchain information. To provide wallet functionality, the Services or our providers may process public wallet addresses, public blockchain data, token balances, token metadata, transaction history, transaction hashes, network identifiers, gas or fee estimates, and similar public blockchain information.

Analytics information. If analytics are enabled, we may collect limited analytics data about app performance, crashes, errors, feature usage, and user experience. Where possible, we use aggregated or de-identified analytics. If we provide controls to disable optional analytics, you may use those controls.

Push notification information. If you enable push notifications, we may process notification tokens and related delivery information to send app notifications. You can disable notifications in iOS settings.

c) Information from third parties

MoonPay information. If you use MoonPay Services, MoonPay may provide us with limited information about your MoonPay transaction status, such as whether a transaction was started, pending, completed, failed, rejected, refunded, or canceled, as permitted by MoonPay and applicable law. Nova does not receive or store your full payment card number, bank account credentials, government ID, Social Security number, selfie/biometric verification data, or full MoonPay KYC file unless MoonPay expressly provides limited information for a permitted purpose.

Service providers. We may receive information from service providers that help us operate the Services, such as crash reporting, analytics, hosting, customer support, security, infrastructure, email, or fraud-prevention providers.

Blockchain and data providers. We may receive public blockchain data, token metadata, pricing data, risk labels, transaction data, and other wallet-related information from blockchain networks, RPC providers, indexers, analytics providers, or market data providers.

d) Information we do not intentionally collect

We do not intentionally collect or ask for your private keys, seed phrases, recovery phrases, device passcodes, full payment card numbers, bank account login credentials, or MoonPay KYC documents.

We do not monitor your private files, photos, contacts, microphone, browsing history, or clipboard by default.

We do not sell or rent personal information.

We do not use personal information for third-party targeted advertising.

3) Camera, Photos, Clipboard, Contacts, and Location

Camera. If Nova Wallet offers QR-code scanning, the app may request camera permission. Camera access is used only for the feature you choose, such as scanning a wallet address or QR code.

Photos. If Nova Wallet allows QR-code import or image upload, the app may request access to selected photos or images. We only access the content you choose to provide.

Clipboard. Nova Wallet may allow you to paste wallet addresses, transaction hashes, or other information from your clipboard. We do not continuously monitor your clipboard.

Contacts. Nova Wallet does not access your contacts unless we clearly disclose and request permission for a specific feature.

Precise location. Nova Wallet does not request precise GPS location by default. We or our service providers may process approximate location derived from IP address for security, fraud prevention, sanctions/export-control compliance, localization, and service availability.

You can manage app permissions through iOS settings.

4) How We Use Information

We may use information to:

provide, operate, maintain, and improve the Services;

create, import, display, or manage Wallet-related information;

display balances, token metadata, transaction history, prices, fees, and public blockchain data;

process user-requested support, feedback, bug reports, and communications;

provide security warnings, risk indicators, fraud prevention, abuse prevention, and compliance controls;

detect, prevent, investigate, and respond to fraud, spam, abuse, scams, unauthorized access, malicious activity, sanctions evasion, and security incidents;

support MoonPay integrations and display user-requested MoonPay transaction status information where available;

operate analytics, crash reporting, diagnostics, and performance monitoring;

send service-related notices, updates, and support messages;

comply with legal obligations, sanctions, export controls, law enforcement requests, regulatory requests, subpoenas, court orders, and App Store requirements;

enforce our Terms of Service and protect Nova, users, third parties, and the Services.

5) MoonPay Services

MoonPay is an independent third-party provider. MoonPay may collect and process information directly from you when you use MoonPay Services, including identity information, contact information, date of birth, government identification, selfie or biometric verification information, payment information, bank information, card information, wallet addresses, transaction information, device information, IP address, location-related information, sanctions-screening information, AML/KYC information, fraud-screening information, and other compliance information.

MoonPay uses this information under MoonPay’s own terms, privacy policy, legal obligations, compliance program, and retention rules.

Nova does not control MoonPay’s data collection, KYC/AML review, sanctions screening, fraud screening, transaction monitoring, payment processing, approval decisions, rejection decisions, refunds, chargebacks, account restrictions, or data retention.

Your use of MoonPay Services is optional and subject to MoonPay’s own legal terms and privacy policy. You should review MoonPay’s privacy policy before using MoonPay Services.

6) How We Share Information

We may share information in the following circumstances:

With your consent or direction. We may share information when you ask us to, such as when you connect to a third-party service, use MoonPay, submit a support request, or direct us to process information for a feature.

Service providers. We may share information with vendors and service providers that help us operate the Services, including hosting, analytics, crash reporting, security, support, email, infrastructure, fraud prevention, and compliance providers.

MoonPay. If you use MoonPay Services, we may share limited information with MoonPay as needed to enable or support the integration, such as wallet address, transaction amount, asset selection, transaction status, device or session information, or other information required for the user-requested MoonPay flow.

Blockchain networks and RPC providers. To provide wallet functionality, public wallet addresses, transaction data, and blockchain requests may be transmitted to blockchain networks, RPC providers, indexers, or related infrastructure providers.

Legal and safety reasons. We may disclose information where we believe disclosure is required or appropriate to comply with law, regulation, subpoena, court order, government request, sanctions/export-control obligations, App Store requirements, or legal process; to enforce our Terms; to protect rights, property, and safety; or to investigate fraud, abuse, security incidents, or unlawful activity.

Business transfers. If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, sale of assets, or similar transaction, information may be transferred as part of that transaction, subject to appropriate protections.

Aggregated or de-identified information. We may share aggregated, anonymized, or de-identified information that does not identify you, where permitted by law. We do not attempt to re-identify de-identified information except as permitted by law.

We do not sell personal information. We do not share personal information for third-party targeted advertising.

7) Cookies and Similar Technologies

Nova Wallet’s iOS application does not use browser cookies.

Our websites may use cookies, pixels, local storage, or similar technologies for functionality, analytics, security, fraud prevention, and performance. You can control cookies through your browser settings.

Third-party websites, MoonPay pages, embedded services, or external links may use their own cookies and tracking technologies under their own privacy policies.

8) Data Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, or alteration.

Where appropriate, we use encryption in transit, access controls, logging, monitoring, secure development practices, and vendor review processes.

No system is perfectly secure. You are responsible for protecting your Device, Apple ID, iCloud account, Wallet credentials, private keys, recovery phrases, passwords, biometric access, MoonPay account, and payment credentials.

Do not send us your private key, seed phrase, recovery phrase, password, device passcode, payment card number, bank login credentials, or government ID through support email or unsecured channels.

9) Data Retention

We retain personal information only as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, support users, maintain security, comply with legal obligations, resolve disputes, enforce agreements, and protect against fraud or abuse.

Support communications may be retained as long as needed to respond to your request, maintain business records, prevent abuse, and comply with legal obligations.

Crash reports, diagnostics, and analytics data are retained only as long as reasonably necessary for troubleshooting, security, product improvement, and legal compliance.

Security, fraud-prevention, sanctions, export-control, and abuse-prevention records may be retained as long as reasonably necessary to protect the Services and comply with applicable law.

Public blockchain data cannot be deleted, changed, or made private by Nova because it exists on public blockchain networks.

MoonPay retains MoonPay-related information under MoonPay’s own retention policy and legal obligations.

10) Your Privacy Choices and Rights

Depending on your jurisdiction, you may have the right to:

request access to personal information we hold about you;

request correction of inaccurate information;

request deletion of personal information;

request restriction of processing;

object to certain processing;

withdraw consent where processing is based on consent;

request a copy of certain information in portable format;

appeal a privacy-rights decision where applicable;

file a complaint with a data protection authority.

You may submit privacy requests by contacting us at privacy@nshield.org.

We may need to verify your identity before responding to a request. We may deny or limit requests where permitted or required by law, including where retention is necessary for security, fraud prevention, legal compliance, dispute resolution, or legitimate business purposes.

If Nova Wallet offers account creation, you may request account deletion through the app where available or by contacting us at privacy@nshield.org. Deleting a Nova account does not delete public blockchain data, blockchain transactions, Digital Assets, Wallet addresses, or MoonPay records controlled by MoonPay.

You can manage app permissions, notifications, camera access, photo access, and similar settings through iOS settings.

11) Children’s Privacy

Nova Wallet is not intended for children under 18 years old or the age of legal majority in their jurisdiction.

We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact us at privacy@nshield.org and we will take appropriate steps to delete the information where required by law.

MoonPay Services may have their own age and eligibility requirements.

12) International Users

404 ENTERPRISE LLC is based in the United States. If you access or use the Services from outside the United States, your information may be processed in the United States and other jurisdictions that may have data protection laws different from those in your jurisdiction.

Where required by law, we use appropriate safeguards for international transfers of personal information.

MoonPay and other third-party providers may process information in multiple jurisdictions under their own privacy policies and transfer mechanisms.

13) U.S. State Privacy Notice

Depending on where you live, U.S. state privacy laws may provide additional rights regarding personal information.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising or targeted advertising.

The categories of personal information we may collect include identifiers, contact information, internet or electronic network activity information, device information, approximate location derived from IP address, commercial or transaction-related information, public blockchain information, support communications, and inferences related to app functionality, security, or product improvement.

We use this information for the purposes described in this Privacy Policy, including app functionality, support, security, fraud prevention, legal compliance, analytics, and service improvement.

You may submit privacy requests by contacting privacy@nshield.org.

14) EEA, UK, and Swiss Users

If you are located in the European Economic Area, United Kingdom, or Switzerland, our legal bases for processing personal information may include:

performance of a contract, where processing is necessary to provide the Services;

legitimate interests, such as securing, maintaining, and improving the Services, preventing fraud, responding to support requests, and enforcing our Terms;

legal obligations, including sanctions, export-control, tax, regulatory, law enforcement, and compliance obligations;

consent, where required for optional analytics, marketing, certain cookies, or other optional processing.

You may have rights to access, correct, delete, restrict, object to processing, request portability, withdraw consent, or lodge a complaint with a supervisory authority.

15) Third-Party Links and Services

The Services may link to or interact with third-party websites, services, blockchain networks, RPC providers, wallet tools, token data providers, analytics providers, Apple services, and MoonPay.

Third-party services are governed by their own terms and privacy policies. We are not responsible for the privacy practices, security, accuracy, availability, or content of third-party services.

You should review third-party privacy policies before using them.

16) Community Token ($NOV) Disclosures

Nova’s ecosystem may be associated with a community token known as $NOV.

Nova does not need your private keys or recovery phrase to display or interact with public blockchain information.

If you hold, send, receive, buy, sell, or otherwise interact with $NOV or any Digital Asset, your wallet address, token holdings, transaction history, and related blockchain activity may be publicly visible on blockchain networks.

Nova does not control public blockchain networks and cannot delete, anonymize, reverse, hide, or obscure public blockchain transactions.

You are responsible for managing your Wallet, Digital Assets, taxes, reporting obligations, and compliance with applicable laws.

17) Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our Services, data practices, legal obligations, third-party providers, MoonPay integration, App Store requirements, or business operations.

If we make material changes, we may notify you through the app, website, email, App Store listing, or other reasonable means.

Your continued use of the Services after an updated Privacy Policy becomes effective means you acknowledge the updated Privacy Policy.

18) Contact Us

For privacy questions, requests, or concerns, contact:

404 ENTERPRISE LLC

Email: privacy@nshield.org

General contact: hi@nshield.org

Website: https://www.nshield.org