Mobile Application Privacy Policy


This Privacy Policy outlines how Novosteer's App collects, uses, secures, and shares the personal data of its users while using our mobile application on Android and iOS platforms. Our commitment to your privacy is paramount, especially considering the sensitive nature of the customer information handled by our automotive trade-in application.

Data Collection

  1. Personal Identification Information: We collect your phone number to uniquely identify you and facilitate account access via SMS authentication.
  2.  Customer Information: This includes your dealership profile, reports, inventory, images, and vehicle historical documents related to your inventory. ( CARFAX)
  3. Employee Member Profiles: If you choose to manage the employee profiles of your dealership members, we collect similar information for each staff member.

Use of Data

The data we collect is used for the following purposes:

  • To provide and maintain our service, including monitoring the usage of our service.
  • To manage your account: The phone number you provide allows you to access and manage your account.
  •  To facilitate communication with our support team through the app.
  • To provide customer support and manage user requests.

Data Security

  1.  Encryption: All data is encrypted to ensure the confidentiality and integrity of your personal information.
  2. Data Center Security: We store all data in Canadian and American data centers, known for their high-security standards.
  3. Compliance with Laws: Our data handling practices are in strict compliance with Canadian PIPEDA and American law, California CCPA privacy act and the General Data Protection Regulation (GDPR).

Quebec's Bill 64

Novosteer follows follows Quebec's Bill 64 compliance laws.

US privacy in 2023

A rise in state privacy law left organizations that operate in the US having several key dates for their diaries in 2023.  The CPRA took effect on January 1, 2023, amending the CCPA.  The Virginia Consumer Data Protection Act (CDPA) and the Colorado Privacy Act (CPA) also entered into effect on January 1, marking a fast start for compliance in 2023. At the beginning of July, the CTDPA entered into effect finally followed by the UCPA on December 31, 2023. The varying compliance requirements of five privacy laws that ia a top priority for Novosteer Technologies Corp covered by these laws.

New U.S. state data privacy laws

Privacy laws in the U.S. vary by state — some states have signed laws that provide privacy protections, while others have no rules. Below are some examples of signed and proposed individual state privacy laws: 


In 2020, voters in California passed the California Privacy Rights Act (CPRA), an amendment to the CCPA. The CPRA provides additional protection for Californians, such as the right to know what personal data entities are collecting about them and the right to know if businesses are selling their data and to whom.


The Colorado Privacy Act is a new law that will take effect on July 1, 2023. This law will require businesses to disclose their data collection and sharing practices to consumers and gives Colorado residents the right to opt out of the sale of their personal data. The law also imposes strict penalties for companies and authorizes the state attorney general to bring enforcement actions.


The Connecticut Personal Data Privacy and Online Monitoring Act covers any business that collects personal information from Connecticut residents. The law provides privacy protection regulations for data controllers and processors and requires them to take reasonable security measures to protect personal data.


The Maryland Online Consumer Protection Act protects consumers from cybersecurity threats, including data breaches, theft, phishing, and spyware. While this law is similar to other state privacy laws, it’s more comprehensive in certain respects.

For instance, Maryland law requires businesses to take reasonable steps to protect consumers' personal information from unauthorized access, use, or disclosure. The law also requires entities to provide consumers with a way to opt out of having their personal information collected, used, or sold. 

This act applies to all businesses that collect, use, or disclose personal data about Maryland residents, including out-of-state companies that sell goods or services to Maryland locals.


The Massachusetts Data Privacy Law is a set of regulations governing businesses' handling of personal information. The law applies to any organization that holds, uses, or discloses personal data about Massachusetts residents. 

Some of the law’s provisions state that companies must obtain consumer consent before collecting or using their data. In addition, entities must take necessary steps to secure consumer data. The state law also establishes that companies must disclose how they use consumer data and allow customers to opt out of specific uses. Finally, organizations must ensure that the data they collect is accurate and up-to-date.

New York

The New York Privacy Act is one of the most comprehensive pieces of privacy and security legislation in the U.S. This law sets strict rules about how businesses must handle consumers’ personal information and gives individuals new rights concerning data. The act significantly impacts companies operating in New York state and helps ensure all residents control their personal information. Some key provisions of the privacy law include:

  • Entities must disclose what categories of consumer data they collect, use, or sell, and the purposes for which they’ll use the data.
  • Robust enforcement mechanisms provide a private right of action and implement civil penalties per violation.


The Virginia Consumer Data Protection Act is a new law that’ll take effect on January 1, 2023. It will require businesses to take reasonable steps to protect consumer data privacy, confidentiality, and integrity. 

This new law applies to any business that collects, uses, or discloses the personal information of 100,000 or more Virginia consumers or derives 50 percent or more of its revenue from the sale of consumer data.  

The law also gives Virginia residents the right to access their personal data and request correction if it’s inaccurate.

Data Sharing and Disclosure

We do not sell or rent your personal data to third parties. Data may be shared under the following circumstances:

  • Legal Requirements: We may disclose your data where required by law or subpoena.
  • Data Providers: Only with your explicit consent, we share necessary information with data providers for vehicle accuracy purposes.

Your Data Protection Rights Under GDPR

You have the following data protection rights:

  • The right to access, update, or delete the information we have on you.
  • The right of rectification.
  • The right to object.
  • The right of restriction.
  • The right to data portability.
  • The right to withdraw consent.

Please note that we may ask you to verify your identity before responding to such requests.

Children's Privacy

Our service does not address anyone under the age of 16 ("Children"). We do not knowingly collect personally identifiable information from children and/or without parental consent.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us:
+1 (204) 560-6686

We use cookies to give the best experience to our visitors. By using this website, you're agreeing to our use of cookies.