Your Financial Data is Safe with Nova
We use bank-level encryption and industry-leading security practices to protect your most sensitive information.
Bank-Level Encryption
All data transmitted between your browser and Nova's servers is encrypted using industry-standard TLS 1.3 protocol with 256-bit AES encryption—the same security used by banks and financial institutions.
- TLS 1.3 encryption for all connections
- AES-256 encryption for data at rest
- Encrypted database with row-level security
We Never Store Your Banking Credentials
Nova uses Plaid, a trusted financial technology platform used by Venmo, Robinhood, and thousands of other apps, to securely connect to your financial institutions. Your banking username and password are never sent to or stored on Nova's servers.
Plaid is a regulated financial institution that connects to over 12,000 banks and financial institutions. When you connect an account, you authenticate directly with your bank through Plaid's secure interface.
- Login directly with your bank via Plaid
- Nova only receives read-only access tokens
- Revoke access anytime from your Nova dashboard
Your Privacy is Our Priority
We believe your financial data is yours and yours alone. Nova will never sell, rent, or share your personal information with third parties for marketing purposes.
- No data selling. Ever.
- No ads. No tracking for advertising purposes.
- GDPR & CCPA compliant. Full control over your data.
- Export or delete your data anytime.
Enterprise-Grade Infrastructure
Nova is built on industry-leading cloud infrastructure with enterprise-grade security, reliability, and compliance.
- Hosted on Vercel's edge network with high availability
- PostgreSQL database with automatic backups and point-in-time recovery
- Authentication powered by Supabase Auth (enterprise-grade auth)
- Automated security scanning and continuous monitoring
AI Trust & Safety: How Nova Verifies Every Response
Financial advice is high-stakes. Nova doesn't trust an AI model to get it right on its own—we verify every response before it reaches you. Charlie, our AI financial coach, runs through a 14-layer guardrail pipeline on every interaction.
That means if the model produces an output that fails any guardrail layer—prompt injection, hallucination, unsupported financial claim, compliance rule—the response is blocked or corrected before you see it. The LLM is the generator. The Charlie guardrail pipeline is the verifier. We don't rely on the model being honest; we check.
The Charlie guardrail pipeline includes 14 layers:
- Kill Switch
- Prompt Injection Detection
- Intent Parser
- Pre-Check Scorer (incl. data sufficiency)
- Financial Facts Grounding
- LLM Generation + DLP
- Agent Trace
- Semantic Risk Scorer
- Compliance Rules Engine
- Hallucination Guard
- LLM Judge
- Disclaimers (via Semantic Risk + Compliance Rules)
- Audit Log
- Human Review Sampling
- Charlie 100-case adversarial eval suite runs against every model upgrade—guardrail pass rates published on request (email hello@novanetworth.com)
- Ground-truth verification—every financial claim is checked against your actual account data, not generated from memory
- Full audit log—every AI interaction is recorded for review; see the AI Transparency page for details
Secure Payment Processing
Your payment information is processed securely through Stripe, a PCI Level 1 certified payment processor.
Nova never stores your credit card information. All payments are processed through Stripe's secure infrastructure, which is trusted by millions of businesses worldwide.
Our Commitment to Security & Trust
Bank-Level Security
AES-256 encryption
Credential Isolation
Credentials never stored
Privacy First
No data selling
Transparency
Full control of your data
Service-Disabled Veteran-Owned Business
Nova is proudly owned and operated by a service-disabled veteran who understands the importance of trust, security, and service to others.