Yair NovoselskyAccountants

Privacy Policy

Last updated: 20 November 2025

This is a convenience translation. In any discrepancy between this English version and the Hebrew version, the Hebrew version shall prevail.

1. General

1.1. Novo Finance Ltd., company no. 515550432 ("the Company", "we" or "us"), is committed to protecting the privacy of everyone who comes into contact with it: clients, suppliers, business partners, job applicants, and including visitors to the website and social networks (each: "the User" or "you"). The Company undertakes to protect the personal information that may be provided to it by any of the above.

1.2. The purpose of this privacy policy ("the Policy") is to detail the types of information the Company collects, the ways it is used, how it is stored, and the steps taken to protect it. The information is collected in connection with and during the receipt of the services the Company provides and during the use of its digital systems, including: (a) the Company's website at https://yairncpa.co.il/ ("the Site"), operated by CPA Yair Novoselsky, the owner of the Company; (c) in connection with engaging to receive services from the Company; (d) phone calls, email correspondence and WhatsApp correspondence with the Company's representatives; (e) other communications with the Company, including through a third party involved in its business; or (f) submitting a job application to the Company.

1.3. In this Policy the following terms shall have the meanings set out beside them:

1.3.1. "Information" – any fact, assessment, opinion, document, record, processing or analysis of any of these, conclusions drawn and outputs produced from it – in whole or in part, held by either party regarding itself and/or regarding the other party – as the context requires.

1.3.2. "Personal information" – as defined in the Protection of Privacy Law, 5741-1981 (the "Privacy Protection Law"), including information relating to an identified or identifiable person, including by means of an identifier such as a name, ID number, biometric identifier, location data, an online identifier, or one or more data points relating to their physical, health, economic, social or cultural status.

1.3.3. "Communication channels" – including, without derogating from the generality of the definition: the Company's website, the telephone service center, email, "contact us" forms, SMS and WhatsApp messages, digital media channels used by the Company to publish professional information (such as the official Facebook page) and any other means of communication used by the Company for its activity.

1.3.4. "Services" or "the Company's services" – any information, content, service or activity that the Company offers, provides or actually performs, in the past, present and future.

1.3.5. "Content" – information of any kind found or displayed on the Site, including (but not limited to) text, verbal and visual content, design, the Site's layout, graphic language, materials, data, images, photographs, illustrations, videos, graphic files, files of other kinds, links, and the like.

1.4. If, after reading the Policy, you find that it does not match your views or wishes, you should refrain from providing information to the Company and from any use of its services or communication channels. We will be sorry, but that is your full right.

1.5. You may contact the Company at any time with any request or inquiry regarding this Policy via email at Info@yairncpa.co.il.

1.6. Use of the Site and/or engaging to receive services from the Company constitutes confirmation that you have read and understood this Policy and that you agree to and accept its terms in full.

1.7. From time to time there may be changes or updates to this Policy, among other things due to changes to the Site or to legislation and regulation. By continuing to use the Site you express your consent to such changes and updates.

1.8. The wording of this Policy is in the masculine for convenience only, and everything stated in it is intended for women and men alike. Anything stated in the singular should be read as if stated also in the plural, as the context requires, and vice versa.

1.9. The headings in this Policy are for reading convenience only.

2. Collection, processing and use of information, and purpose of use

2.1. The Company will collect, process and store any personal information in accordance with this Policy and the provisions of the law applicable to it. The Company will process personal information only for legitimate, defined and explicit purposes, and will not process information in a way incompatible with the purposes for which it was collected.

2.2. The Company will keep personal information confidential in accordance with the law and subject to legal and regulatory obligations or requirements applicable to it.

2.3. In cases where the User is under no legal obligation to provide personal information to the Company, providing such information depends on the User's consent. However, if a User refuses to provide any information, or provides partial or incorrect information, and as a result the Company cannot store or process the information in the ways described in this Policy, the result may be impairment, up to complete prevention, of the Company's ability to act and provide various services to the User. The User may withdraw consent at any time, without affecting the lawfulness of processing carried out on the basis of the consent prior to its withdrawal.

2.4. Types of information the Company processes or may process. The Company processes the following types of information:

2.4.1. Identifying and contact details – name, identification number, contact details (address, phone, email).

2.4.2. Financial information – information about consumption habits, purchasing patterns and interest in services, for the purpose of improving the services offered by the Company to its clients.

2.4.3. Usage and browsing data – location data, times of use, duration and frequency of use, browsing history, IP address, browser type, device characteristics, cookies and pixels, statistical data including Google Analytics, usage data from IT and cloud service providers, information from information-security providers, and data on user behavior and fraud activity.

2.4.4. Information from communication channels – information about the use of the communication channels, satisfaction surveys, feedback and marketing preferences.

2.4.5. Audio recordings – phone calls with the Company may be recorded for the purposes of monitoring, control and improving the quality of the Company's services.

2.5. The Company may collect and store your personal information:

2.5.1. When you provide or enter it while using the Site or the communication channels;

2.5.2. In connection with purchasing the Company's services;

2.5.3. In order to provide services to the User, including customer service;

2.5.4. Information provided and/or entered by you when registering for courses;

2.5.5. Via security cameras installed at the Company's premises for security purposes only, and via an automatic attendance system for recording the arrival and departure of employees or visitors.

2.6. The Company will use the information for the purpose of providing the Company's services and in order to meet its legal, business and contractual obligations, for the following purposes:

2.6.1. To provide services by the Company, including offering additional services;

2.6.2. To manage and provide the services on the Site, including tailoring the browsing experience, maintaining and improving the Site and its content, preventing fraud, operation, security, and detecting fraud and/or any other unlawful activity;

2.6.3. For commercial and statistical purposes, detecting and resolving faults, conducting statistical research and analyses (including user-experience analysis) among other things for the continuous improvement of the services;

2.6.4. To meet obligations as a potential employer to candidates applying to work with us;

2.6.5. To carry out financial transactions relating to payments for the Company's services;

2.6.6. To notify you of changes to our services;

2.6.7. To contact you for the purpose of providing technical assistance, handling faults and the like;

2.6.8. To respond to inquiries, identify problems, faults or errors, and to prevent fraud or other criminal activity;

2.6.9. To provide you with commercial and marketing information about additional services offered by the Company;

2.6.10. To request feedback regarding the use of purchased services;

2.6.11. For compliance and accounting-audit purposes;

2.6.12. Where necessary, we will use the personal information in order to enforce our terms, policies and legal agreements, comply with court orders and assist law-enforcement authorities as required by law, including: to prevent and investigate fraud, trespass, identity theft, crime and money laundering and any other misuse of our services, and to take any action in any dispute and legal proceeding.

2.7. Without derogating from the above, subject to you providing your contact details to the Company and giving your consent to receive direct mailings and marketing messages, including an advertisement as defined in the Communications Law (Telecommunications and Broadcasts), 5742-1982, the Company may send you, from time to time, by email and/or other means of communication you provided, information about its services as well as marketing and promotional information on its behalf. You may cancel your consent at any time and cease receiving such messages (in whole or in part), via an "unsubscribe" button that will appear in the message sent to you or by any other accepted means, including by contacting the Company directly at the contact details set out in section 8 of this Policy. The Company will act to cancel the consent within a reasonable time and no later than 7 business days from receiving the request.

2.8. The information we collect is stored in a database (the "Database"), in accordance with the Protection of Privacy Law, 5741-1981, hosted on the Company's systems, on servers owned or controlled by the Company and/or with reputable server-hosting and data-backup providers, which may also be located outside Israel. The Company ensures that any transfer of information to countries outside Israel will be carried out only to countries with an adequate level of protection under the law, or subject to contractual arrangements ensuring protection equivalent to that set out in Israeli law. Your consent to this Policy also constitutes consent to storing the information outside Israel as stated.

2.9. For the avoidance of doubt, the information is stored in the Company's databases even if the User does not enter into any agreement with the Company, and likewise even if they used the Company's services for a period and stopped, in accordance with the Company's needs and subject to the law applicable to the Company. The policy of retaining information over time is at the Company's discretion in light of the law and its business needs.

2.10. The Company may use processes based on artificial intelligence, including but not limited to generative AI, digital and voice AI agents, advanced analytics tools and machine learning, in order to realize its purposes as set out in this Policy. The use of AI is intended, among other things, for managing, servicing and communicating with clients, operating and improving internal processes, developing and improving services, enhancing the user experience, producing statistical and business insights, detecting fraud attempts or abnormal activity, making decisions related to the terms of joining services and during the service lifecycle (including decisions regarding service pricing, risk assessment and business needs), and for forecasting trends or events. For this purpose the Company may collect and process your personal information, including information obtained from public sources, all in accordance with the applicable law and this Policy.

3. Right to review and correct information

3.1. In accordance with and subject to the Privacy Protection Law, the User has the right to review their personal information provided by them to the Company and stored in the Company's databases, and to correct and/or update their personal information when it is inaccurate or incomplete, subject to the following:

3.1.1. For this purpose you may contact the Company by the means set out in section 8 of this Policy.

3.1.2. Before the Company allows the User to review and/or update incorrect personal information accumulated about them, additional steps may be required, such as verifying the identity of the person making the request and the like. After we receive a request to review information, we will act to provide the requested information within a reasonable time in accordance with the law.

3.1.3. If the User reviewed the information and found it to be incomplete, incorrect or not up to date, they may contact the Company with a request to correct the information or to stop using it, and the Company will act in accordance with the Privacy Protection Law. For caution, it is clarified that the request itself does not obligate the Company to correct or delete the information in accordance with the request.

3.1.4. Please note, without derogating from the above, that some personal information may be excluded from rights of review, correction or deletion under laws concerning insurance, taxation, privacy and data protection.

4. How long we retain the information

4.1. We retain different types of information for different periods, according to the purposes of using and holding it, in order to provide our services, for appropriate purposes and as required by law. The Company implements a data-retention policy based on the principles of minimization and proportionality, and deletes or anonymizes information no longer needed for the purposes for which it was collected. Some personal information may also be retained by our third-party service providers' servers until deleted in accordance with their privacy and data-retention policies.

4.2. Please note that even after you stop using the services or the Site we will continue to keep a copy of your personal details for legal purposes and for documentation and archiving.

4.3. We may retain non-identifying information without limitation. As required, we will delete or remove identifying details from information we no longer need as identifying information. Such information also includes metadata and the statistical information relating to the use of our services.

5. Automatic data collection; use of cookies

5.1. When a user visits the Company's site, technical data is collected automatically, including: IP address, unique device identifier, browser type and version, operating system, screen resolution, device language, access timestamp, source and destination pages, and geographic location data (subject to consent).

5.2. The purposes of collecting this data are improving the security of the services, personalizing the user experience, performing business analytics, preventing fraud and suspicious activity, and complying with regulatory requirements.

5.3. In providing the online services, the Company uses advanced technologies including: Cookies, Web Beacons, Pixels, Local Storage, Session Storage and similar technologies (together: "Cookies"). Cookies are small data files stored on the user's device: Session Cookies, deleted when the browser closes, and Persistent Cookies, retained for longer periods. Cookie details and expiration dates can be viewed through browser settings.

5.4. Classification of cookies by role: Essential cookies – required for the basic operation of the Site. Functional cookies – improve performance and remember preferences. Analytics cookies – enable performance measurement and behavior analysis. Marketing cookies – enable tailoring of advertisements and relevant content.

5.5. The Company uses third-party services including Google Analytics, through which information about users' browsing habits is collected, in accordance with their terms of use and privacy.

5.6. The user can manage cookie preferences through the preferences center on the Site or through browser settings. Disabling certain cookies may affect Site functionality. Regarding cookies originating from and/or by third parties, their removal is subject to their terms of use published on their sites.

5.7. The Company may adopt new tracking technologies to improve the services. Any material change will be brought to users' attention in advance and will include an opt-out option. The Company undertakes to update this Policy in line with technological and regulatory developments.

6. Transfer of information to third parties

6.1. The Company will transfer personal information to third parties only in the cases set out below, while adhering to the principle of the minimum required and subject to appropriate protective measures under the law:

6.1.1. To service providers and business partners – who assist in operating the Company's services, including technology service providers, information-security providers, cloud service providers, service and logistics providers and customer-support providers.

6.1.2. To related companies – subsidiaries, sister companies and affiliated companies, solely for the purpose of providing joint services and subject to identical privacy-protection standards.

6.1.3. To enforcement and supervisory bodies – when the transfer is required to protect vital interests or to prevent harm to the Company, the User or third parties.

6.1.4. Legal obligations – when the transfer is required by law, a judicial order or an instruction of a competent authority.

6.1.5. Breach of obligations – in the event of a material breach of the terms of use or the performance of unlawful acts or an attempt to carry out a material breach or unlawful act.

6.1.6. Legal proceedings – to protect the Company's rights in legal proceedings, arbitration or disputes.

6.1.7. In the event of a merger, acquisition, sale or transfer of the Company's assets, subject to ensuring the continuity of privacy protection.

6.2. Transfer of information abroad – transfer of information outside Israel will be carried out only to countries with an adequate level of protection or subject to contractual arrangements ensuring equivalent protection.

7. Governing law and jurisdiction

This Policy is subject to Israeli law, including the Protection of Privacy Law, 5741-1981, and any relevant regulation or regulatory provision that applies from time to time. In any dispute arising from or related to this Policy, including issues of privacy breach, unauthorized use of information or data-subject rights, exclusive jurisdiction shall lie with the competent courts in Jerusalem.

The Company undertakes to act in accordance with the guidelines of the Registrar of Databases at the Ministry of Justice and the Privacy Protection Authority, insofar as they apply.

8. Contact us

For any inquiry related to this Policy, including exercising your rights under the Privacy Protection Law, you may contact us by the following means: Email: Info@yairncpa.co.il; Regular mail: 12 HaTnufa St, Jerusalem; Phone: 077-420-1002 (business days, 08:30–16:00).

We undertake to handle your inquiry as soon as possible, and if necessary we will update you on the progress. In urgent cases related to a data-security breach, we will act to handle it immediately.