Last updated: 7 July 2026
Navos AI, Inc. is the controller for personal data processed in Navos customer workspaces and related product communications. Contact us at contact@navos.ai.
EU representative: to be appointed. Until that appointment is complete, EU privacy questions and rights requests should be sent to the contact address above.
We do not sell personal data. We use service providers to operate the product, including infrastructure, authentication, observability, analytics, email delivery, and AI model/API services. A current product subprocessor register is published at /subprocessors.
Where personal data is transferred internationally, we use an appropriate transfer mechanism for the transfer, such as standard contractual clauses, the UK addendum, or a Data Privacy Framework certification where applicable.
| Data | Retention |
|---|---|
| Account and workspace records | For the customer relationship, then as needed for legal, audit, and security records. |
| AuthEvent logs | 395 days. |
| Sessions | Until expiry, logout, replacement, or security-driven revocation. |
| Share-link recipient records and notes | Until link expiry, usually 30 days, then purged by scheduled maintenance. |
| Reader-engagement events | 395 days. |
| Anonymous PostHog product analytics | Retained while needed for product analytics and reviewed at least annually. |
Depending on where you are located, you may have rights to access, correct, delete, restrict, object to, or receive a copy of personal data about you. For EU users, this includes rights under Articles 15 to 22 of the GDPR. Send requests to contact@navos.ai.
We use technical and organisational controls described on the Security page. We may update this notice as the product, law, or our operations change, and will update the date above when we do.