Navelo
Products Why Navelo Status Contact Contact us
Legal · Privacy

Privacy Policy

How Navelo collects, uses and protects personal data — across the public website and Navelo SaaS products.

Last reviewed 2026-06-07.

01Who we are

Navelo (the "Company", "we", "us") operates the website at navelo.io and the SaaS products offered through it. Navelo is in the process of being incorporated as an EU-based legal entity. Until that process is complete, contracts are entered into directly with the founder; the registered company name and registration number will be inserted into this policy once available.

02Scope of this policy

This policy describes how we handle personal data collected through the public navelo.io website and through general business communication with prospects, customers and partners. Personal data processed inside an individual Navelo product (for example, end-user data inside CareFlow) is covered by that product's own privacy notice and by the Data Processing Agreement entered into with the customer.

03What we collect

  • Inquiry information — your name, email, company name and the contents of any message you send us.
  • Technical logs — IP address, user agent, request timestamp and request path, retained for limited periods.
  • Product data — when you use a Navelo SaaS product, the data you and your end-users provide, handled under the applicable product terms and DPA.

04Why we use it

  • To respond to inquiries and follow up on commercial discussions.
  • To operate, secure, monitor and improve the website and our products.
  • To meet legal, accounting and contractual obligations.

05Legal basis (GDPR)

Where GDPR applies, we rely on: your consent (where applicable), the performance of a contract or pre-contract steps you have requested, our legitimate interest in operating and securing our services, and compliance with legal obligations.

06Sharing of personal data

We do not sell personal data and we do not share it for cross-context advertising. We share personal data only with infrastructure providers strictly necessary to operate the service (hosting, transactional email, AI model providers), and only as needed to deliver what you have asked us to deliver, or as required by law.

07International transfers

Where personal data is transferred outside the EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses with the receiving party.

08Retention

We keep personal data only as long as needed for the purposes described above, to meet a legal obligation, or to defend or pursue a legal claim. Inquiry messages are typically retained for up to 24 months unless an ongoing commercial relationship justifies a longer period.

09Your rights

You have the right to request access to, correction of, deletion of, or restriction of the processing of your personal data, and the right to data portability where applicable. To exercise these rights, contact us at hello@navelo.io. You also have the right to lodge a complaint with your local data-protection authority.

10Security

We apply reasonable technical and organizational measures appropriate to the risk, including encrypted transport (HTTPS), access control on administrative interfaces, audit logging, and segregation between customer tenants in our products.

11Changes

We may update this policy as the company grows and as legal requirements evolve. Material changes will be reflected by updating the "Last reviewed" date at the top of this document.