Privacy Policy

Navochat ("we," "us," or "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

This policy applies globally and is designed to comply with applicable data protection laws, including but not limited to the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Personal Information Protection Law of the People's Republic of China (PIPL), the Personal Information Protection Act of the Republic of Korea (PIPA), and Japan's Act on the Protection of Personal Information (APPI).

We may collect the following types of information:

Account Information: Name, email address, company name, phone number, and billing details when you create an account.

Service Usage Data: Chat transcripts, knowledge base interactions, AI agent responses, customer satisfaction metrics, and configuration settings.

Technical Data: IP address, browser type and version, operating system, device identifiers, cookies, and analytics data.

Communication Data: Any messages, files, or content you send through or receive via our platform.

Third-Party Integrations: Data from services you connect to Navochat, such as help desks, CRMs, or APIs.

We use your information to:

- Provide, maintain, and improve our services

- Train and enhance our AI models to deliver better customer support

- Process transactions and send related information

- Send you technical notices, updates, security alerts, and support messages

- Respond to your comments, questions, and requests

- Monitor and analyze trends, usage, and activities

- Detect, prevent, and address technical issues and fraud

- Comply with legal obligations and enforce our terms

For users in the European Economic Area (EEA), we process personal data based on:

- Consent: When you have given clear consent for a specific purpose

- Contract: Processing necessary to perform our contractual obligations

- Legitimate Interests: Processing based on our legitimate business interests, provided your rights do not override these interests

- Legal Obligation: Processing required to comply with applicable laws

We do not sell your personal data. We may share your information with:

- Service Providers: Third-party vendors who assist in operating our platform (e.g., cloud hosting, payment processing, analytics)

- Business Transfers: In connection with a merger, acquisition, or sale of assets

- Legal Requirements: When required by law, court order, or governmental regulation

- Protection of Rights: To protect the rights, property, or safety of Navochat, our users, or the public

All third-party processors are contractually bound to protect your data and process it only on our instructions.

Your data may be transferred to and processed in countries other than your own. When we transfer data internationally, we implement appropriate safeguards including:

- Standard Contractual Clauses (SCCs) approved by the European Commission

- Data Processing Agreements with all sub-processors

- Binding Corporate Rules where applicable

- Compliance with relevant cross-border transfer mechanisms under PIPL, PIPA, and APPI

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws. Account data is retained for the duration of your account. Usage data is retained for up to 24 months. You may request deletion of your data at any time.

Depending on your jurisdiction, you may have the following rights:

- Access: Request a copy of your personal data

- Rectification: Correct inaccurate or incomplete data

- Erasure: Request deletion of your data ('Right to be Forgotten' under GDPR)

- Portability: Receive your data in a structured, machine-readable format

- Restriction: Limit how we process your data

- Objection: Object to processing based on legitimate interests

- Opt-Out: Under CCPA, you have the right to opt out of the sale of your personal information (we do not sell personal data)

- Withdraw Consent: Where processing is based on consent, you may withdraw it at any time

To exercise these rights, contact us at [email protected]. We will respond within the timeframe required by applicable law.

We implement industry-standard security measures including encryption in transit (TLS 1.3) and at rest (AES-256), access controls, regular security audits, and incident response procedures. However, no method of transmission or storage is 100% secure.

Our services are not intended for children under 16. We do not knowingly collect personal data from children. If you believe we have collected such data, contact us immediately.

Navochat uses artificial intelligence to power customer support interactions. Data submitted to our platform may be processed by AI models to generate responses. We implement measures to:

- Minimize personal data exposure in AI training

- Allow customers to control whether their data is used for model improvement

- Ensure AI outputs do not reproduce personal data of other users

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through a notice on our platform at least 30 days before the changes take effect.

For privacy-related inquiries, contact:

- Email: [email protected]

- Data Protection Officer: [email protected]

- EU Representative: As required under Article 27 of the GDPR

We are committed to resolving complaints about our collection and use of your personal data.

Navochat offers Google sign-in for user convenience and account security. This section explains how we handle data received from Google.

Data We Access: When you sign in with Google, we access your basic profile information: name, email address, and profile picture.

How We Use Google Data: We use this information solely for creating and authenticating your Navochat account. We do not access, read, modify, or store any data from your Gmail, Google Drive, YouTube, or any other Google service beyond the basic profile information listed above.

Data Sharing: We do not sell, transfer, or share your Google profile data with any third party, except as required to provide the Service (e.g., cloud hosting) or as required by law.

Data Deletion: You may disconnect your Google account at any time through your account settings. Upon disconnection, Google-sourced profile data will be removed from our systems within 30 days, unless retention is required by law.

Navochat's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only use Google data for the purpose of user authentication and account management. We do not use Google data for advertising, machine learning (unless explicitly opted in), or human review of user content.

You can review Google's privacy policy at https://policies.google.com/privacy and manage your connected apps at https://myaccount.google.com/connections.