Navode — Privacy Policy (Comprehensive Draft)

Effective Date: November 4, 2025
Last Updated: November 4, 2025

This Privacy Policy is designed to align with modern privacy laws (Colorado Privacy Act, CCPA/CPRA, GDPR/UK‑GDPR). Local supplements may apply.


1) Scope & Controller

This Policy applies to personal information processed by Navode when you use our websites, apps, APIs, and related Services. For GDPR/UK‑GDPR, Navode is the data controller for personal data we determine the purposes and means of processing.


2) Information We Collect

  • Account & identifiers: name, email, username, phone (optional), password hashes, profile photo (optional).

  • Contact & communications: messages sent to us (support, partnerships), marketing preferences.

  • Trip & content data: saved places, notes, addresses, itineraries, lists, photos/media you upload, captions.

  • Location data: approximate (IP/region) and precise GPS/browser location only with your explicit permission; revoke via device/browser settings.

  • Usage & device data: IP, device/OS/browser, pages/screens viewed, timestamps, clickstream, language, time zone, crash logs.

  • Telemetry & identifiers: cookies, local‑storage values, SDK/app identifiers.

  • Transactional & billing: subscription plan, payment tokens, invoices/receipts, tax information (processed by Stripe; no full card storage).

  • Partner & campaign: referral/affiliate IDs, UTMs, conversion events, payout and reconciliation data (aggregated/pseudonymous where possible).

  • Support artifacts: screenshots/logs you voluntarily share for troubleshooting.

  • Public and third‑party content: curated/linked data from government pages, local tourism sites, forums, and mapping providers.

We do not intentionally collect sensitive categories (e.g., precise health, biometric templates, government IDs) unless you provide them for a specific purpose and consent is required by law.


3) Sources of Information

Directly from you; automatically via cookies/SDKs; from processors/service providers (Backblaze, Stripe, Supabase, Framer, Mapbox, Google Maps Platform); from public sources and user‑generated content.


4) How We Use Information

  1. Provide core functionality (accounts, trip saving, maps, search, localization).

  2. Operate, secure, and debug (monitoring, abuse/fraud prevention, incident response).

  3. Improve & personalize (feature development, ranking, relevance of nearby items).

  4. Communicate (service notices, support, marketing where permitted).

  5. Process payments & subscriptions (billing, taxes, receipts, fraud prevention).

  6. Run sponsorships, affiliates, referrals (attribution, reconciliation, partner reporting).

  7. Comply with law and enforce Terms.

Legal bases (GDPR): contract; legitimate interests (product improvement, security, minimal analytics); consent (precise location, certain cookies/marketing); legal obligations.


5) Cookies, SDKs & Similar Technologies

  • Necessary: authentication, session continuity, security.

  • Functional: preferences (language, units, accessibility).

  • Analytics/performance: aggregated usage patterns, crash diagnostics.

  • Marketing/attribution: only where permitted with appropriate disclosures/choices.

Control via browser/app settings and (where required) a cookie banner or preference center. Disabling some cookies may limit features.


6) When We Share Information

  • Service providers/processors: Backblaze (storage), Stripe (payments), Supabase (auth/platform), Framer (hosting), Mapbox (maps/tiles/geocoding), Google Maps Platform (maps/places/geocoding/routing).

  • Sponsors/affiliates/referrals: limited attribution and performance metrics (aggregated where possible).

  • Other users: if you post public content or share an itinerary/link.

  • Legal & safety: to comply with laws or protect rights/safety.

  • Business transfers: mergers, acquisitions, or asset sales (with continued protection under this Policy).

We do not sell your personal information for money. Where laws define “sale”/“sharing for targeted advertising,” you may opt out via settings where provided.


7) International Data Transfers

We may process data in the U.S. and other countries. For EEA/UK/Switzerland, we rely on safeguards (e.g., Standard Contractual Clauses) and supplementary measures where necessary.


8) Data Retention

We retain personal information as long as necessary to provide the Services, comply with law, resolve disputes, and enforce agreements. Examples: account data (life of account + short grace period), transactions (per tax/accounting laws), logs/analytics (rolling windows like 12–24 months unless needed longer for security/legal reasons).


9) Security Measures

Administrative, technical, and physical safeguards appropriate to sensitivity (access controls, encryption in transit, secure development practices). If we learn of a breach affecting your personal information, we’ll notify you and regulators as required and follow our incident‑response procedures.


10) Your Rights & Choices

Depending on your region (e.g., CO/CA, EEA/UK), you may have rights to access, correct, delete, port, opt out of targeted advertising/sale/profiling for significant effects, restrict/object, withdraw consent, and appeal a denied request (CO).
How: Email help.navode@gmail.com with subject “Privacy Request.” We may verify identity; you may use an authorized agent (where permitted).


11) Children’s Privacy

Not directed to children under 13 (or minimum age of your jurisdiction). If we learn we collected data from a child without appropriate consent, we will delete it.


12) User‑Generated Content; Public Areas

Public posts (reviews, photos) may be viewed by others and indexed by search engines. Avoid sharing sensitive info publicly. Removal requests will be honored where feasible; copies may persist in backups or where others saved them.


13) Communications Preferences

Transactional emails are required. Marketing emails: opt out via unsubscribe/settings. Push/SMS: consent where required; opt out via device/app settings or provided instructions.


14) Automated Decision‑Making & Profiling

We do not use automated decision‑making that produces legal or similarly significant effects without human involvement. We may use personalization (e.g., sorting nearby places); you can limit this by withholding precise location/or turning off certain features.


15) Do Not Track & Global Privacy Control (GPC)

Industry standards are evolving; where legally required, we honor valid GPC signals for opt‑out preferences.


16) Region‑Specific Notices

  • California (CCPA/CPRA): rights to know, delete, correct, opt out of sale/sharing; no discrimination for exercising rights.

  • Colorado (CPA): rights to access, correct, delete, portability, opt out of targeted advertising/sale/profiling; appeal by replying “Appeal” to our response.

  • EEA/UK (GDPR/UK‑GDPR): data subject rights; right to lodge a complaint with your supervisory authority.


17) Third‑Party Sites & Services

Linked or integrated services (e.g., Mapbox/Google Maps) have their own privacy practices; review their policies before use.


18) Changes to This Policy

We’ll update this Policy as laws and our Services evolve. Material changes will be noticed reasonably (banner, email, or in‑product). Continued use after the Effective Date constitutes acceptance.


19) Contact Us

Email: help.navode@gmail.com
Include your name, region, request type, and enough information for us to identify your account or interaction with Navode.


Appendix A — Data Subject Request (DSR) Workflow

  1. Receive request; timestamp and assign ID.

  2. Verify identity/agent authorization.

  3. Classify (access, delete, correct, opt‑out, portability, appeal).

  4. Fulfill within statutory timelines (e.g., 45 days in CA/CO; extend if permitted).

  5. Log action and response; keep minimal audit record.

  6. If denied, provide reason and appeal instructions (where required).

Appendix B — Incident Response Snapshot

Detect/triage → contain/eradicate → recover/monitor. Assess scope and risk; notify affected users/regulators as required; run a post‑mortem and improve controls/training.

Appendix C — Subprocessors & Partners

Current core providers (subject to change):

  • Backblaze B2 — object/file storage for user uploads and service assets.

  • Stripe — payment processing, subscription management, invoicing, fraud tools.

  • Supabase — authentication, session/token handling, and platform services.

  • Framer — hosting and content delivery for web properties.

  • Mapbox — maps/tiles, geocoding, routing/isochrones (where enabled); attribution required.

  • Google Maps Platform — maps/places/geocoding/routing (where used); attribution required.

Other categories (examples): Cloud hosting/CDN; Analytics/Crash reporting; Email/SMS; Customer support; Security/anti‑abuse; Sponsorship/affiliate platforms; Logging/observability; Error tracking.

Appendix D — Cookie Categories

  • Necessary: session_auth, csrf_token

  • Functional: locale_pref, units_pref

  • Analytics: app_events, page_view

  • Marketing/attribution: ref_code, campaign_id

Appendix E — Arbitration Details

AAA Consumer Arbitration Rules; 1 arbitrator; English; Denver, CO; each party bears its own fees unless the arbitrator allocates otherwise under applicable law.