Privacy Policy

How we handle your data.

This page is maintained by Nava AI to explain how we approach data privacy, ownership, and security for the AI workflows we design and deploy. It is not legal advice or a certification. If you need a signed Data Processing Agreement or specific legal terms, please contact us.

Client ownership and control

You retain ownership of all data that flows through the systems we build for you. Our default engagement model is to design and deploy AI workflows inside infrastructure that you control. We do not claim rights over your data, outputs, or models trained on your information.

Ring-fenced infrastructure

Workflows are typically deployed in dedicated, ring-fenced AWS environments provisioned for your organisation. Encryption keys and administrative credentials are handed to you, so the system operates under your account and your access policies.

This separation means your data is not commingled with other clients, and the underlying infrastructure is not shared in a way that would let Nava or another party access your information without explicit authorisation.

We do not keep or store client data by default

Unless specifically agreed in writing, Nava does not retain, store, or copy client data outside the environment we deploy for you. We design systems so that data is processed where it lives and deleted according to your retention rules.

Any exception — for example, temporary diagnostic data, training examples, or support logs — is agreed with you in advance, scoped, time-limited, and governed by the same ownership and confidentiality principles.

Admin access

You hold admin access to the deployed systems and the data inside them. You can review, export, modify, and delete data according to your own policies and procedures. We do not create hidden backdoors or retain secondary administrative access without documented consent.

What we may collect on this website

This public site may collect standard technical information through your browser, such as IP address, browser type, device information, and pages visited. This is used to understand site usage and improve performance. We do not sell personal data or use it for unrelated advertising.

If you submit information through a contact form, booking link, or email, we use it only to respond to your inquiry and manage the resulting conversation. We do not add you to marketing lists without explicit consent.

AI services and third-party models

Some AI workflows use third-party language, document, or embedding models. We select providers and model configurations based on the sensitivity of your data and your contractual requirements. Where appropriate, we configure models so that inputs are not used to train third-party foundation models.

Specific provider terms and data-processing arrangements are disclosed and agreed during implementation, not buried in a generic policy.

Security and access

We follow security practices appropriate to the sensitivity of the systems we build: least-privilege access, encrypted data in transit and at rest, audit logging, and regular review of dependencies and configurations. The exact controls are tailored to each deployment and documented in the relevant project agreement.

Retention and deletion

Data retention is governed by your requirements and the environment you control. When an engagement ends, data is deleted or handed back to you according to the agreed exit plan. Nava does not keep copies unless a separate support, backup, or escrow arrangement has been explicitly approved.

Changes to this policy

We may update this policy to reflect changes in our practices, technology, or applicable regulations. The latest version will always be available at this URL with a revised effective date.

Contact us

If you have questions about this privacy policy, your data, or a specific engagement, please contact us at coleddofficial@gmail.com or aroransh17@gmail.com.

Last updated: July 15, 2026.