Privacy Policy

1. Data Controller

Navero App, a eenmanszaak registered in the Netherlands, acts as the data controller for personal data processed through our platform unless explicitly stated otherwise.

Registered address: Pompenburg 384, Rotterdam, the Netherlands. KvK number: 99925451. VAT number: NL005418730B96.

2. Data We Process

• Account and profile data (such as email address and authentication data).
• Portfolio-related data you provide or authorize us to import.
• Technical and usage data (such as device, browser, logs, and diagnostics).
• Support communications and issue reports.

3. Legal Bases

We process personal data on one or more legal bases: performance of a contract, legitimate interests, legal obligations, and consent where required.

4. Purposes of Processing

• To provide and secure the service.
• To import, organize, and display portfolio information.
• To communicate service updates and support responses.
• To improve reliability, usability, and fraud prevention.
• To comply with legal and regulatory obligations.

5. Sharing of Data

We may share data with processors and service providers that support hosting, communications, customer support, analytics, and billing operations (including Paddle for subscription and payment processing) under appropriate contractual safeguards.

We do not sell personal data.

We may disclose data when legally required or to protect rights, security, and platform integrity.

6. International Transfers

If personal data is transferred outside the European Economic Area, we apply appropriate safeguards, such as adequacy decisions or Standard Contractual Clauses.

7. Retention

We retain personal data only as long as necessary for the purposes described in this policy, including legal, accounting, and security obligations.

Account and portfolio data are generally retained while your account is active and for up to 12 months after account closure, unless a shorter or longer period is required by law.

Billing and tax records are retained for statutory periods that apply to us (for Dutch tax administration purposes, this is commonly up to 7 years).

Security and operational logs are retained for up to 12 months unless extended retention is required for incident investigation or legal obligations.

Encrypted backups are retained on a rolling basis for up to 35 days before automatic deletion or overwrite.

8. Your Rights

• Access, rectification, erasure, and data portability.
• Restriction of processing and objection to processing based on legitimate interests.
• Withdrawal of consent where processing is based on consent.
• Where available, data portability exports can be requested through in-product self-service downloads (CSV and JSON formats).
• Deletion requests are handled without undue delay and, in normal cases, within 30 days, subject to legal retention obligations.
• Lodging a complaint with a supervisory authority, including the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

9. Security

We use technical and organizational security measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction.

These measures include encryption in transit, access controls based on least privilege, monitoring, and security hardening for production systems.

No method of transmission or storage is completely secure, but we continuously work to reduce risk and respond quickly to incidents.

10. Cookies and Similar Technologies

We use cookies or similar technologies necessary for service functionality and security. Where legally required, non-essential cookies are used only with valid consent.

11. Contact

For privacy requests or questions, contact Navero App at support@navero.app.