Naveroo

Privacy Policy

Effective May 5, 2026

This Privacy Policy explains how Naveroo ("we", "us", "our"), operated by Naveroo, collects, uses, and protects information when you use the Naveroo website and service (the "Service"). By using the Service you agree to the practices described here.

1. Information we collect

We collect the following categories of information:

  • Account information. When you create an account we collect your name, email address, and a hashed password. If you sign in with Google, we receive your name, email, and Google account ID from Google.
  • Trip content. Information you add to the Service, including trip names, dates, destinations, activities, accommodations, transportation, costs, notes, tasks, packing lists, and any files you upload as attachments.
  • Location data. Place names and addresses you enter, and coordinates returned by Google Places when you use the autocomplete features. We do not access your device's GPS.
  • Usage and technical data. Server logs containing IP address, browser type, pages visited, and timestamps, used for security and reliability.
  • Cookies. A session cookie used to keep you signed in. We do not use advertising or third-party tracking cookies.

2. How we use information

We use the information above to:

  • Provide, operate, and maintain the Service;
  • Authenticate you and keep your account secure;
  • Generate AI activity recommendations when you request them;
  • Display maps, places, and directions related to your trips;
  • Diagnose problems, prevent abuse, and improve the Service;
  • Communicate with you about your account, security, or material changes to the Service;
  • Comply with legal obligations.

3. Sharing your information

We do not sell your personal information. We share information only in the following limited circumstances:

  • Service providers. We use third parties to operate the Service. They process information on our behalf under contractual safeguards:
    • Anthropic — generates activity recommendations from the prompts and trip context you submit.
    • Google — Maps, Places, and (if used) Sign-in.
    • Our hosting provider — stores the database, files, and logs needed to run the Service.
  • Public share links. When you choose to share a trip, anyone with the link can view the trip's contents in read-only mode. You can revoke a share link at any time from the trip page; revoking invalidates the link for future visits.
  • Legal compliance. We may disclose information if required by law, legal process, or to protect the rights, property, or safety of our users or others.
  • Business transfers. If we are involved in a merger, acquisition, or sale of assets, your information may transfer as part of that transaction. We will notify you and any successor will be bound by this Policy.

4. AI recommendations

When you use the activity recommendation feature, the prompts and relevant trip context you submit are sent to Anthropic's Claude API to generate suggestions. Recommendations are generated on demand and are not used to train Anthropic's models. AI output may be inaccurate or outdated; verify details before relying on them.

5. Data retention

We keep your account and trip data for as long as your account is active. If you delete your account, we delete your trips, attachments, and account data within 30 days, except where we must retain limited records to comply with legal obligations or resolve disputes. Backup copies are overwritten on a rolling basis and purged within 60 days of deletion.

6. Your rights

Depending on where you live, you may have the right to: access the personal information we hold about you; correct inaccurate data; delete your account and associated data; export a copy of your data; object to or restrict certain processing; and lodge a complaint with your local data protection authority.

To exercise these rights, email contact@naveroo.com. We will respond within the timeframes required by applicable law (typically 30 days). Account deletion can also be performed directly from your account settings.

7. Security

We protect data in transit with HTTPS, store passwords as one-way hashes, and restrict access to production systems. No method of transmission or storage is 100% secure. If we discover a security incident affecting your data, we will notify you and any required authorities consistent with applicable law.

8. International data transfers

Our service providers (including Anthropic and Google) may process information in the United States and other countries that may not have the same data protection laws as your jurisdiction. We rely on standard contractual clauses and the providers' own safeguards as the legal basis for those transfers.

9. Children

The Service is not directed to children under 13 (or under 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us at contact@naveroo.com and we will delete it.

10. Changes to this Policy

We may update this Policy from time to time. The "Effective" date at the top reflects the latest version. If changes are material, we will notify you by email or in-product notice before they take effect.

11. Contact us

Questions about this Policy or our privacy practices? Reach out to contact@naveroo.com.