Privacy Notice for Navigator

Version: 1.0  |  Effective Date: December 13, 2025

2. Categories of Personal Data We Process

2.1 Account Data

When you create an account, we process:

• Email address (required for authentication and communication)
• First name and last name (for display and identification)
• User role (Consultant, Customer Admin, or Member)
• Account creation and last login timestamps

2.2 Organisational Data

For customer organisations, we process:

• Organisation name and description
• Business address (street, postal code, city, country)
• VAT identification number (where applicable)
• Preferred language for communications
• Team member associations and roles

2.3 Log Entry and Report Content

The core function of Navigator involves processing:

• Daily log entries created by users (work notes, observations, reflections)
• Weekly reports and AI-generated summaries
• Translations of log entries and reports
• Historical log archives

2.4 Billing and Invoice Data

For commercial relationships, we process:

• Billing name and address
• Invoice details and payment references
• Product subscriptions and purchase history
• Banking/payment information for invoicing (IBAN, bank name)

2.5 System and Login Metadata

For security and operational purposes, we process:

• Authentication timestamps
• Session management data (via secure cookies)
• Server access logs (IP addresses, request timestamps) for security monitoring

4. AI-Assisted Text Processing

Navigator uses artificial intelligence to generate weekly summary reports from daily log entries and to provide text polishing and translation features. AI processing is optional and user-initiated—data is only sent when you explicitly trigger an AI feature.

4.1 AI Provider

We use OpenAI, L.L.C. (San Francisco, California, USA) as our AI processing provider:

• Service: OpenAI API (GPT models)
• Role: Service provider acting under our instructions
• Agreement: OpenAI Data Processing Addendum (DPA)

4.2 What Data Is Sent

• Only the specific text content you select for processing (log entries, drafts)
• For weekly reports: the log entries from the reporting period
• No account credentials, email addresses, or metadata are sent

4.3 Purpose of Processing

• Weekly reports: Summarizing daily log entries into actionable insights
• Text polishing: Improving clarity and readability of written content
• Translation: Converting content between supported languages

4.4 Data Retention by AI Provider

OpenAI's API data usage policy states that API inputs and outputs are not used to train models and are retained for a maximum of 30 days for abuse monitoring, after which they are deleted. For details, see OpenAI Enterprise Privacy and their API Data Usage Policies.

6. Data Retention

We retain personal data only as long as necessary for the purposes described, or as required by law:

• Active account data: Retained while your account is active; deleted 30 days after account closure (except billing records)
• Log entries and weekly reports: Retained while your organisation's subscription is active; exportable on request
• Invoices and billing records: Retained for 10 years after creation (tax/legal requirements); not deleted during account termination
• Authentication tokens: Magic link tokens deleted after use or expiry (2 hours); JWT session cookies expire after 7 days
• AI chat conversations: Automatically deleted daily; chat history is not retained beyond 24 hours
• Server logs: Retained for up to 90 days for security monitoring, then automatically deleted

6.1 Who Controls Deletion

Data deletion is controlled as follows:

• Individual users: May edit or delete their own log entries at any time
• Customer Admins: Responsible for managing organisational data and may request bulk deletion of organisation data
• Account termination: Users or Customer Admins may request account/organisation termination by contacting privacy@caimito.net

6.2 Post-Termination Handling

Upon account or organisation termination:

• You have 30 days to request an export of your data in a machine-readable format
• After 30 days, the following data will be permanently deleted: user profiles, log entries, weekly reports, and organisation data
• The following data will be retained for legal compliance: invoices and billing records (10 years per tax law)
• When an organisation terminates, all associated member accounts and their data are included in the termination process

7. Recipients and Subprocessors

We share personal data only with the following categories of recipients, acting as service providers under our instructions. For the complete and current list, see our Subprocessor & Vendor List.

7.1 AI Service Provider

• OpenAI, L.L.C. – Processes log entry content for weekly report generation and translation features. Subject to their data processing agreement and API data usage policies.

7.2 Self-Hosted Operations

Apart from OpenAI, Navigator does not engage any third-party subprocessors. All other platform operations—including hosting, database storage, authentication, and email delivery—are operated directly by Navigator on infrastructure we control.

We do not sell, rent, or share your personal data with third parties for their own marketing purposes. All data you provide and generate belongs to your organisation as represented by the customer administrator. No third-party analytics, tracking, advertising, or social media services are used.

10. Cookies and Similar Technologies

Navigator uses only strictly necessary cookies required for the service to function. These cookies are essential for authentication and security—without them, the service cannot operate.

10.1 Cookies We Use

10.2 Classification

All cookies used by Navigator are classified as strictly necessary. They are required for:

• Authenticating users and maintaining secure sessions
• Preventing unauthorized access to your account
• Preserving your language selection during sign-up

10.3 What We Do NOT Use

Navigator does not use:

• Analytics cookies (no Google Analytics, Matomo, or similar)
• Advertising or marketing cookies
• Third-party tracking cookies
• Social media tracking pixels or widgets
• Cross-site tracking technologies
• Fingerprinting or any other user-identification techniques beyond authentication

10.4 No Consent Banner Required

Because Navigator uses only strictly necessary cookies that are essential for the service to function, no cookie consent popup or banner is required. This transparency disclosure serves as your complete cookie information.

11. Sensitive Information

11.1 Nature of Log Entries

Navigator's daily log feature allows users to enter free-text notes about their work activities. Because these entries are unstructured, they may potentially contain personal information beyond what is necessary for professional work logging.

11.2 Not Intended for Sensitive Data

Navigator is designed for professional work logging and reporting. We do not intentionally collect or process sensitive personal information such as:

• Health information (physical or mental health conditions, medical treatments)
• Racial or ethnic origin
• Political opinions
• Religious or philosophical beliefs
• Trade union membership
• Genetic or biometric data

Navigator is not intended as a platform for processing such data. Users should avoid entering sensitive personal information in their log entries.

11.3 User Guidance

To help protect privacy:

• Focus on professional activities: Log entries should concentrate on work-related observations, project progress, technical challenges, and business interactions.
• Avoid sensitive details: Do not include health status, medical appointments, personal beliefs, or other sensitive information.
• Minimize personal identifiers: Where possible, avoid including unnecessary personal details about colleagues or third parties.
• Review before submitting: Consider whether your entry contains any information that would not be appropriate in a professional work log.

11.4 If Sensitive Data Is Entered

If sensitive data is incidentally entered into a log entry:

• Users may edit or delete their own entries to remove such information.
• Organization administrators are responsible for monitoring appropriate use within their organization.
• You may contact us at privacy@caimito.net to request removal of specific data.

11.5 Security Protections

All free-text log entries—regardless of their content—receive the same robust security protections described in Section 12 (Data Security), including:

• Encryption in transit and at rest
• Role-based access controls
• Secure cloud infrastructure

Navigator does not perform automated categorization, profiling, or special analysis of log entry content. We treat all log content uniformly from a security and storage perspective.

11.6 Organizational Responsibilities

Customer organizations are responsible for:

• Providing appropriate guidance to their members about what information should or should not be entered into logs
• Ensuring their use of Navigator aligns with their own data protection policies and legal obligations
• Monitoring and managing the content created by their team members

12. Data Security

We implement appropriate technical and organisational measures to protect your personal data:

• Encryption in transit (TLS/HTTPS for all connections)
• Encryption at rest for stored data
• Passwordless authentication reducing credential theft risk
• Role-based access controls limiting data visibility
• Regular security updates and monitoring
• Secure cloud infrastructure with industry-standard certifications

No method of transmission or storage is 100% secure. If you have concerns about a security issue, please contact us immediately at privacy@caimito.net.

13. Children's Privacy

Navigator is a professional service not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.

14. Changes to This Privacy Notice

We may update this privacy notice to reflect changes in our practices or legal requirements. Material changes will be communicated via email to organisation administrators. The effective date indicates when this version became active.

Continued use of Navigator after changes take effect constitutes acceptance of the updated notice. We encourage you to review this notice periodically.

15. Contact Information

For questions about this privacy notice or to exercise your data protection rights:

Privacy Contact:
Email: privacy@caimito.net

General Inquiries:
Email: info@caimito.net

16. Reporting Illegal or Abusive Content

We take the safety of our platform seriously. If you encounter any illegal, abusive, or harmful content on Navigator, or if you believe your personal data has been misused, please report it immediately.

Abuse Reports: abuse@caimito.net
Privacy Concerns: privacy@caimito.net

For complete details on our abuse reporting procedures, what to report, and how we respond, please see Section 19 of our Terms and Conditions.

Zero Tolerance: Navigator maintains a zero-tolerance policy for illegal content, including child sexual abuse material (CSAM). Confirmed illegal content will result in immediate action and reporting to authorities.

17. Version History

This section documents all versions of this privacy notice. Material changes will be announced on this page and, where appropriate, communicated via email to organization administrators.

Version 1.0 — Effective December 13, 2025

Initial publication

• Established standalone privacy notice for Navigator
• Documented all categories of personal data processed
• Disclosed AI processing via OpenAI
• Documented data storage and retention periods
• Detailed privacy rights and contact procedures