Privacy Policy

• Account & authentication. Your email address and a password, used to create your account and sign you in. Passwords are stored only as a secure one-way hash — never in plain text — and your session is maintained with secure tokens.
• Financial account data (via Plaid). When you connect a financial institution, our data provider Plaid securely retrieves account details, balances, investment holdings, and transactions on your behalf. We store the data needed to power the product (account names, balances, holdings, transactions) and an encrypted access token. We never see or store your bank login credentials — you enter those directly with your institution through Plaid.
• Information you provide. Optional profile details you choose to enter (e.g. investing goals, risk tolerance, tax context, manually-added assets) to personalize insights.
• Usage & technical data. Basic, security- and reliability-related logs (e.g. request and error logs). These do not contain your access tokens or credentials.

• Provide the core product: net worth, holdings, allocation, cash flow, and insights.
• Authenticate you and keep your account secure.
• Generate optional AI-assisted portfolio insights at your request (see §5).
• Send transactional email you ask for (e.g. account or alert notifications).
• Operate, debug, and improve the service.

We do not sell your personal or financial information, and we do not use your financial data for advertising.

Navis uses Plaid to connect to your financial institutions. When you link an account, you authenticate directly with your institution through Plaid; your credentials are never shared with Navis. Plaid’s handling of your information is governed by the Plaid End User Privacy Policy. We request read-only access to the Transactions and Investments products only — Navis cannot move money or make payments.

We share information only with the service providers (“subprocessors”) needed to run Navis, and only as much as each needs:

We may also disclose information if required by law, or to protect the rights, safety, and security of Navis and its users.

If you use the optional “Ask Navis” AI advisor, we send derived portfolio context (for example, security tickers, allocation weights, and totals) to our AI provider to generate your answer. We do not send your access tokens, login credentials, account numbers, or personal identifiers. AI output is for educational and informational purposes and is not financial, investment, or tax advice.

We keep your information only while your account is active. You can disconnect any linked institution at any time — doing so revokes Navis’s Plaid access token and deletes the associated data. You can also permanently delete your entire account and all associated data yourself at any time from Settings → Delete account (this disconnects your institutions from Plaid and removes your data and login), or by contacting us at privacy@usenavis.com. Deletion is prompt, subject to any legal retention obligations. Backups are rotated on a short schedule.

• All data is encrypted in transit (TLS).
• Data at rest is encrypted by our database provider, and sensitive access tokens are additionally encrypted with AES-256-GCM at the application layer, with the encryption key held outside the database.
• Access to production data is restricted and least-privilege.
• Your bank credentials are never transmitted to or stored by Navis.

No method of storage or transmission is 100% secure, but we work to protect your information using industry-standard safeguards.

• Access & correction: view and edit your profile and accounts in-app.
• Disconnect: unlink any institution at any time from the Accounts page.
• Deletion: permanently delete your entire account from Settings → Delete account, or request it via privacy@usenavis.com.

Depending on where you live, you may have additional rights (e.g. under GDPR or CCPA) such as access, portability, or deletion. Contact us to exercise them.

Navis uses only the cookies necessary to keep you signed in and remember basic preferences (such as your sidebar state). We do not use third-party advertising or cross-site tracking cookies.

Navis is not directed to anyone under 18, and we do not knowingly collect their information.

We may update this policy from time to time. Material changes will be reflected by the “Last updated” date above and, where appropriate, additional notice.

Questions or requests about your privacy? Email us at privacy@usenavis.com.