Privacy Policy
Effective Date: July 1st, 2025
1. Introduction
Tamar.ai, operating under the commercial name Naviia (“we”, “us”, or “our”), is a company incorporated in France and provides a Software-as-a-Service (SaaS) platform dedicated to corporate finance professionals.
This Privacy Policy describes how we collect, use, store, and protect personal data when users access and use the Naviia platform (the “Service”), in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).
For any questions regarding this Privacy Policy, you may contact us at: contact@naviia.ai
2. Role Under Data Protection Laws
Naviia acts primarily as a data processor within the meaning of the GDPR, processing personal data on behalf of its business clients (the data controllers), and solely for the purpose of providing the contracted services.
Each client remains the exclusive owner and controller of the data they provide to the platform.
3. Information Collection and Use
3.1. Personal Data
Depending on the use of the Service, we may process the following categories of personal data:
• Identification data (first name, last name)
• Professional contact information (professional email address)
• Account credentials (user identifiers and encrypted passwords)
• Professional information (company name, role or function)
• Business data and documents uploaded by users
• Communications exchanged via the platform or support channels
All data processed is provided directly by our clients or their authorized users.
3.2. Use of Data
We may collect technical and usage data such as IP address, browser type, operating system, pages accessed, timestamps, and general usage patterns for security and analytics purposes.
4. Purposes of Processing
Personal data is processed exclusively for:
• Providing, operating, and maintaining the Service
• Enabling AI-powered workflows and intelligent agents
• Managing user accounts and access rights
• Providing customer support
• Ensuring security, monitoring, and incident prevention
• Complying with legal and regulatory obligations
Naviia does not use client data for marketing purposes.
5. AI-Specific Data Safeguards
• Client data is used solely for contextual retrieval at query time
• Client data is never used to train or fine-tune AI models
• AI systems do not retain persistent memory of client data
• No cross-client data exposure is possible
6. Disclosure of Data
Personal data may be shared only with trusted sub-processors (hosting, security, analytics) strictly for service delivery, or where required by law. All sub-processors are bound by confidentiality and data protection obligations.
7. Data Security
Naviia implements industry-standard safeguards, including:
• Hosting on AWS
• Encryption in transit (TLS/HTTPS) and at rest
• Logical isolation of client environments
• Role-based access controls
• Regular backups and monitoring
• Incident response and notification procedures
8. Analytics & Cookies
The Service uses analytics tools to improve performance. No marketing or advertising cookies are used. Analytics are implemented in compliance with applicable consent requirements.
9. Data Retention
Personal data is retained for the duration of the contractual relationship and deleted after contract termination within a reasonable timeframe, unless otherwise required by law.
10. Children’s Privacy
The Service is strictly B2B and not intended for individuals under the age of 18.
11. Data Subject Rights
Data subjects may exercise their rights (access, rectification, deletion, restriction, portability) through the relevant data controller. Naviia assists its clients in fulfilling such requests as a data processor.
12. Changes to This Privacy Policy
This Privacy Policy may be updated from time to time. Material changes will be communicated through appropriate channels.