Privacy Policy

Last updated: May 29, 2026

This Privacy Policy describes how Snavigo ("we", "us", "our") collects, uses, and protects information when you use our website, application, and services (collectively, the "Service").

We are committed to protecting your privacy and handling your data transparently. If you have questions, contact us at privacy@snavigo.com.

1. Who we are

Snavigo provides B2B buying-intent monitoring and AI-assisted outreach drafting for sales teams.

Data controller for our business and prospective customer data: Snavigo (operated by [Your Legal Entity Name]) [Registered Address] Email: privacy@snavigo.com

For data processed on behalf of our customers (e.g., contact records imported or enriched within their workspace), Snavigo acts as a Data Processor and the customer is the Data Controller. See Section 11 for details.

2. Information we collect

2.1 Information you provide directly

When you sign up and use Snavigo, we collect:

Account information: name, email address, password (hashed), company name
Workspace configuration: your product description, ideal customer profile, target personas, outreach preferences, uploaded materials (PDF/DOCX documents)
Communications: messages you send us (support requests, feedback)

2.2 Information we collect automatically

Usage data: pages visited, features used, timestamps, approximate location (from IP address)
Device data: browser type, operating system, screen resolution
Cookies and similar technologies: authentication tokens, session identifiers (see Section 9)

2.3 Information we collect from third parties

To deliver the Service, we obtain B2B contact and company information from:

Apollo.io — business contact data (names, work emails, job titles, LinkedIn URLs)
NewsAPI, RSS feeds, web sources — public news articles and company announcements
Brave Search — domain and company lookup data

This information is sourced by these providers from publicly available sources or their own commercial databases, and is used to identify buying signals and decision-makers relevant to our customers.

2.4 Categories of personal data

Personal data we may process includes:

Identifiers: name, email address, job title, employer
Online identifiers: LinkedIn URL, IP address
Professional information: role, seniority, company affiliation

We do not intentionally collect: sensitive personal data (health, religion, race, sexual orientation), financial account information, government identifiers, or data from individuals known to be under 18.

3. How we use information

We use information for these purposes:

Purpose	Legal basis (GDPR)
Provide and operate the Service	Contract performance
Authenticate users and secure accounts	Contract performance
Process payments (if applicable)	Contract performance
Generate AI-assisted signal scores and outreach drafts	Contract performance
Send service-related communications	Legitimate interest
Send product updates and marketing (with opt-out)	Consent / legitimate interest
Improve and develop new features	Legitimate interest
Detect and prevent fraud, abuse, security incidents	Legitimate interest, legal obligation
Comply with legal obligations	Legal obligation

We do not sell personal data. We do not share personal data with third parties for their independent marketing purposes.

4. AI processing

Snavigo uses AI models (provided by Anthropic) to:

Analyze public news content and score relevance to your business
Draft personalized outreach messages

When AI processing occurs, the following data may be sent to Anthropic via their API:

Public news content or web data being analyzed
B2B contact information (name, title, employer)
The product context you've configured in your workspace

Per Anthropic's commercial terms, API customer data is not used to train their models. See https://www.anthropic.com/legal/commercial-terms

All AI-generated content is presented as a draft for human review. We do not send messages or take actions automatically without user approval.

5. How we share information

We share information only as described below:

5.1 With service providers (subprocessors)

We share information with the following service providers who process data on our behalf:

Provider	Purpose	Location
Supabase	Database, authentication, file storage	USA / AWS
Amazon Web Services	Cloud infrastructure	Global
Anthropic	AI processing	USA
Apollo.io	Contact data enrichment	USA
NewsAPI	News article aggregation	USA / UK
ScrapingBee	Web page fetching	EU / USA
Brave Search	Web search	USA

A current list is maintained at https://snavigo.com/subprocessors.

All subprocessors are bound by data protection agreements requiring appropriate security and confidentiality.

5.2 Within your workspace

Information you contribute to a workspace is visible to other authorized users of that workspace.

5.3 For legal reasons

We may disclose information if required by law, court order, or government request, or to protect the rights, property, or safety of Snavigo, our users, or others.

5.4 Business transfers

If Snavigo is acquired, merged, or sells substantially all its assets, your information may be transferred as part of that transaction. You will be notified before any such transfer changes how your data is treated.

6. International data transfers

Snavigo is operated from [Country] and uses service providers in the United States, European Union, and elsewhere. When we transfer personal data from the European Economic Area (EEA), United Kingdom, or Switzerland to a country without an adequacy decision, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other lawful transfer mechanisms.

A copy of our SCCs is available on request to privacy@snavigo.com.

7. Data retention

We retain personal data only as long as necessary for the purposes described:

Account data: for the duration of your active account, plus up to 90 days after closure (to handle billing disputes or legal requests)
Workspace content: for the duration of the customer's subscription; deleted within 30 days of account termination
Marketing communications data: until you unsubscribe, then deleted within 90 days
Logs and security data: up to 12 months
Backups: rolling 30-day retention per our backup provider's policy

You may request earlier deletion at any time (see Section 8).

8. Your rights

Depending on your location, you may have the following rights regarding your personal data:

Access — request a copy of personal data we hold about you
Rectification — correct inaccurate or incomplete data
Erasure ("right to be forgotten") — request deletion of your data
Restriction — limit how we process your data
Portability — receive your data in a portable format
Objection — object to certain processing (e.g., marketing)
Withdraw consent — where processing is based on consent
Lodge a complaint — with a supervisory authority (e.g., your country's data protection authority)

To exercise any of these rights, email privacy@snavigo.com. We respond within 30 days. We may need to verify your identity before fulfilling certain requests.

For data we process on behalf of our customers: if you are a contact whose information appears in a Snavigo workspace because a customer imported or enriched it, your primary point of contact is that customer (the Data Controller). We will assist them in responding to your request, or, where required, you may contact us directly and we will route your request appropriately.

9. Cookies and similar technologies

We use cookies and similar technologies for:

Strictly necessary cookies — authentication, security, session management. These cannot be disabled.
Functional cookies — remembering your preferences
Analytics cookies — understanding how the Service is used (anonymized where possible)

We do not use third-party advertising or tracking cookies.

You can manage cookies via your browser settings. Disabling strictly necessary cookies will prevent you from signing in.

10. Security

We implement technical and organizational measures to protect personal data, including:

Encryption in transit (TLS) and at rest (AES-256)
Row-level access controls scoped to workspace
Hashed password storage (bcrypt)
Encrypted secrets management
Restricted internal access on a need-to-know basis

For details, see our Security Overview at https://snavigo.com/security.

No system is 100% secure. We commit to notifying affected users within 72 hours of confirming a security incident that compromises personal data, in line with GDPR Article 33.

11. Snavigo as a Data Processor

When you use Snavigo, you (the customer) determine what contact, company, and signal data is imported, enriched, and processed within your workspace. For that data:

You are the Data Controller
Snavigo is the Data Processor

Our processing obligations are governed by our Data Processing Agreement (DPA), which we make available to customers on request. The DPA includes Standard Contractual Clauses where applicable.

You are responsible for ensuring you have a lawful basis to process the contact data you import into Snavigo, and for honoring data subject rights requests directed at that data.

12. Children's privacy

Snavigo is a B2B service intended for business users aged 18 and over. We do not knowingly collect data from individuals under 18. If you believe we have collected data from a minor, contact privacy@snavigo.com and we will delete it.

13. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be announced via email or in-product notification at least 30 days before taking effect. The "Last updated" date at the top reflects the most recent version.

14. Contact

Questions, requests, or complaints about this Privacy Policy or our handling of your data:

Email: privacy@snavigo.com
Data protection inquiries: dpo@snavigo.com
Postal: [Your Registered Address]

If you are located in the EU/EEA and have an unresolved concern, you may contact your local data protection authority.

This Privacy Policy is provided in English. Translations are for convenience; the English version controls in case of conflict.