Introducing Helm — the operating system for enterprise excellenceLearn more →

Privacy Policy

Effective date: 4 June 2026

1. Who we are

Naventric ("we", "us") operates the naventric.com website, customer accounts, and the customer portal. This policy explains what personal data we collect through the corporate site, how we use it, and the choices you have.

Questions about this policy or your data can be sent to us at any time via our contact page at naventric.com/about/contact.

2. Data we collect

We collect only the data needed to operate the site and serve you:

  • Account data — your name, email address, and a securely hashed password when you register.
  • Quotation requests — your name, email, company details, and project information when you request a quote or custom solution.
  • Product subscriptions — which Naventric products your account is subscribed to.
  • Usage data — pages visited, device and browser information, and interaction events collected through our analytics tooling.
  • Technical logs — server logs and error reports generated while operating and securing the service.

3. How we use your data

We use the data above to:

  • Create and authenticate your account, including email verification and password resets.
  • Respond to quotation requests and inquiries.
  • Operate, secure, and improve the website and customer portal.
  • Send transactional email such as verification links and password reset links. We do not send marketing email without your consent.

4. Legal bases

Where the EU/UK General Data Protection Regulation (GDPR) applies, we rely on the following legal bases:

  • Performance of a contract — managing your account and product subscriptions.
  • Legitimate interests — securing the service, preventing abuse, and understanding aggregate usage.
  • Consent — where required, for example if we introduce marketing communications.

5. Service providers (sub-processors)

We use a small number of service providers to operate the site. Each processes data on our behalf under its own data processing terms:

  • Vercel — website hosting and content delivery (global edge network).
  • Supabase — managed database hosting (AWS ap-northeast-2, Seoul).
  • Resend — transactional email delivery.
  • Sentry — error monitoring.
  • PostHog — product analytics.

6. International transfers

Our providers may process data outside the country in which you live. Where GDPR applies, transfers rely on safeguards such as the European Commission's Standard Contractual Clauses implemented by each provider. We do not sell personal data, and we do not share it with third parties for their own marketing.

7. Data retention

  • Account data — kept while your account is active and deleted upon verified account deletion requests.
  • Quotation requests — kept for as long as needed to respond and to maintain business records.
  • Logs and analytics — kept for limited periods appropriate to security and product improvement.

8. Your rights

Depending on where you live, you may have the right to access, rectify, erase, or receive a portable copy of your personal data, to restrict or object to its processing, and to lodge a complaint with your supervisory authority. To exercise any of these rights, contact us via the contact page — we respond within the timeframes required by applicable law.

9. Security

All traffic is encrypted in transit (TLS). Passwords are stored using modern one-way hashing. Access to production data is restricted by role-based access control.

10. Naventric products (Helm)

Naventric products such as Helm run as separate services on their own subdomains. Data you upload into a product — including any employee or payroll data processed in Helm — is governed by that product's service terms and data processing agreement, available to subscribers. This policy covers the corporate website, account registration, and the customer portal.

11. Changes to this policy

We may update this policy from time to time. Material changes will be announced on this page with an updated effective date.