We know you're trusting us with something deeply personal. Here's exactly how we protect it – in plain English, no jargon.
NAVO stores medications, allergies, legal documents, financial details. We designed the security of this product from the ground up with that in mind. This page explains what we do to protect your family's data, who can see it, and what happens if something goes wrong.
Your data is stored on encrypted infrastructure. Strict access controls and authentication mean that only authorised connections can ever read your information – and we keep those keys tightly secured.
All data in our database is encrypted using AES-256 – the same standard used by banks and governments worldwide.
Every connection between your device and NAVO is protected by TLS (HTTPS). The padlock in your browser is real and enforced.
We never store your password. It's converted into a one-way hash using bcrypt. Not even we can read it.
Encryption protects against external attackers. Access controls protect you from within – making sure no other NAVO user can ever see your data unless you've explicitly invited them.
Only you can access your account and the profiles you manage. No other user can see your data without an explicit invitation from you.
You decide which family members to invite and exactly which sections they can see. Revoke access at any time.
Financial and digital accounts sections are hidden from all family members unless you explicitly choose to share them.
Our team does not access your profile data. We only do so if you specifically ask for technical support, and all access is logged.
We use best-in-class infrastructure with full-time security teams, independent audits, and enterprise-grade reliability.
| Provider | What they do | Certification |
|---|---|---|
| Supabase | Database, authentication & storage | SOC 2 Type II |
| Vercel | Application hosting & delivery | SOC 2 Type II |
| Stripe | Payment processing | PCI DSS Level 1 |
| Resend | Transactional email delivery | SOC 2 Type II |
Security isn't just something we do to protect you – it's something you have direct control over.
We will never sell your personal or health information to any third party. Not now, not if we grow, not if we're acquired.
NAVO is ad-free. We do not use your data to serve ads, and we do not share data with advertising platforms.
Your health data is yours. We do not share it with insurers, employers, or healthcare providers without your explicit request. The only exception is a lawful legal obligation such as a court order – which we'd notify you about wherever we legally can.
We will never use your medical, health, or personal information for marketing, advertising, personalisation, or any other commercial purpose. Your data funds nothing except the service itself.
We comply with Australia's federal privacy law and all 13 Australian Privacy Principles, including specific rules for sensitive health information.
Our lawyer is adding GDPR-compliant clauses to our Privacy Policy, and we are executing Data Processing Agreements with each of our providers before public launch.
NAVO is a personal information organiser. We are not regulated by the TGA. We store what you tell us – we don't diagnose, prescribe, or advise.
Unresolved privacy concerns can be escalated to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
Sign up and add the details that matter most in an emergency – completely free. This isn't a trial. It's just how NAVO works.
A low monthly subscription unlocks family sharing, document storage, and the full profile. You pay for features – not for access to your own information.
We make money through subscriptions, not by selling, analysing, or monetising your personal information. That's a deliberate choice, not a default – and it won't change. If it ever did, we'd tell you, and you could leave and take your data with you.
"No system connected to the internet is 100% immune."
We take every reasonable precaution – encryption, access controls, trusted infrastructure, ongoing monitoring. But we believe in being straight with you. What we can promise is that we'll tell you promptly if something goes wrong, and we'll do everything in our power to protect you if it does.
Our privacy officer responds within 5 business days. We take every inquiry seriously.
Email privacy@meetnavo.com