Privacy Policy

How we handle your data

UK-GDPR Compliant
Effective Date
2025-01-27
Last Updated
2025-10-16

1. Who We Are

Navvico Ltd (trading as "Navvico") is a UK-based company providing AI-powered route optimization services for couriers and delivery businesses.

Contact Information

2. Data We Collect

We collect the following categories of personal data:

Account & Identity Data

  • Name and contact information
  • Email address and phone number
  • Business profile and company details
  • Account credentials (encrypted)

Usage & Technical Data

  • Device information and IP address
  • Usage analytics and performance data
  • Location data (for routing optimization)
  • Support messages and communications

Payment Data

We only store the last 4 digits of payment cards and tokenized payment information. Full payment card data is processed securely by our payment processor and never stored on our servers.

3. Purposes & Lawful Bases

Contract Performance

Processing necessary to provide our route optimization services and fulfill our contractual obligations.

Legitimate Interests

Product improvement, fraud prevention, and business analytics to enhance our services.

Consent

Marketing communications and non-essential cookies where you have given explicit consent.

4. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy:

Data Category Retention Period Rationale
Account Data Duration of account + 7 years Contract performance & legal obligations
Usage Analytics 2 years Service improvement & analytics
Support Messages 3 years Customer service & quality assurance
Payment Data 7 years Legal & tax compliance
Marketing Data Until consent withdrawn Consent-based processing

5. Data Sharing

We may share your data with the following categories of third parties:

Service Providers

  • Cloud hosting providers (AWS, Google Cloud)
  • Email delivery services (SendGrid, Mailgun)
  • Payment processors (Stripe, PayPal)
  • Analytics providers (Google Analytics)

Legal Requirements

  • Law enforcement agencies (when legally required)
  • Regulatory authorities
  • Legal advisors and courts
  • Business transfer scenarios
International Transfers: Where we transfer data outside the UK/EU, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) and adequacy decisions.

6. Your Data Protection Rights

Under UK-GDPR, you have the following rights:

Access & Portability

Request copies of your data and receive it in a portable format.

Request Data
Rectification & Erasure

Correct inaccurate data or request deletion of your personal data.

Update Data
Restriction & Objection

Limit processing or object to certain uses of your data.

Object to Processing
Withdraw Consent

Withdraw consent for marketing and non-essential processing.

Withdraw Consent
Identity Verification: We may need to verify your identity before processing certain requests to protect your data security.

7. Children's Data

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe we have collected data from a child under 16, please contact us immediately.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

Technical Measures

  • Encryption at rest and in transit (AES-256, TLS 1.3)
  • Secure authentication and access controls
  • Regular security updates and patches
  • Network security and firewalls

Organizational Measures

  • Staff training on data protection
  • Access controls and role-based permissions
  • Regular security audits and assessments
  • Incident response procedures

9. Automated Decision-Making

We do not use automated decision-making for legal or credit purposes. Our route optimization algorithms are used solely for:

  • Optimizing delivery routes for efficiency
  • Reducing travel time and fuel consumption
  • Improving customer service delivery

10. Cookies & Similar Technologies

We use cookies and similar technologies in the following categories:

Strictly Necessary

Essential for website functionality and security. Cannot be disabled.

Functional

Remember your preferences and improve user experience.

Analytics

Help us understand how you use our website and services.

Marketing

Used for targeted advertising and marketing campaigns.

Manage Cookie Preferences

11. Complaints & Contact

If you have concerns about how we handle your personal data, you can:

Contact Us Directly

Email: privacy@navvico.com

We aim to respond within 30 days.

UK ICO

Website: ico.org.uk

Phone: 0303 123 1113

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by:

  • Email notification to your registered email address
  • Prominent notice on our website
  • In-app notification if you're an active user

We recommend reviewing this policy periodically to stay informed about how we protect your data.

Legal Disclaimer

This privacy policy is for informational purposes only and does not constitute legal advice. Please consult with a qualified legal professional for specific legal guidance.