GDPR Compliance
Your data protection rights under the General Data Protection Regulation.
Last updated: July 30, 2025
GDPR Compliant
Protecting your rights since May 25, 2018
NaviSmart AI fully complies with GDPR requirements, ensuring your personal data is processed lawfully, transparently, and securely. We respect your rights and provide easy ways to exercise them.
Your Data Protection Rights
Right to Access
You have the right to know what personal data we hold about you and how we use it.
Right to Portability
You can request your data in a structured, machine-readable format.
Right to Erasure
You can request deletion of your personal data under certain circumstances.
Right to Protection
Your data is protected with appropriate technical and organizational measures.
1Our Commitment to GDPR
Full Compliance
NaviSmart AI is committed to full compliance with the General Data Protection Regulation (GDPR). We have implemented comprehensive policies, procedures, and technical measures to ensure your personal data is protected and your rights are respected.
Lawful Basis
We process personal data based on legitimate legal grounds, including consent, contract performance, legal obligations, and legitimate interests. We clearly communicate the basis for processing and ensure it remains valid throughout the data lifecycle.
2Data Protection Principles
Lawfulness, Fairness, and Transparency
We process personal data lawfully, fairly, and transparently. We provide clear information about how we collect, use, and share your data.
Purpose Limitation
We collect personal data for specified, explicit, and legitimate purposes and do not process it further in ways incompatible with those purposes.
Data Minimization
We ensure that personal data is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
Accuracy
We take reasonable steps to ensure personal data is accurate and, where necessary, kept up to date. Inaccurate data is erased or rectified without delay.
3Data Security Measures
Technical Safeguards
We implement appropriate technical measures including encryption, access controls, secure data transmission, and regular security monitoring to protect your personal data.
Organizational Measures
Our team receives regular training on data protection, we conduct privacy impact assessments, and maintain comprehensive data protection policies and procedures.
4International Data Transfers
Adequate Safeguards
When we transfer personal data outside the European Economic Area, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or binding corporate rules.
Third-Party Processors
We carefully vet all third-party data processors and ensure they provide sufficient guarantees regarding data protection and security measures.
5Data Retention
Retention Periods
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, or establish, exercise, or defend legal claims.
Automatic Deletion
We have implemented automated systems to delete personal data when retention periods expire, unless there are legitimate grounds for continued processing.
6Data Breach Response
Incident Response Plan
We have established procedures to detect, investigate, and respond to personal data breaches. We will notify supervisory authorities within 72 hours when required by law.
User Notification
If a breach is likely to result in high risk to your rights and freedoms, we will communicate the breach to you without undue delay, providing clear information about the incident and recommended actions.
Exercise Your Rights
Need to exercise your GDPR rights or have questions about data protection? Contact our Data Protection Officer.
Data Protection Officer
dpo@navismartai.com
Response Time
Within 30 days (as required by GDPR)