Privacy Policy

This Privacy Policy explains how NavviPal Inc. ("NavviPal", "we", "us") collects, uses, and protects personal data when you use our website at www.navvipal.com and our platform and professional services (together, the "Services").

NavviPal provides corporate services, including company formation, registered address, local director, company secretary, and accounting and tax support, across Brazil, Mexico, Colombia, Chile, Peru, Argentina, Costa Rica, Panama, and Ecuador.

For the purposes of applicable data-protection law, NavviPal acts as a data controller for personal data we collect about website visitors and account users, and as a data processor for personal data we handle on behalf of business clients in delivering the Services. Where we act as processor, our handling is governed by our Data Processing Agreement.

Our registered address is 1111B South Governors Avenue, Apartment, Dover, DE 19904, United States. Where required, our data protection contact is [email protected].

We collect the following categories of personal data:

Some service data may include information about third parties, for example, individuals you nominate as directors or signatories. You are responsible for ensuring you have a lawful basis to share that information with us.

• To create and manage your account and organisation, and to apply role-based access controls
• To deliver the Services, including company formation, registered address, filings, and accounting and tax support
• To communicate with you about your account, tasks, deadlines, and support requests
• To process billing and payments
• To improve, secure, and operate the Services and prevent fraud or misuse
• To comply with legal, regulatory, and anti-money-laundering / know-your-customer (KYC) obligations
• To send marketing communications where you have consented or where otherwise permitted by law. You can opt out at any time.

Where data-protection law, such as the EU/UK GDPR or Brazil's LGPD, requires a legal basis, we rely on:

• Contract - to provide the Services you have requested
• Legitimate interests - to operate, secure, and improve our business, balanced against your rights
• Legal obligation - to meet regulatory, tax, and KYC/AML requirements
• Consent - for marketing and non-essential cookies, which you can withdraw at any time

We share personal data only as needed to run the Services:

• Local partners and professionals - in-country lawyers, accountants, registered agents, and nominee directors who deliver services in each jurisdiction
• Government and regulatory bodies - company registries, tax authorities, and other agencies, as required to complete filings
• Service providers - hosting, payment processing, analytics, and communication tools, bound by confidentiality and data-protection terms
• Legal and corporate - where required by law, or in connection with a merger, acquisition, or restructuring

We do not sell your personal data.

Because we operate across multiple countries, your data may be transferred to and processed in jurisdictions other than your own. Where we transfer data internationally, we use appropriate safeguards such as standard contractual clauses or equivalent mechanisms recognised under applicable law.

We retain personal data only as long as necessary for the purposes described above, including to meet legal, accounting, tax, and regulatory retention requirements, which in some jurisdictions can extend for several years after a service ends. When data is no longer needed, we delete or anonymise it.

Depending on your jurisdiction, you may have the right to access, correct, delete, restrict, or object to the processing of your personal data; to data portability; and to withdraw consent. You also have the right to lodge a complaint with your local data-protection authority, for example, the relevant data protection authority in your jurisdiction, such as Brazil's ANPD or the supervisory authority in your EU member state.

To exercise any of these rights, contact us at [email protected]. We will respond within the timeframe required by applicable law.

We use technical and organisational measures, including access controls, encryption in transit, and role-based permissions, to protect personal data. No system is fully secure, so we cannot guarantee absolute security, but we work to protect your data and to notify you and regulators of breaches where the law requires.

We use cookies and similar technologies to operate the site, remember preferences, and understand usage. You can manage non-essential cookies through our cookie banner. See our Cookie Policy for full details.

We may update this policy from time to time. We will post the revised version here with an updated "Last updated" date and, where changes are significant, notify you directly.

For any questions about this policy or your personal data, contact NavviPal Inc. at [email protected] or 1111B South Governors Avenue, Apartment, Dover, DE 19904, United States.