Built carefully.
Treated seriously.

Your goals, decisions, and personal context are sensitive. Here is exactly how Navoxo protects them.

Encryption everywhere

All data is encrypted in transit using TLS 1.2+ and at rest on our infrastructure. Passwords are hashed with bcrypt and never stored or logged in plain text.

Isolated session data

Your Clarity Session content is processed only to generate your response. It is not reviewed by staff under normal operation and never used to train third-party models without explicit consent.

Trusted infrastructure

Built on Supabase, Vercel, and OpenRouter — providers with their own independent security commitments and compliance certifications.

The detail

Specifics, not just promises.

Authentication

Passwords hashed with bcrypt. Optional sign-in via Google OAuth. Session tokens expire automatically and rotate on sensitive actions.

Payments

Handled entirely by Stripe and Razorpay. Navoxo never stores full card numbers — only a payment provider token.

Data access

Internal access to user data is limited to engineers actively resolving a support request, and is logged.

Backups

Automated, encrypted daily backups with point-in-time recovery through our database provider.

Breach response

Affected users notified within 72 hours of confirming any incident involving personal data, consistent with our Privacy Policy.

Found something?

Responsible disclosure

If you believe you’ve found a security vulnerability in Navoxo, please report it directly rather than publicly. We commit to acknowledging reports within 48 hours and will keep you updated as we investigate and resolve the issue.