Privacy Policy

Last Updated: March 3, 2026

1. Introduction and Scope

Navo Inc. ("Navo," "we," "our," or "us") operates as an Authorized IRS e-file Provider (Electronic Return Originator) delivering tax preparation and filing services via an artificial intelligence interface. This Privacy Policy outlines how we collect, process, retain, and protect Personal Identifiable Information (PII) and Federal Tax Information (FTI) in compliance with IRS Publication 1345, IRS Publication 1075, the Gramm-Leach-Bliley Act (GLBA), and the FTC Safeguards Rule.

2. Information We Collect

Because we provide tax preparation services, we strictly collect only the data necessary to execute our Service:

  • Identity Information: Full legal name, Date of Birth, Social Security Number (SSN) or ITIN, and physical address. We may also collect biometric or identity verification data via uploaded driver's licenses or state IDs to verify identity and prevent fraud.
  • Tax and Financial Data: Information extracted via OCR from your uploaded tax documents (e.g., W-2s, 1099s, 1098s), your prior-year Adjusted Gross Income (AGI), and self-reported financial data provided during your chat.
  • Conversational Data: Transcripts of your chat interactions with our AI assistant, including your questions and provided financial context.
  • Account & Authentication Data: Email address, phone number, and authentication tokens provided via our secure login provider.
  • Technical Data: IP address, device type, and interaction logs.

3. Purpose and Use of Information

A. Tax Preparation (Primary Use): Under federal law, we use your tax return information solely for the purpose of preparing and assisting in the preparation of your federal and state tax returns, as defined in Treas. Reg. §301.7216-2(d)(1).

  • AI Processing: We utilize artificial intelligence to parse your documents and facilitate the tax interview via chat.
  • No Model Training: Navo explicitly does not use your Personal Information, Conversational Data, or FTI to train, fine-tune, or improve our proprietary AI models, nor do we permit our Third-Party Processors to do so.
  • System Operations & QA: Under IRC § 7216 and related regulations, Navo is authorized to use your Tax Return Information for the purpose of updating, testing, and maintaining our software and tax routing logic. This includes the use of authorized independent contractors (under strict confidentiality agreements) to perform quality assurance and system maintenance.

B. Marketing and Lending (Only With Explicit Consent): We do not use your tax information to market other financial products to you unless we obtain your explicit, affirmative, and separate written consent in accordance with Internal Revenue Code (IRC) Section 7216. Declining this consent will not prevent you from using Navo to file your taxes.

4. Disclosure to Third Parties

We do not sell or monetize your data. To execute the tax filing process, we share data strictly with authorized Processors under binding Data Processing Agreements (DPAs). These categories of service providers include:

  • IRS Authorized Transmitters: To calculate and securely transmit your return to the IRS and state tax agencies.
  • Document Processing Services: Bank-grade OCR (Optical Character Recognition) APIs used to extract text and data from your uploaded tax forms.
  • Artificial Intelligence Providers: Foundational large language model APIs used to power the conversational interface. Data sent via these APIs is explicitly restricted from being retained or used for model training.
  • Authentication Providers: Secure user identity and login management systems.
  • Cloud Infrastructure: Secure, US-based cloud hosting and data storage providers.

Data Localization: Your tax information will not be released or transferred outside of the United States, except at your direct request.

5. Use, Retention, and Disposal

Navo enforces aggressive data minimization and automated retention limits:

  • Source Document Disposal: Uploaded source documents (e.g., images of W-2s, IDs) are permanently deleted from our active servers within 30 days of the IRS officially accepting your tax return.
  • Mandated IRS Retention: As an Authorized IRS e-file Provider, Navo is legally required by the IRS to securely retain specific e-file signature authorizations (such as Form 8879) and electronic transmission acknowledgments for three (3) years. This data is kept in highly restricted cold storage and automatically purged upon the expiration of the legal limitation period.

6. Security Safeguards

We implement industry-standard safeguards to protect your data:

  • Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • Access Controls: Multi-Factor Authentication (MFA) is strictly enforced for internal engineering access and user authentication.
  • Monitoring & Vulnerability: We utilize Web Application Firewalls (WAF), rate limiting, and conduct external vulnerability scans via an Approved Scanning Vendor (ASV) to prevent unauthorized access.

7. Cookies and Tracking Technologies

Navo uses cookies to ensure basic website functionality and secure your session. Crucially, we do not use tracking pixels (e.g., Meta Pixel) or third-party marketing cookies on any pages where Federal Tax Information (FTI) is collected or displayed.

8. Access and Individual Rights

You maintain the right to control your Personal Information:

  • Access & Correct: You can review and correct your tax information at any point during the conversational flow before you digitally sign and submit your return. Once submitted to the IRS, changes require filing an amended return.
  • Delete: You may request the deletion of your Navo account and conversational data at any time. Note: Navo will honor deletion requests immediately, except for the specific transmission records we are legally mandated by the IRS to retain for three years (as noted in Section 5).
  • Revoke Consent: If you signed a Section 7216 consent form, you may revoke it at any time.

9. Contact Us

If you have questions or wish to exercise your data rights, please contact our Data Privacy Officer at:

  • Email: compliance@navo.ai
  • Mailing Address: Navo Inc., 251 Little Falls Drive, Wilmington, Delaware 19808