Legal

Privacy Policy

Last updated: 14 May 2026

Overview

Niia ("we", "us", "our") operates the Niia platform — an AI-powered WhatsApp receptionist for salons — accessible at niia.ai and app.niia.ai. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and the choices you have.

We are committed to protecting the privacy of both our salon customers (businesses that subscribe to Niia) and their end customers (individuals who interact with Niia over WhatsApp).

By using Niia, you agree to the collection and use of information described in this policy.

Information We Collect

Information you provide directly

  • Account information — name, business name, email address, phone number, and password when you sign up.
  • Salon data — services, prices, opening hours, staff details, and any other information you enter into your dashboard.
  • Billing information — handled securely by our payment processor (Stripe). We do not store full card numbers.
  • Support communications — any messages you send to connect@navan.ai or through in-app support.

Information collected automatically

  • Usage data — pages visited, features used, clicks, and session duration within the dashboard.
  • Device data — browser type, operating system, IP address, and time zone.
  • Log data — server logs including request timestamps, errors, and response times.

WhatsApp conversation data

When Niia handles conversations on behalf of a salon, we process:

  • The customer's WhatsApp phone number
  • Message content (text only — Niia does not process voice messages or media by default)
  • Timestamps and message metadata
  • Booking details extracted from conversations (service, date, time, staff)

Niia processes this data as a data processor on behalf of the salon (the data controller). The salon is responsible for ensuring their customers are aware that an AI assistant may handle their messages.

How We Use Information

We use the information we collect to:

  • Provide and operate the Niia platform
  • Power the AI responses sent to end customers via WhatsApp
  • Create and manage bookings on behalf of salons
  • Send appointment reminders and follow-up messages as configured by the salon
  • Display analytics and insights in the dashboard
  • Process billing and manage your subscription
  • Respond to support requests
  • Improve AI accuracy and platform performance (using aggregated, anonymised data)
  • Send product updates and announcements (you may opt out at any time)
  • Comply with legal obligations

We do not use WhatsApp conversation data to train our AI models without your explicit consent.

Sharing of Information

We do not sell your personal data. We share information only in these circumstances:

Service providers

We use trusted third-party services to operate Niia:

  • Stripe — payment processing
  • Meta (WhatsApp Business API) — message delivery
  • OpenAI — AI inference for generating responses
  • MongoDB Atlas — database hosting
  • AWS — cloud infrastructure

Each provider is bound by its own data processing agreements and privacy policies.

Legal requirements

We may disclose information if required by law, court order, or government authority, or to protect the rights, safety, or property of Niia or others.

Business transfers

If Niia is acquired or merged, your data may be transferred to the new entity. We will notify you before your data becomes subject to a different privacy policy.

Data Retention

We retain your data for as long as your account is active and for a reasonable period afterwards to comply with legal obligations.

  • Account data — retained for the duration of your subscription plus 90 days after cancellation, then permanently deleted.
  • Conversation data — retained for 12 months by default. Salons on the Pro plan can configure a shorter or longer retention window.
  • Billing records — retained for 7 years as required by financial regulations.

You may request deletion of your data at any time by emailing connect@navan.ai. We will process the request within 30 days.

Your Rights

Depending on your location, you may have the following rights under applicable data protection laws (including GDPR):

  • Access — request a copy of the personal data we hold about you
  • Correction — ask us to correct inaccurate or incomplete data
  • Deletion — ask us to delete your personal data ("right to be forgotten")
  • Portability — receive your data in a machine-readable format
  • Objection — object to processing based on legitimate interests
  • Restriction — ask us to restrict processing in certain circumstances

To exercise any of these rights, email connect@navan.ai with the subject line "Data Request". We will respond within 30 days.

Security

We implement industry-standard safeguards to protect your data:

  • All data is encrypted in transit using TLS 1.2+
  • All data is encrypted at rest using AES-256
  • Access to production systems is restricted to authorised Niia employees and requires multi-factor authentication
  • We conduct regular security reviews and penetration testing
  • We are compliant with WhatsApp Business API security requirements

No system is perfectly secure. If you believe your data has been compromised, contact us immediately at connect@navan.ai.

Cookies

The Niia dashboard uses cookies and similar technologies for:

  • Authentication — to keep you logged in
  • Preferences — to remember your dashboard settings
  • Analytics — to understand how the dashboard is used (aggregated, anonymised)

The Niia landing page (niia.ai) uses only essential cookies. You may disable cookies in your browser settings, though this may affect dashboard functionality.

We do not use advertising or tracking cookies.

WhatsApp Data & Meta

Niia integrates with WhatsApp Business API, operated by Meta Platforms, Inc. When your customers message your salon on WhatsApp, those messages pass through Meta's infrastructure before reaching Niia.

Meta's handling of WhatsApp data is governed by the WhatsApp Privacy Policy. Niia is not responsible for Meta's data practices.

Niia only accesses the content of messages sent to your salon's number — not messages in other WhatsApp conversations on that device.

Children's Privacy

Niia is not intended for use by children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top and, for material changes, notify you by email or by a prominent notice in the dashboard. Your continued use of Niia after the effective date constitutes acceptance of the updated policy.

Contact

For any privacy-related questions or requests, contact us at:

Niia
Email: connect@navan.ai
Subject line: Privacy

We aim to respond to all privacy enquiries within 5 business days.