Legal
Privacy policy
Effective: pre-launch placeholder · v0.1
⚠ Placeholder
This is a pre-launch skeleton, not a binding legal document. Real terms drafted by counsel ship with public launch. The structure below mirrors what the final version will look like, so the footer-link works and the platform is honest about its state.
Narriv collects, processes, and stores personal data to operate the deck-engine SaaS. This page will be replaced with the full ICO-compliant privacy notice before public launch. The skeleton below mirrors the structure that final document will take.
What we collect
Account email, company name, deck content you upload, viewer email addresses you allowlist, behavioural data on viewer reads (per-section dwell, opens, signals). Pulse credits usage. Stripe billing identifiers — we don't store card numbers; Stripe does.
Why we collect it
Performance of contract (running your deck for you), legitimate interest (improving the product, fraud prevention), and compliance (FCA s21 audit trail, ICO data-retention requirements).
Who we share with
Sub-processors: Vercel (hosting), MongoDB Atlas (data), Anthropic (Pulse AI calls — your deck content is sent for processing, never used for model training), Stripe (billing), Resend (email), Telegram (alerts you opted into). Full sub-processor list ships with the final policy.
Your rights
Access, rectification, erasure, restriction, portability, objection — per UK GDPR / EU GDPR. Contact privacy@narriv.co.
Retention
Account data: lifetime of account plus 30 days. Executed NDAs and term sheets: 7 years (UK Limitation Act). Behavioural events: 90 days raw, indefinite as aggregated rollups (anonymised).
Contact
Data questions: privacy@narriv.co. Data Protection Officer designated before launch.