Narev AI

Privacy Policy

Privacy Policy for Narev Inc.

This privacy policy explains how Narev Inc., a Delaware corporation, handles data during the management and optimization of Large Language Model (LLM) financial operations.

Data Handling

Our FinOps service is designed with privacy-first principles. We process financial and usage data necessary to provide cost optimization and governance for your LLM operations. All data is handled securely and in accordance with applicable privacy laws.

Information Processing

The service processes:

  • LLM usage metrics and billing data
  • Cost allocation and budget information
  • Provider billing APIs and account information
  • Usage patterns for cost optimization
  • Performance metrics for financial reporting
  • Organizational structure data for cost attribution

We do not:

  • Store unnecessary personal information
  • Share financial data between clients
  • Access LLM model outputs or training data
  • Monitor individual user conversations or queries

Cookies

We use cookies to provide essential functionality and understand how our service is used. This section explains what cookies we use and why.

Strictly Necessary Cookies

These cookies are essential for the website to function properly and cannot be disabled. They are used for security and authentication purposes:

  • __Host-authjs.csrf-token: Essential for CSRF (Cross-Site Request Forgery) protection during authentication. This cookie ensures the security of your login process and protects against malicious attacks.
  • __Secure-authjs.callback-url: Essential for the authentication flow, storing the URL to redirect you to after successful login. This ensures you return to the intended page after authentication.

These cookies:

  • Are session cookies that expire when you close your browser
  • Use secure prefixes (__Host- and __Secure-) for enhanced security
  • Are served only over HTTPS connections
  • Cannot be accessed by JavaScript to prevent theft
  • Are essential for the security and functionality of our authentication system

Analytics Cookies

We use Umami, a privacy-focused analytics service, to understand how our website is used:

  • Purpose: To collect anonymous usage statistics and improve our service
  • Data collected: Page views, referrer information, basic device/browser type
  • Privacy: All data is anonymized and cannot identify individual users
  • No tracking: Does not track users across different websites
  • No personal data: No personally identifiable information is collected
  • Storage: Analytics data is processed server-side without persistent cookies on your device

Our analytics implementation:

  • Does not require consent under GDPR as no personal data is collected
  • Cannot identify individual users or sessions
  • Is fully compliant with privacy regulations
  • Uses aggregated, anonymous data only

Managing Cookies

Strictly Necessary Cookies: These cannot be disabled as they are essential for the website's security and functionality. Disabling them would prevent you from logging in or using our service securely.

Analytics: Our analytics system does not use tracking cookies and processes all data anonymously. No personal information is collected or stored.

If you wish to disable cookies entirely through your browser settings, please note that this will prevent you from logging in and using our authenticated services.

Data Security

The service includes robust security features:

  • End-to-end encryption for data in transit and at rest
  • Secure API authentication and access controls
  • SOC 2 compliant data handling procedures
  • Role-based access controls for financial data
  • Regular security audits and monitoring

Usage Analytics

We collect usage metrics for:

  • Service performance monitoring
  • Cost optimization algorithm improvement
  • System reliability and uptime
  • Technical troubleshooting and support
  • Product development and feature enhancement

All metrics are aggregated and anonymized where possible, with no identifying information about specific financial decisions or sensitive business data.

Third-Party Integrations

When you connect to external LLM providers and cloud platforms through our service:

  • You are subject to their respective privacy policies
  • We maintain strict data isolation between clients
  • We use secure API connections with proper authentication