Privacy Policy

Panaviu is built around the idea that your operational data — household finances, vehicles, network gear, contracts, infrastructure — belongs to you. We collect what we need to run the Service, we don't sell personal information, and we don't use Your Data to train third-party AI models.

Panaviu ("we," "us") provides the Panaviu platform, including Panaviu Personal and Panaviu Business. This Privacy Policy explains what we collect, why, and the choices you have.

We collect information in three buckets:

• Account information — email, password (hashed), display name, and any profile details you provide. If you sign in with Google, we receive your email and basic profile info from Google.
• Workspace content ("Your Data") — anything you input, upload, or connect inside a Personal or Business workspace: financial records, asset details, contracts, contacts, infrastructure metadata, notes, and uploaded documents.
• Usage and device data — log data such as IP address, browser, device type, pages viewed, actions taken, and timestamps. Used for security, debugging, and product improvement.

• Operate, maintain, and improve the Service.
• Authenticate you and protect your account.
• Render your dashboards, summaries, and AI-assisted explanations on your own data.
• Send transactional messages (sign-in, password reset, invitations, billing, security alerts).
• Detect, investigate, and prevent abuse, fraud, or violations of our Terms.
• Comply with legal obligations.

We do not sell your personal information. We do not use Your Data to train third-party AI models.

Where required (for example, under GDPR), we rely on: performance of our contract with you, our legitimate interests in operating and securing the Service, your consent for optional features, and compliance with legal obligations.

We share information only as follows:

• Workspace members — content in a workspace is visible to people you invite to that workspace, with access governed by the role you assign them.
• Service providers — vetted processors that help us run the Service (cloud hosting, database, authentication, email delivery, error monitoring, analytics, payment processing). They act on our instructions under contractual data protection terms.
• Legal and safety — when we reasonably believe disclosure is required by law or necessary to protect rights, property, or safety.
• Business transfers — in connection with a merger, acquisition, or sale of assets, with notice where required.

Panaviu uses AI to summarize and explain your operational data (for example, the executive briefing and informational tooltips). These prompts run against models provided by Lovable AI Gateway. Your prompts and the relevant context are sent to the model provider only to generate the response and are not used to train their models.

We retain Your Data while your account is active. You can delete records inside the app at any time. If you close your account, we delete or anonymize Your Data within a reasonable period, except where we are required to retain it (for example, for tax, audit, or legal-hold reasons).

We use industry-standard safeguards: encryption in transit, encryption at rest for the database, role-based access controls, audit logging, and row-level security so that members of one workspace cannot read another workspace's data. No system is perfectly secure — please use a strong, unique password and enable any available account-protection features.

For account support, Panaviu staff can see your account email and your user ID from our internal admin dashboard. Staff use this only to identify your account, contact you, and respond to support requests.

Panaviu staff cannot see the actual data you store in the product from the admin dashboard — your vehicles, finances, documents, household details, contacts, business assets, contracts, and any other workspace content stay private to you and the people you explicitly invite to your workspace. Workspace data is protected by row-level security at the database layer.

The only narrow exception is when you submit a support ticket: the subject, message, and page path you choose to share with us are visible to staff so we can help you. If you are debugging a specific record, please describe it rather than sharing screenshots of other people's data.

Your information may be processed in countries other than your own. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) for cross-border transfers.

Depending on your jurisdiction, you may have the right to access, correct, export, restrict, or delete your personal information, to object to certain processing, and to lodge a complaint with a supervisory authority. You can exercise most rights directly inside the app or by contacting us at privacy@panaviu.com.

We use cookies and similar technologies that are strictly necessary to authenticate you and run the Service, plus a limited set of analytics cookies to understand product usage. The cookie banner shown on first visit lets you accept or decline analytics cookies; you can change your choice anytime by clearing your browser's site data for Panaviu. Strictly-necessary cookies cannot be disabled because the app needs them to keep you signed in.

The Service is not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will delete it.

We may update this Privacy Policy from time to time. Material changes will be communicated by email or in-app notice. The "Last updated" date at the top reflects the latest revision.

For privacy questions or requests, email privacy@panaviu.com.