Privacy notice

Who this applies to

Visitors to public pages (landing, blog), authenticated users who choose Google sign-in, and administrators using the internal tools on /internal-admin.

What we collect and why

• Strictly necessary: Internal admin session cookie (admin_token, HttpOnly) to protect staff tools; security and consent storage as described in the Cookie policy.
• Account / sign-in: If you use Google sign-in, Google processes your identity per their terms; we receive tokens to establish your session. Auth tokens for the public app may be stored in the browser (e.g. localStorage)—see our engineering notes on XSS hardening.
• Preferences: Theme choice may be stored locally (e.g. nayft-theme) so the site remembers light/dark mode.
• Analytics (optional): If you opt in, we may load Google Analytics 4 to measure traffic and performance. You can change this anytime via “Cookie settings” in the footer.
• Marketing (optional): Reserved for future advertising or social pixels; we do not load marketing tags unless you opt in and we deploy them.
• Wishlist / product interest: Data you submit through wishlist or contact flows is processed to operate those features and communicate about NAYFT.

International transfers

Infrastructure and subprocessors (e.g. hosting, email, Google) may sit outside your country. Where required, we rely on appropriate safeguards such as standard contractual clauses; confirm with your legal team for your jurisdictions.

Your choices

Use Cookie settings in the site footer to revisit optional categories. You may also use browser controls to block or delete cookies and local storage (some features may not work).

Contact

For privacy requests, use the contact channel published on your corporate site or in the app—we will plug a single inbox here when it is finalized.