← Back to home
Privacy

Privacy Policy

Last updated: 5 June 2026 · Effective: 5 June 2026

1. Who we are

Naevik is an AI-agent endpoint security product operated by SensiSec Pty Ltd (ABN 88 663 013 063), a company registered in Australia (the “Company,” “we,” “us”). Our corporate site is sensisec.com; the Naevik product site is naevik.ai. For privacy questions, contact privacy@naevik.ai.

2. Plain-English summary

Naevik watches what AI agents do on your machine, not what you do. The agent enforces policy on what AI coding tools and desktop assistants (Claude Code, Claude Desktop, Cursor, GitHub Copilot, OpenClaw, and similar) are allowed to run, read, write, and connect to. It does not read your file contents, does not inspect your network payloads, and does not capture keystrokes, screen contents, or browsing history.

Your endpoint data stays on your device. Audit records — the log of what agents run, read, write, and connect to — live in a local database on the machine. In Personal, there is no server and that data never leaves the device. In Team, your organization runs its own Naevik server and only the data it configures is sent there — not to us. The only agent diagnostic that can reach SensiSec is opt-in crash reports (off by default; see Section 5). A small amount of other data — a purchase or support email, software-update status — may reach us too; those are described in the sections below.

3. Editions and what this policy covers

Naevik ships in two editions from the same agent:

  • Personal — you buy and run Naevik on your own machine. It is server-less and single-machine; you author your own policy. Your audit data stays on your device.
  • Team — deployed and managed by your organization against an organization-run Naevik server. Your employer configures policy and what, if anything, is uploaded to that server.

This policy describes two things:

  • Naevik Agent — the software installed on the device (macOS today; Linux and Windows as those platforms ship). It is the data-processing core of the product.
  • The naevik.ai website — this marketing site.

In Personal, you are both the user and the operator: for the endpoint event data on your device there is no third-party controller. (We remain the controller for the limited data we do receive — a purchase, support, or crash report, and website requests — described below.) In Team, your organization is the data controller for endpoint event data and SensiSec is a data processor acting under their instructions. The website we operate ourselves as controller.

4. Naevik Agent

4.1 What the agent processes

Naevik Agent uses the operating system's built-in enforcement hooks to evaluate actions taken by processes on the device against the configured policy, before those actions take effect.

Events evaluated may include:

  • Process execution: the binary path being executed, its arguments where available, and the parent process identity.
  • File operations: the file path being acted on, the operation type, and the requesting process identity.
  • Network flow authorization: outbound connection metadata such as the requesting process identity, destination IP address, port, protocol, and hostname where available from system-provided context or policy configuration.
  • Process lifecycle: used to maintain per-process enforcement state so child processes inherit policy.

The agent does not read file contents as part of policy enforcement. Network decisions are made on flow metadata only. The agent does not decrypt TLS, does not read application-layer payloads, does not perform deep packet inspection, does not capture keystrokes, screen contents, or browsing history, and does not alter DNS responses. Network connections initiated by AI agents are evaluated against policy; your ordinary web browsing traffic is passed unmodified and is not subscribed to.

Process arguments and file paths may contain sensitive values depending on how a tool is invoked or how a project is structured. You (Personal) or your organization (Team) control what metadata is logged, retained, redacted, or — in Team — uploaded.

4.2 Where event data is stored

Audit records are written to a local database on the device.

  • Personal: there is no server. Audit records stay on the device and are not transmitted to SensiSec or anyone else.
  • Team: where your organization has configured server-side audit, a configurable subset of records is sent to your organization’s own Naevik server over an encrypted (HTTPS) connection, authenticated with a per-device token.

Local-only events. When the agent is configured to allow developer-authored local policy overlays, events generated by those local rules are stamped non-uploadable at the moment of capture and remain on the device. Toggling any upload setting later does not retroactively reclassify previously captured records — the consent boundary is fixed at capture time.

4.3 What SensiSec does NOT receive

SensiSec does not operate a multi-tenant cloud that aggregates your endpoint event data. We do not receive your process, file, or network event records from the agent, we do not have access to a Team customer’s server, and we do not sell, share, or use endpoint data for any purpose. The single, narrow exception is the opt-in crash reporting described next.

5. Crash reports and diagnostics

Naevik can send macOS-generated crash reports for the agent to help us find and fix defects. This is off by default and never runs unless you turn it on.

  • Opt-in. Crash reporting is off by default. You turn it on in the menu app under Settings → Privacy. Naevik does not collect usage analytics, event counts, or policy data — crash reports only. If that ever changes, this section will be updated first.
  • What is sent. Standard macOS .ips crash reports for the Naevik daemon and the Naevik menu app — the same diagnostic files macOS already writes locally. They contain stack traces and process metadata.
  • Redaction. Paths under /Users/<name>/ are redacted on the device before any report leaves it, so your account name and home-directory paths are removed.
  • Where it goes. Reports are sent over HTTPS to naevik.ai. They are used only to diagnose and fix crashes. We do not sell or share them.
  • No event data. Crash reports contain no audit events and no record of the file, process, or network activity Naevik evaluates.
  • Turn it off any time. Set the option back to Off and no further reports are sent.

6. Self-update

When the agent checks for and installs a software update, it reports update success or failure along with version identifiers back to the update service — your organization’s server in Team, or our update endpoint in Personal. This is a small JSON record (status, reason, timestamp, version) used to support staged rollouts and troubleshooting. It contains no endpoint event data and no file, process, or network activity metadata.

7. The website (naevik.ai)

The website is a static page hosted on a content-delivery network. We do not load third-party analytics, advertising trackers, social-media pixels, A/B-test scripts, or session-replay tools.

  • The CDN provider may receive your IP address and User-Agent string as part of normal HTTP request handling, used by the provider for operational purposes (rate limiting, abuse prevention) under their own privacy terms.
  • The site loads fonts from fonts.googleapis.com and fonts.gstatic.com. Google may receive request metadata under its own privacy policy.
  • If a waitlist or contact form is offered, we collect only the email address you provide, to contact you about Naevik. We will not sell or share it.

7.1 Purchasing Naevik (Personal)

When you buy Naevik, checkout and payment are handled by a third-party payment provider acting as merchant of record; your payment-card details are processed by them, not by us, and we do not receive or store your full card details. We receive your email address and order metadata so that Naevik can email you your license key and provide support — the license email comes directly from us.

8. Retention

On the device, the agent retains audit records in the local database subject to two bounds: a configurable time window (on the order of weeks by default) and a row cap of 100,000 records. Whichever bound is reached first triggers a sweep of the oldest records. Records acknowledged as uploaded (Team) and non-uploadable local-only records are retained under the same window and swept by the same paths. You can shorten the window in the menu app, or delete all local event history at any time from Settings → Privacy.

For crash reporting, a small on-device ledger records the identifiers of reports already sent so the same crash is not uploaded twice.

In Team, server-side retention is configured by your organization on its own server; SensiSec does not operate that server and does not set its retention. Any email address you give us (purchase, support, or waitlist) is retained until it is no longer needed for that purpose or until you ask us to remove it, whichever is sooner.

9. Security

The agent ships as a code-signed, notarized binary on macOS and as a signed package on Linux and Windows. Updates are verified against publisher identity, signature, and content hash before installation. On macOS, both the enforcement and network-filtering components run as system extensions installed under Apple’s standard user-approval flow; no system approval prompts are bypassed. Communication with a Team server uses an encrypted (HTTPS) connection with a per-device token.

10. Your rights

In Personal, your endpoint data stays on your own device under your control; you can inspect or delete it from the menu app at any time. For data we hold (a purchase, support, or waitlist email, or an opt-in crash report), or for general questions about Naevik’s data practices, contact privacy@naevik.ai and we will respond within thirty days.

In Team, your organization is the data controller for endpoint event data and is the right party to contact for access, correction, deletion, or objection requests under applicable law (GDPR, the Australian Privacy Act 1988, and similar regimes).

11. Children

Naevik is a developer tool not directed at children. The website does not knowingly collect information from anyone under 16.

12. International transfers

SensiSec is based in Australia. The website CDN, payment provider, and email infrastructure may process data outside Australia under their own terms. Endpoint event data does not flow to SensiSec; in Team its location is determined by where your organization hosts its server, and in Personal it stays on your device.

13. Changes to this policy

We may update this policy as the product evolves. The “Last updated” date at the top reflects the most recent change. Material changes will be announced on this page and, where appropriate, by email.

14. Contact

SensiSec Pty Ltd (ABN 88 663 013 063)
Australia
privacy@naevik.ai