nav0

Appearance

Privacy Policy

Effective Date: March 7, 2026 Last Updated: March 7, 2026

This Privacy Policy describes how nav0 ("we," "us," or "our") handles information in connection with the nav0 Browser application ("the Browser") and the nav0 website at https://nav0.org ("the Website"). We are committed to being transparent about our practices — which, in short, means we collect nothing.

1. Our Core Principle

nav0 does not collect, store, transmit, or process any personal data. Period.

This is not a simplified summary. This is the complete policy. nav0 was built from the ground up with the belief that privacy is not a feature to be toggled — it is the foundation of the entire product. Every architectural decision in nav0 is made with one question in mind: "Does this protect the user's privacy?" If the answer is anything other than an unequivocal "yes," we don't ship it.

2. Information We Do NOT Collect

2.1 No Telemetry or Analytics

nav0 does not include any telemetry, analytics, or usage-tracking code. We do not collect:

  • Usage statistics or behavioral data
  • Crash reports or error logs
  • Feature usage or engagement metrics
  • A/B testing data or experiment identifiers
  • Session duration or frequency of use
  • Click patterns, scroll behavior, or interaction data
  • Performance metrics or benchmarks from your device

2.2 No Personal Information

nav0 does not collect, request, or store any personal information, including but not limited to:

  • Names, usernames, or display names
  • Email addresses or phone numbers
  • Mailing addresses or geographic location
  • Date of birth, gender, or demographic information
  • Government-issued identification numbers
  • Payment information, billing details, or financial data
  • Photographs, avatars, or biometric data

2.3 No Browsing Data

nav0 does not monitor, log, or transmit any information about your browsing activity:

  • URLs visited or pages viewed
  • Search queries entered in the address bar or search engines
  • Browsing history or navigation patterns
  • Form data, autofill information, or input content
  • Downloaded files or download history
  • Bookmarks, reading lists, or saved pages
  • Tab activity, tab count, or tab order

2.4 No Device or System Information

nav0 does not fingerprint, catalog, or transmit any information about your device:

  • Hardware model, CPU, GPU, or RAM specifications
  • Operating system type, version, or patch level
  • Screen resolution, display density, or monitor configuration
  • Installed software, fonts, or browser extensions
  • Battery status or charging state
  • Storage capacity or disk usage
  • Peripheral devices or accessories

2.5 No Network Information

nav0 does not collect, intercept, or store any network-level data:

  • IP addresses (neither local nor public)
  • Geographic location or geolocation data
  • Internet service provider (ISP) details
  • Network type (Wi-Fi, cellular, ethernet)
  • Connection speed or bandwidth metrics
  • DNS queries or resolver information
  • MAC addresses or network interface identifiers

3. How nav0 Achieves Zero Data Collection

3.1 No User Accounts

Most data collection begins with account creation. nav0 has no accounts, no sign-in, no registration, and no user profiles. There is nothing to authenticate and no identity to track. You download the browser, and you use it — no strings attached.

3.2 No Cloud Services

All data generated by your use of nav0 stays entirely on your local device:

  • Bookmarks are stored in a local file on your machine
  • Browsing history is stored in a local SQLite database
  • Settings and preferences are saved in a local configuration file
  • Downloads are saved to the folder you choose on your device
  • Cookies are stored locally and managed by the Chromium engine

There is no cloud sync, no remote backup, and no server-side storage of any kind. If you uninstall nav0 or delete its data folder, your data is gone — because it was never anywhere else.

3.3 No Phone-Home Connections

nav0 makes zero unsolicited network requests. The browser does not:

  • Ping analytics or telemetry servers
  • Send heartbeat or keep-alive signals to any server
  • Transmit "anonymous" or "aggregated" usage data
  • Check in with a central server on startup or shutdown
  • Perform background synchronization of any kind
  • Fetch remote configuration or feature flags

The only network requests nav0 makes are the ones you explicitly initiate — by navigating to a website, performing a search, or downloading a file.

3.4 No Auto-Update Phoning Home

nav0 does not silently check for updates in the background. You choose when and how to update. We publish release notes and downloads on our website and GitHub repository, and you are free to update at your own pace — or not at all.

3.5 Open Source Verification

nav0 is fully open-source under the MIT License. Every line of code is publicly available for inspection at https://github.com/nav0-org/nav0-browser. You can:

  • Audit the source code for any data collection mechanisms
  • Build the browser from source to ensure the binary matches the code
  • Monitor network traffic with tools like Wireshark to verify that no unexpected connections are made
  • Fork the project and modify it to suit your needs

We encourage users, security researchers, and privacy advocates to audit our code. We have nothing to hide.

4. Local Data Storage

While nav0 does not collect or transmit data, the browser does store certain data locally on your device to function properly. This data never leaves your machine.

4.1 Browsing History

If you are not using Private Browsing mode, nav0 stores a local record of visited URLs and page titles to provide the history feature. This data is stored in a local SQLite database and is never transmitted. You can clear your history at any time from the browser settings.

4.2 Bookmarks

Bookmarks you create are stored in a local file. They are never synced, uploaded, or shared with any server.

4.3 Cookies and Site Data

Websites you visit may set cookies in your browser. nav0 provides controls to manage cookies:

  • Block third-party cookies
  • Clear cookies on demand
  • Use Private Browsing mode to prevent cookie persistence

Cookies are stored locally by the Chromium engine and are never accessed, read, or transmitted by nav0 itself.

4.4 Download Records

nav0 maintains a local record of files you have downloaded (file name, source URL, download date) to populate the Downloads page. The actual downloaded files are stored wherever you choose to save them. These records are stored locally and are never transmitted.

4.5 Browser Settings

Your preferences and settings (e.g., default search engine, ad-blocking preferences, appearance settings) are stored in a local configuration file. These settings are never transmitted or synced.

4.6 Private Browsing Mode

When you use Private Browsing mode, nav0 does not persist any browsing history, cookies, or site data after the private window is closed. Data generated during a private session exists only in memory and is discarded when the window is closed.

5. Third-Party Interactions

While nav0 itself does not collect data, your interactions with third-party services through the browser are governed by those services' own privacy policies.

5.1 Search Engines

When you perform a search, your query is sent to your chosen search engine. nav0 does not intercept, log, or modify these queries. We recommend using privacy-respecting search engines such as:

  • DuckDuckGo
  • Startpage
  • Brave Search

Your choice of search engine and the data it collects is governed by that search engine's privacy policy, not ours.

5.2 Websites You Visit

Websites you visit through nav0 may collect data about your visit through their own tracking mechanisms, including:

  • First-party and third-party cookies
  • JavaScript-based analytics and tracking scripts
  • Server-side logging of IP addresses and request data
  • Browser fingerprinting techniques

nav0 provides built-in tools to mitigate these risks:

  • Ad and tracker blocking using curated filter lists (EasyList and custom lists)
  • Third-party cookie blocking to limit cross-site tracking
  • HTTPS auto-upgrade to enforce encrypted connections where possible
  • Private Browsing mode to limit data persistence
  • Fingerprint protection to reduce browser fingerprinting surface

However, we cannot fully control what websites do on their end. We encourage you to be mindful of the sites you visit and the information you share.

5.3 Extensions

nav0 supports browser extensions. Third-party extensions operate under their own privacy policies and may collect data independently of nav0. We strongly recommend:

  • Reviewing the permissions requested by each extension before installation
  • Preferring open-source extensions that can be audited
  • Limiting the number of installed extensions to reduce your attack surface
  • Removing extensions you no longer use

nav0 is not responsible for data collection performed by third-party extensions.

5.4 Content Blocking Filter Lists

nav0's built-in ad and tracker blocker downloads and uses publicly available filter lists (such as EasyList) to block known tracking domains and advertising scripts. These filter lists are fetched from their respective public repositories. nav0 does not send any user data, browsing data, or device information when fetching these lists.

6. Data Requests and Law Enforcement

6.1 Law Enforcement Requests

If law enforcement agencies, government authorities, or courts request user data from nav0:

We have nothing to provide.

We do not possess, store, or have access to any user data. We cannot comply with data requests because there is no data to produce. This is not a policy choice — it is an architectural reality.

6.2 Subpoenas and Court Orders

The same applies to subpoenas, court orders, national security letters, or any other legal instruments compelling data disclosure. We physically cannot produce data we do not have.

6.3 No Backdoors

nav0 does not implement and will never implement backdoors, secret data collection mechanisms, or hidden surveillance capabilities. Our open-source codebase ensures that any such attempt would be immediately visible to the public.

7. Children's Privacy

nav0 does not collect personal information from anyone, including children under the age of 13 (or the applicable age of digital consent in your jurisdiction). Since we collect no data whatsoever, there is no risk of inadvertent collection of children's data. nav0 complies with the Children's Online Privacy Protection Act (COPPA), the General Data Protection Regulation (GDPR), and all applicable child privacy laws by virtue of collecting no data at all.

8. International Data Transfers

nav0 does not transfer data internationally — or at all. Since no data is collected, there is nothing to transfer across borders. Regardless of where you are located, your data stays on your device and is never sent to any server in any jurisdiction.

9. Data Security

9.1 Local Data Protection

While nav0 does not transmit data, we take the security of locally stored data seriously:

  • All local data is stored using standard file system protections provided by your operating system
  • Private Browsing mode ensures session data is held only in memory and discarded on window close
  • The browser uses Chromium's process sandboxing to isolate web content from your system
  • HTTPS is auto-upgraded where possible to protect data in transit between your browser and websites

9.2 Open Source Security

Our open-source model provides security through transparency:

  • Vulnerabilities can be discovered and reported by anyone
  • Security patches are developed and reviewed publicly
  • Users can audit the code and build from source
  • The community acts as a continuous security review team

9.3 Reporting Security Issues

If you discover a security vulnerability in nav0, please report it responsibly through our GitHub repository at https://github.com/nav0-org/nav0-browser. We take all security reports seriously and will work to address confirmed vulnerabilities promptly.

10. Compliance with Privacy Regulations

Because nav0 collects no personal data, it inherently complies with major privacy regulations worldwide:

10.1 General Data Protection Regulation (GDPR)

  • No data processing: nav0 does not process personal data as defined by the GDPR
  • No data controller/processor relationship: Since no data is collected, there are no data controller or data processor roles
  • No consent required: Since no data is collected, no consent mechanisms are needed
  • Right to erasure: There is nothing to erase from our end (local data can be deleted by the user at any time)
  • Data portability: All data is already on the user's device in accessible formats

10.2 California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)

  • No sale of personal information: nav0 does not sell, share, or disclose personal information
  • No data collection categories: None of the CCPA-defined categories of personal information are collected
  • No financial incentive programs: nav0 offers no incentive for sharing personal data

10.3 Other Regulations

nav0's zero-collection approach ensures compliance with privacy regulations globally, including but not limited to:

  • Personal Information Protection and Electronic Documents Act (PIPEDA) — Canada
  • Privacy Act 1988 — Australia
  • Protection of Personal Information Act (POPIA) — South Africa
  • Lei Geral de Protecao de Dados (LGPD) — Brazil
  • Personal Data Protection Act (PDPA) — Singapore
  • Information Technology Act and Digital Personal Data Protection Act — India

11. Changes to This Privacy Policy

11.1 Transparency Guarantee

Because nav0 is open source, any change to our privacy practices would require:

  1. Code changes — visible in our public GitHub repository
  2. A new release — you control when and whether you update
  3. Community review — our contributors and users actively review all changes

We will not and cannot silently change our privacy practices. The open-source model ensures accountability.

11.2 Notification of Changes

If we ever update this Privacy Policy, we will:

  • Update the "Last Updated" date at the top of this page
  • Document the changes in our release notes
  • Make the changes visible in our public Git history

11.3 Historical Versions

All previous versions of this Privacy Policy are available in our Git history. You can review the complete history of changes to this document at any time.

12. The nav0 Website

12.1 Website Analytics

The nav0 website at https://nav0.org does not use any analytics, tracking scripts, or cookies. The website is a static site generated with VitePress and hosted without server-side tracking.

12.2 Website Hosting

The website is hosted as a static site. The hosting provider may collect standard server access logs (IP addresses, request timestamps, user agent strings) as part of normal server operation. nav0 does not access, use, or analyze these logs.

12.3 External Links

The website may contain links to external services (e.g., GitHub). These external services have their own privacy policies that govern your interaction with them.

13. Open Source and Community

13.1 GitHub Interactions

If you interact with our GitHub repository (filing issues, submitting pull requests, commenting), your activity is governed by GitHub's Privacy Policy. nav0 does not collect or process data from GitHub interactions beyond what is publicly visible on the platform.

13.2 Community Communications

Any communications you initiate with us (e.g., bug reports, feature requests via GitHub Issues) are voluntary and governed by the platform's privacy policies. We do not harvest email addresses or contact information from these interactions for any purpose other than responding to your inquiry.

14. Comparison with Other Browsers

To illustrate how nav0 differs from mainstream browsers:

Data CategoryMainstream Browsersnav0
Browsing historyOften synced to cloud serversStored locally only, never transmitted
Search queriesLogged and analyzed for ad targetingNever intercepted or logged
Crash reportsAutomatically sent to vendorNever collected or transmitted
Usage patternsTracked for "product improvement"Not tracked at all
Device informationCollected for "compatibility"Not collected
IP addressLogged on vendor serversNever seen by us
User accountsRequired or strongly encouragedDo not exist
TelemetryOn by default, hard to disableDoes not exist in the codebase
Ad profilesBuilt from browsing behaviorNo profiling of any kind
Data salesCommon with "free" browsersNothing to sell

15. Your Responsibilities

While nav0 protects your privacy from the browser level, complete online privacy requires awareness on your part:

  • Use Private Browsing for sensitive activities to prevent local data persistence
  • Choose privacy-respecting search engines (DuckDuckGo, Startpage, Brave Search)
  • Be cautious with extensions — review permissions and prefer open-source options
  • Keep nav0 updated to benefit from the latest security fixes
  • Understand website tracking — websites can still track you through their own mechanisms
  • Use a VPN if you want to obscure your IP address from the websites you visit
  • Review cookie settings and clear cookies regularly

16. Contact Information

If you have questions, concerns, or feedback about this Privacy Policy or nav0's privacy practices:

17. Summary

QuestionAnswer
Does nav0 collect personal data?No
Does nav0 use analytics or telemetry?No
Does nav0 track browsing activity?No
Does nav0 sell or share data?No — there is no data to sell or share
Does nav0 have user accounts?No
Does nav0 sync data to the cloud?No
Does nav0 phone home?No
Where is my data stored?Locally on your device, nowhere else
Can law enforcement get my data from nav0?No — we don't have it
Is nav0 open source?Yes — verify everything yourself

Bottom line: Your browsing is your business. Not ours. Not anyone's.

Last updated:

Released under the MIT License.

Copyright nav0 Contributors