Privacy Policy

This privacy policy explains how Narev Inc., a Delaware corporation, handles data during the management and optimization of Large Language Model (LLM) financial operations.

Data Handling

Our FinOps service is designed with privacy-first principles. We process financial and usage data necessary to provide cost optimization and governance for your LLM operations. All data is handled securely and in accordance with applicable privacy laws.

Information Processing

The service processes:

LLM usage metrics and billing data
Cost allocation and budget information
Provider billing APIs and account information
Usage patterns for cost optimization
Performance metrics for financial reporting
Organizational structure data for cost attribution

We do not:

Store unnecessary personal information
Share financial data between clients
Access LLM model outputs or training data
Monitor individual user conversations or queries

Cookies

We use cookies to provide essential functionality and understand how our service is used. This section explains what cookies we use and why.

Strictly Necessary Cookies

These cookies are essential for the website to function properly and cannot be disabled. They are used for security and authentication purposes:

__Host-authjs.csrf-token: Essential for CSRF (Cross-Site Request Forgery) protection during authentication. This cookie ensures the security of your login process and protects against malicious attacks.
__Secure-authjs.callback-url: Essential for the authentication flow, storing the URL to redirect you to after successful login. This ensures you return to the intended page after authentication.

These cookies:

Are session cookies that expire when you close your browser
Use secure prefixes (__Host- and __Secure-) for enhanced security
Are served only over HTTPS connections
Cannot be accessed by JavaScript to prevent theft
Are essential for the security and functionality of our authentication system

Analytics Cookies

We use Umami, a privacy-focused analytics service, to understand how our website is used:

Purpose: To collect anonymous usage statistics and improve our service
Data collected: Page views, referrer information, basic device/browser type
Privacy: All data is anonymized and cannot identify individual users
No tracking: Does not track users across different websites
No personal data: No personally identifiable information is collected
Storage: Analytics data is processed server-side without persistent cookies on your device

Our analytics implementation:

Does not require consent under GDPR as no personal data is collected
Cannot identify individual users or sessions
Is fully compliant with privacy regulations
Uses aggregated, anonymous data only

Managing Cookies

Strictly Necessary Cookies: These cannot be disabled as they are essential for the website's security and functionality. Disabling them would prevent you from logging in or using our service securely.

Analytics: Our analytics system does not use tracking cookies and processes all data anonymously. No personal information is collected or stored.

If you wish to disable cookies entirely through your browser settings, please note that this will prevent you from logging in and using our authenticated services.

Data Security

The service includes robust security features:

End-to-end encryption for data in transit and at rest
Secure API authentication and access controls
SOC 2 compliant data handling procedures
Role-based access controls for financial data
Regular security audits and monitoring

Usage Analytics

We collect usage metrics for:

Service performance monitoring
Cost optimization algorithm improvement
System reliability and uptime
Technical troubleshooting and support
Product development and feature enhancement

All metrics are aggregated and anonymized where possible, with no identifying information about specific financial decisions or sensitive business data.

Third-Party Integrations

When you connect to external LLM providers and cloud platforms through our service:

You are subject to their respective privacy policies
We maintain strict data isolation between clients
We use secure API connections with proper authentication