NarrowNarrow

Legal

Privacy Policy

Last updated: April 23, 2026

This Privacy Policy explains what data Narrow ("we", "us") collects, how we use it, and the choices you have. It applies to the Narrow website and application (the "Service"). By using the Service, you agree to this policy.

1. What we collect

We collect three categories of data:

  • Account information. Your email address, display name, and (optionally) profile photo when you sign up — directly or through Google sign-in.
  • Workspace data. When you connect a provider like GoHighLevel or Stripe, we sync data from those systems into your workspace, including contacts, opportunities, charges, customers, invoices, subscriptions, and related records. We store the original API responses so we can answer questions about your data accurately.
  • Usage telemetry. Basic logs (timestamps, route, status codes) and error reports captured by Sentry to diagnose problems. We do not run third-party advertising or analytics trackers.

2. How we use your data

  • To deliver, maintain, and improve the Service.
  • To generate AI answers, scorecards, and digests you request.
  • To send transactional emails (e.g., sign-in links, alerts, weekly digests you opt into).
  • To detect and prevent abuse, security incidents, and outages.
  • To comply with legal obligations.

We do not sell your personal information. We do not use your Customer Data to train foundation models.

3. Subprocessors

We rely on the following service providers to operate Narrow:

  • Supabase — primary database and authentication.
  • Lovable AI Gateway — routes prompts to AI model providers (e.g., Google, OpenAI).
  • Sentry — application error monitoring.
  • Resend — transactional email delivery.
  • GoHighLevel, Stripe — third-party data sources you authorize via OAuth.

Each subprocessor accesses only the data needed to perform its function and is contractually bound to appropriate confidentiality and security obligations.

4. Data retention

We retain your account and workspace data for as long as your workspace is active. When you delete a workspace, we remove Customer Data from production systems within 30 days. Backups are encrypted and age out on a rolling schedule. Aggregated, non-identifying usage statistics may be retained longer.

5. Your rights

You can:

  • Access your data through the in-app workspace export.
  • Export a full copy of your workspace data as JSON.
  • Correct account details from your profile settings.
  • Delete your workspace, which triggers data deletion as described above.

If you are in the EU, UK, or California, you may have additional rights under GDPR, UK GDPR, or CCPA, including the right to object to processing and to lodge a complaint with a supervisory authority. To exercise any of these rights, email privacy@joinnarrow.com.

6. Cookies

We use a small number of strictly necessary cookies to keep you signed in and to remember your workspace selection. We do not use advertising or cross-site tracking cookies, so no consent banner is required in most jurisdictions.

7. Security

Data is encrypted in transit (TLS) and at rest. Provider credentials (OAuth refresh tokens, webhook secrets) are encrypted at the application layer using a key managed in our backend. Access to production systems is limited to authorized personnel and audited.

No system is perfectly secure. If you discover a vulnerability, please email security@joinnarrow.com.

8. International transfers

Our infrastructure is hosted in the United States. If you access the Service from outside the US, your data will be transferred to and processed in the US. We rely on Standard Contractual Clauses or equivalent safeguards where required.

9. Children

Narrow is not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us and we will delete it.

10. Changes

We may update this policy from time to time. Material changes will be announced by email or in-app notice at least 14 days before they take effect.

11. Contact

Questions about this policy? Email privacy@joinnarrow.com.