Security Systems and Privacy
1. Definitions
For the purposes of this document, the following terms have the meaning given below:
Platform / NAVA MARKET
Electronic platform for commercial purposes operating under the trade name NAVA MARKET. This platform includes the website, mobile applications and all services related to them.
Platform Holder
The legal or natural person, the legal owner of NAVA MARKET, who possesses all legal powers for strategic and operational decision-making.
Data Controller
NAVA MARKET, based in Tirana, which reserves the right to determine the purposes and means of processing personal data in accordance with Law no. 9887/2008.
Commissioner
The Commissioner for the Right to Information and Protection of Personal Data in the Republic of Albania.
IT Office
The specialized department within the organization responsible for managing information technology systems and data security.
Data Subject
The identified or identifiable natural person to whom the personal data refer.
2. Personal Data and Use
The management and use of all data included on the NAVA MARKET Platform website is carried out in accordance with law no. 9887. This notice applies to the information collected regarding:
Listed Items
Data related to the products, descriptions and specifications published on the platform.
Platform Users
Identifying data, preferences and interaction history.
3. Access to Personal Data
The Platform aims to be as transparent as possible in giving users access to their data. Anyone has the right to request information by sending a request to legal@nava.com.
- ✓ A description of the available data;
- ✓ The reason for their retention;
- ✓ The entities that have access to them;
- ✓ A copy of the information in an understandable form.
4. Visitors (Technical Data)
The system collects standard information: online registration, listing clicks, time spent and interactions.
In accordance with GDPR requirements, the platform does not allow the use of analytical tools that track or collect personal information that could identify visitors.
The search engine is contained entirely within NAVA and the services that enable NAVA to function, such as Cloud Computing (see the data processors listed below). All requests are handled by the application, and no information is transferred to any third party.
5. Data Dissemination
Disclosure or dissemination of data is carried out only in accordance with the purpose for which they were collected.
- ✓Use of data only according to the purpose(s) for which they are kept.
- ✓With the consent of the data subject.
- ✓According to legal requirements (e.g. criminal acts).
- ✓Based on acts issued by the Commissioner for Personal Data Protection.
6. Data Processors
The Platform uses certified third-party services:
Amazon Web Services (AWS)
Hosting & Cloud ComputingPlatform hosting, data storage, backup. ISO 27001 certified.
ISO 27001Data may be processed in data centers in the EU.
Stripe
Payment ProcessingProcessing of financial transactions (credit cards, billing).
PCI DSS Level 1International Transfer: Uses EU adequacy decisions or Standard Contractual Clauses.
7. Market Analysis & Artificial Intelligence
NAVA MARKET develops research reports using the CRISP-DM standard (business understanding, data understanding, modeling, evaluation).
Bias Prevention
Implementation of rigorous measures for preventing biases (referencing ISO/IEC 24027): Historical, demographic and algorithmic and other biases.
Compliance with the EU AI Act (Articles 10 & 13):
- Relevant, representative and complete data.
- Error-free and with appropriate statistical properties.
- Technical documentation for transparency and reliability.
8. Technical Security Measures
NAVA Market takes special security measures to protect data from unauthorized access and destruction:
9. Physical Security of Environments
- Unauthorized persons are not allowed entry without permission from the holder.
- Checking for surveillance, recording or filming devices.
- Continuous monitoring with physical guards (day and night).
- Maintenance personnel allowed only with special authorization.
10. Children’s Privacy
The NAVA MARKET Platform is aware of the importance of protecting the privacy of children, especially in the online environment.
We do not knowingly collect personal data from children under the age of 18 (or the relevant local age limit) without verifiable parental or legal guardian consent. Users aged 13-17 may create accounts with parental consent for browsing purposes only.
If we discover that we have collected personal data from a child without this consent, we will take immediate steps to delete such data from our servers. Parents are encouraged to monitor their children’s internet usage.
11. Changes and Contact
Any request or complaint related to privacy should be sent to our addresses:
NAVA Market will regularly update notifications, considering privacy policies extremely important.