Compliance certifications
Navattic maintains industry-standard certifications to support enterprise procurement and infosec reviews. Current certifications — including SOC 2 Type II and GDPR compliance — are listed on the Navattic Trust Center.If your infosec team needs security documentation or you need to complete a vendor security questionnaire, visit the Trust Center or contact success@navattic.com.
How Navattic captures and stores data
Navattic captures static HTML snapshots of your application — not live access to your product or its underlying data. When you use the capture tool:- Navattic records a visual copy of your app at the moment of capture.
- Your live application data is not connected to or accessible through the demo.
- Captured content is stored and served from Navattic’s cloud infrastructure.
Protecting sensitive data in demos
Before sharing a demo, review your captures for any sensitive content that may have been included unintentionally.Avoid capturing sensitive screens
Before starting a capture session, navigate away from any screens that contain data you don’t want included. You can also delete individual captures from a collection if they contain content you want to exclude.Blur sensitive content
Use the blur tool in the capture editor to mask areas containing name, locations, or sensitive data. Select any region of a capture and apply a blur to hide it from viewers.Edit or replace text
You can edit text directly within a capture to replace customer names, email addresses, or other sensitive strings with placeholder values.Demo access controls
Navattic gives you several ways to control who can view a shared demo.| Setting | What it does |
|---|---|
| Link expiration | Set a date after which the share link stops working. |
| Password protection | Require viewers to enter an access code before viewing. |
| Domain restriction | Limit access to viewers from specific email domains. |
| Form gating | Require viewers to submit a form before they can proceed. |
| Revoke access | From Launchpad, disable a share link at any time from the Manage tab. |
Workspace security features
Navattic provides several tools for securing and governing your workspace.SSO
Require members to authenticate using an identity provider such as Okta or Azure AD.
Directory sync
Automatically provision and deprovision users via SCIM.
Audit logs
Monitor workspace activity with a full audit trail. Available on Enterprise plans.
Custom domains
Serve demos from your own branded domain over HTTPS.
Roles and permissions
Navattic has three workspace roles:- Admin — Full access to all workspace settings, demos, and members.
- Builder — Can create, edit, and publish demos. Cannot change workspace settings.
- Rep — View and share demos through Launchpad. Cannot build or edit demos.
AI and data privacy
Navattic’s AI features — including Copilot, AI avatars, and voiceover — process content to generate outputs on your behalf. Navattic does not use your demo content to train AI models. For specific details on data processing for AI features, refer to the Navattic Trust Center.Security review support
If your procurement or infosec team needs additional documentation:- Visit the Navattic Trust Center to download security reports and policies.
- Contact success@navattic.com to request custom security materials or fill out a vendor questionnaire.