Privacy Policy - SOC 2 Navigator

Effective date: November 15, 2025

Who we are

nexttap.net publishes the macOS app SOC 2 Navigator. Contact: https://www.nexttap.net/contact

What the app does

SOC 2 Navigator helps users prepare for SOC 2 compliance audits by tracking controls, implementation checklists, evidence collection, and audit readiness. Users can select Trust Service Categories (Security, Availability, Confidentiality, Processing Integrity, Privacy), mark control implementation status, upload evidence files, add notes, and export audit-ready reports. The app offers a free version with limited features and a Pro version unlocked via one-time in-app purchase.

Data we collect from the app

  • We do not collect personal data.

  • On-device only: All project data (control status, checklists, notes, uploaded evidence files, audit dates, and custom controls) are stored locally on your Mac.

  • No servers: The app does not send your data to us or any third party.

  • Evidence files: Any documents you upload (policies, screenshots, reports) remain on your Mac. We never access, transmit, or store these files.

  • Exporting: If you export an audit report (PDF), macOS uses the system save/share dialog. The exported file goes only to the location you choose. We do not receive it.

Accounts, tracking, and ads

  • No accounts or logins

  • No third-party SDKs

  • No analytics or tracking

  • No ads

Diagnostics & crash reports

If you opt in to share analytics with developers in macOS settings, Apple may provide aggregated crash logs/diagnostics. These do not directly identify you.

Payments

Purchases (SOC 2 Navigator Pro in-app purchase) are processed by Apple. We do not receive your payment details. Apple may share aggregated sales reports with us (no personal data).

When you contact us

If you contact us via https://www.nexttap.net/contact, we'll process the information you provide (e.g., your email address and message) to respond. We keep these messages only as long as needed to handle your request.

Your rights (EU/EEA)

If you contact us and share personal data, you can request access, correction, deletion, restriction, or portability, and you may object to processing. You also have the right to lodge a complaint with your local data protection authority (in Luxembourg: the CNPD).

Children's privacy

The app is a professional compliance tool with no user-generated content, social features, or ads. It is designed for business use.

Security

The app is designed to work offline and store all compliance data and evidence files on your device. Your sensitive audit materials never leave your Mac unless you explicitly export or share them. If you email us, we take reasonable steps to secure those communications.

International transfers

We do not run cloud services for this app and do not transfer app data internationally. Email communications may be processed by our email provider to deliver messages.

Changes to this policy

We may update this policy to reflect app or legal changes. We'll revise the Effective date above. Material changes will be highlighted where possible.

Contact

Questions about privacy? Visit https://www.nexttap.net/contact