NjuruNjuru, Building excellence, creating legacies
Trust Center

Built with care for the people
who use it.

A single place to read how we handle privacy, security, your data, and the disclaimers that keep us honest. Anything you can't find here, write to hello@njuru.com, we'd rather answer than have you guess.

Privacy by default

We collect the least we need, never sell your data, and offer the full set of GDPR / UK GDPR / CCPA rights to anyone who asks, not just visitors in those regions.

Privacy Policy

Cookies you can choose

A small number of essential cookies keep the site working. Optional analytics ones are off until you say otherwise. We respect Global Privacy Control and Do-Not-Track.

Cookie Policy

Security as practice

Hardened HTTP security headers, encrypted transport, principle-of-least-privilege access, and a public vulnerability-disclosure pathway with safe-harbour terms.

Vulnerability Disclosure

Your data, your call

Send us a Data Subject Access Request and we’ll respond within statutory time limits, access, correction, deletion, portability, restriction, or objection.

Make a request

Honest disclaimers

No legal advice from Advottic. No tax advice from Taxottic. No investment advice from anyone in the group. No racing on public roads from Rolls & Digs. We say what we are, and what we are not.

Disclaimer

Group-wide protection

Privacy, terms, and all the policies below cover Njuru LLC and every venture inside the group: Techno Optics, Advottic, Taxottic, and Rolls & Digs.

All legal documents
IIStanding commitments

Five things we hold steady, no matter what we’re building.

  1. 01

    We never ask for sensitive credentials by email

    No-one at Njuru or our ventures will ever ask you to share passwords, full payment-card numbers, or copies of identity documents over email or chat. If anyone claiming to be from us does, forward the message to security@njuru.com.

  2. 02

    We use HTTPS everywhere

    Every page on njuru.com and the venture sites is served over HTTPS with HSTS. Mixed-content pages are not allowed.

  3. 03

    We minimise third-party JavaScript

    Loading other people’s scripts is the most common way websites leak data. We avoid them. The few sub-processors we rely on (hosting, email delivery) are listed in the Privacy Policy.

  4. 04

    We rate-limit and validate AI input

    The Ask Bella assistant rate-limits per-IP requests, ignores attempts to exfiltrate the system prompt, and refuses to give legal, financial, or medical advice.

  5. 05

    We retain only what we need

    Visitor enquiries are retained for up to 24 months from your last contact unless you ask us to delete sooner. Web logs typically rotate within 30-180 days. Client engagement records follow the retention table in the Privacy Policy.

Anything else we can answer?

We’re a small team and we read every note. For privacy and data-rights questions, write to privacy@njuru.com. For security, security@njuru.com. For everything else, hello@njuru.com.