Nveda Fintech Pvt ltd | Ninja Labs - FZCO
Effective Date: January 2025
Last Updated: November 2025
---
1. Introduction
This Privacy Policy explains how Nveda Fintech Private Limited (“Nveda”, “we”, “us”, or “our”) collects, uses, shares, and protects information when you use NIN Genie, an agentic assistant and orchestration layer within the NINGENIE workspace of the NINX platform (the “Service”).
By accessing or using NIN Genie, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, you should not use the Service.
If you use NIN Genie on behalf of an organization, you confirm that you are authorized to accept this Privacy Policy on that organization’s behalf.
---
2. Scope
This Privacy Policy applies to:
- The NIN Genie web experience accessible via the NINGENIE workspace on the NINX platform.
- Any related interfaces, dashboards, or tools where NIN Genie is presented to you.
It does **not** replace the broader NINX platform Privacy Policy, which applies to your use of other NINX products and services.
---
3. Information We Collect
We collect the following categories of information when you use NIN Genie:
### 3.1 Account and Profile Information
- Name and contact details (such as email address) provided during account creation or profile setup.
- Organization or company details if you use NIN Genie in a business context.
- Authentication and login identifiers used to access NINX and NIN Genie.
### 3.2 Usage and Interaction Data
- Prompts, instructions, and natural language inputs (including voice inputs where enabled).
- Configuration data, preferences, and settings you define within NIN Genie.
- Logs of actions executed by NIN Genie on your behalf, such as tasks initiated, workflows run, or connectors used.
- Technical telemetry such as timestamps, approximate location (where enabled), device type, browser type, and app performance metrics.
### 3.3 Connector and Integration Data
When you connect third party services (for example, communication tools, financial platforms, or productivity apps), we may collect:
- OAuth tokens, API keys, session credentials, or similar access artifacts.
- Metadata required to identify accounts, workspaces, or resources within those services.
- Limited data from those services as necessary to perform the actions you request (for example, reading messages to summarize them, retrieving transactions to categorize them, or accessing documents to analyze them).
We do **not** collect more data from connected services than is reasonably necessary to provide a given feature or workflow.
### 3.4 Payment and Billing Data
If NIN Genie is part of a paid subscription or usage-based plan, we may collect:
- Billing contact information (such as name, address, and email).
- Limited payment-related information processed via third party payment processors (we do not store full payment card details on our own systems).
### 3.5 Support and Communication Data
- Emails, support tickets, and other communications you send to us.
- Feedback, surveys, or product reviews you choose to provide.
---
4. How We Use Your Information
We use the information we collect for the following purposes:
### 4.1 To Provide and Operate NIN Genie
- Interpret your prompts and instructions.
- Plan, orchestrate, and execute workflows across connected services.
- Generate responses, summaries, recommendations, and other outputs.
- Maintain your sessions, histories, and workspace context.
### 4.2 To Secure the Service
- Authenticate users and protect accounts from unauthorized access.
- Detect, prevent, and respond to fraud, abuse, or security incidents.
- Monitor system performance, availability, and integrity.
### 4.3 To Improve and Develop the Service
- Analyze anonymized or aggregated usage trends.
- Improve our models, workflows, and orchestration logic.
- Test new features and product improvements.
Where practical, we use de-identified or aggregated data for analytics and improvement.
### 4.4 To Comply with Legal and Regulatory Obligations
- Maintain records required under applicable laws and regulations.
- Respond to law enforcement or regulatory requests where we are legally required to do so.
- Enforce our Terms of Service and other contractual obligations.
### 4.5 To Communicate with You
- Send service-related notifications and updates.
- Respond to your inquiries and support requests.
- Provide important information about changes to our policies, security practices, or features.
---
5. Use of AI and Third-Party Model Providers
NIN Genie uses artificial intelligence models to process your instructions and content. We may use:
- Models and infrastructure operated by Nveda or its affiliates.
- Third party AI providers and model APIs, under their respective terms and privacy commitments.
When we send your content to third party AI providers:
- We limit the data to what is necessary to generate the output or perform the requested operation.
- We require our providers to implement appropriate security and confidentiality controls.
- Where possible, we instruct providers not to use your data to train or improve their models beyond what is required to provide the Service.
Details about specific AI providers may be documented in separate product or security notices.
---
6. Connectors and Third Party Services
When you connect NIN Genie to third party services:
- You authorize NIN Genie to access those services **only within the scope of the permissions you grant**.
- Your use of each third party service is governed by that provider’s own terms and privacy policy.
- NIN Genie may send data to and receive data from those services to carry out your instructions (for example, reading messages, creating tasks, initiating payments, or fetching financial data).
We are not responsible for the privacy or security practices of third party services, and we encourage you to review their policies before granting access.
You may revoke connector access at any time from your account or the relevant provider’s settings. Revoking access may disable certain NIN Genie features.
---
7. Legal Bases for Processing (Where Applicable)
Where required by applicable law (for example, in the European Economic Area or similar jurisdictions), we rely on one or more of the following legal bases:
- **Performance of a contract:** to provide you with NIN Genie and perform our obligations under the Terms.
- **Legitimate interests:** to operate, secure, and improve the Service in ways that are consistent with your rights and expectations.
- **Legal obligations:** to comply with relevant laws, regulations, and regulatory requirements.
- **Consent:** where you have given clear consent for specific processing activities (for example, certain marketing communications or experimental features).
You may withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
---
8. Data Retention
We retain your information for as long as needed to:
- Provide and maintain NIN Genie and related services.
- Fulfill the purposes outlined in this Privacy Policy.
- Comply with legal, regulatory, and compliance obligations (including record-keeping requirements).
- Resolve disputes and enforce our agreements.
Retention periods may differ across data types and jurisdictions. When data is no longer required, we will delete or irreversibly anonymize it in accordance with our data retention policies.
---
9. Data Sharing and Disclosures
We may share your information with:
- **Service providers and subprocessors** who help us operate NIN Genie (for example, hosting providers, AI infrastructure providers, analytics providers, and customer support tools).
- **Affiliates and group companies** involved in operating the NINX platform.
- **Professional advisors** such as lawyers, auditors, and consultants under appropriate confidentiality obligations.
- **Regulators and authorities**, if we are legally required to do so or to protect our rights, users, or the public.
- **Third parties in connection with a business transaction**, such as a merger, acquisition, or sale of assets, subject to appropriate safeguards.
We do **not** sell your personal data for monetary consideration.
---
10. International Data Transfers
Your information may be processed and stored in countries outside your country of residence, including jurisdictions that may have different data protection laws.
Where required by law, we implement appropriate safeguards for international transfers, such as:
- Contractual protections (for example, standard contractual clauses).
- Organizational and technical measures to help protect your data.
By using NIN Genie, you understand that your data may be transferred to and processed in such locations.
---
11. Security
We implement a range of technical and organizational measures to protect your information, including:
- Encryption of credentials, API keys, and sensitive configuration data.
- Role-based access controls and logging for administrative actions.
- Segregation of environments and least-privilege principles for internal access.
- Monitoring and alerts for suspicious activity.
No system can be completely secure, and we cannot guarantee absolute security. However, we continuously work to protect your information and review our controls over time.
For additional details, please review the **NIN Genie Security Policy** (linked from our website or product UI).
---
12. Your Rights and Choices
Depending on your jurisdiction, you may have some or all of the following rights in relation to your personal data:
- **Access:** request a copy of the personal data we hold about you.
- **Correction:** request correction of inaccurate or incomplete personal data.
- **Deletion:** request deletion of your personal data, subject to legal or compliance obligations.
- **Restriction:** request restrictions on how your personal data is processed.
- **Portability:** request to receive your personal data in a structured, commonly used, and machine-readable format (where applicable).
- **Objection:** object to certain types of processing, including processing based on legitimate interests or direct marketing.
- **Withdrawal of consent:** withdraw consent where processing is based on your consent.
To exercise these rights, please contact us using the contact details in the **Contact** section below. We may need to verify your identity before fulfilling your request.
If you believe your privacy rights have been violated, you may also have the right to lodge a complaint with a supervisory authority or data protection regulator in your jurisdiction.
---
13. Children’s Privacy
NIN Genie is not designed or intended for use by children under the age of 18. We do not knowingly collect personal data from children under 18.
If you believe that a child has provided us with personal data in violation of this policy, please contact us so that we can take appropriate steps to delete the information.
---
14. Links to Other Services
NIN Genie and the NINX platform may contain links to websites, services, or applications that are not owned or controlled by Nveda. This Privacy Policy does not apply to those third party services.
We encourage you to review the privacy policies of any third party services before using them or granting NIN Genie access.
---
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will update the “Last Updated” date at the top of this page. Where required by law, we will provide additional notice of material changes (for example, via email or in-product notifications).
Your continued use of NIN Genie after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.
---
16. Contact
If you have any questions, requests, or concerns about this Privacy Policy or our data practices for NIN Genie, you can contact our legal and compliance team:
Nveda Fintech Pvt ltd | Ninja Labs - FZCO
Email: legal@nin.in
Compliance: compliance@nin.in
Privacy and Data Protection: privacy@nin.in