Privacy Policy

Last updated: October 24, 2024

At NymAI, protecting your data is our core mission. This Privacy Policy explains how we collect, use, and safeguard your information when you use our privacy firewall, browser extensions, and developer tools. We are committed to transparency and the principles of data minimization.

info1. Information We Collect

We collect information to provide better services to all our users. The types of information we collect include:

  • Account Information: When you register for NymAI, we collect basic information such as your email address, name, and billing details to manage your subscription.
  • Usage Data: We collect anonymous telemetry data regarding the performance of our extensions and API usage (e.g., number of requests redacted, latency metrics). This data does not contain the content of your requests.
  • Technical Information: We may collect information about your device, browser type, IP address, and operating system to ensure compatibility and security.

security2. Content Processing & Redaction

Important: NymAI is designed as a privacy firewall. The text content you process through our extensions or proxy is analyzed for sensitive information (PII, secrets, keys) in real-time.

Our architecture prioritizes local processing wherever possible. When using our VS Code or Chrome extensions, redaction logic runs directly on your device.

If you utilize our cloud-hosted proxy for specific enterprise features, the content data is processed in volatile memory solely for the purpose of redaction and is never persisted to disk or stored in any database. Once the request is forwarded to the destination LLM provider, the content is immediately discarded from our systems.

settings_applications3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve our services and extensions.
  • To process transactions and manage your account.
  • To communicate with you about product updates, security alerts, and support messages.
  • To detect, prevent, and address technical issues and security vulnerabilities.

share4. Data Sharing and Disclosure

We do not sell your personal data. We only share your information in the following limited circumstances:

  • Service Providers: We may share data with trusted third-party vendors (e.g., payment processors like Stripe) solely for the purpose of enabling our services.
  • Legal Requirements: We may disclose information if required by law or in response to valid requests by public authorities (e.g., a court or a government agency).
  • Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.

lock5. Data Security

Security is our business. We implement industry-standard security measures to protect your data, including:

Encryption

Data is encrypted in transit using TLS 1.3 and at rest using AES-256 standards.

Access Controls

Strict role-based access controls ensure only authorized personnel can access administrative systems.

Audits

Regular security audits and vulnerability assessments to identify and patch potential risks.

SOC 2 Compliance

We align our internal processes with SOC 2 Type II standards to ensure operational security.

gavel6. Your Data Rights

Depending on your location, you may have the following rights regarding your personal data:

  • The right to access, update, or delete the information we have on you.
  • The right of rectification.
  • The right to object.
  • The right of restriction.
  • The right to data portability.
  • The right to withdraw consent.

To exercise any of these rights, please contact us at [email protected].

Contact Us

If you have any questions about this Privacy Policy, please contact us:

NymAI Inc.

123 Privacy Lane, Suite 400

San Francisco, CA 94107

Email: [email protected]