Naitiv Security and Privacy Policy
At Naitiv, safeguarding your privacy and securing your data is our top priority. This document outlines the security frameworks, privacy measures, and compliance policies that we adhere to in order to protect user information and ensure the confidentiality of all interactions on our platform.
1. Data Processing and Machine Learning Protocols
We do not use any customer conversation data for training our language models or machine learning algorithms. Our language models are built on proprietary datasets that are developed and verified by linguists and native speakers. Naitiv's machine learning process adheres to the following principles:
No Customer Data in Model Training: Your conversations are not used in any form for improving our AI or language models. All training data is sourced from ground-truth datasets created by language professionals.
Privacy-Respecting AI: Our AI models are developed with a commitment to ensuring that customer data remains confidential and isolated from training processes.
2. Data Privacy and Retention Policies
Naitiv enforces strict data privacy protocols to ensure that user conversations remain confidential:
No Data Retention: We do not store user conversations or logs on any web platform. All transcripts are saved locally on the user's device.
Temporary Data Processing: For users utilizing ElevenLabs, we provide an auto-delete feature that ensures any conversational data processed via ElevenLabs is automatically deleted.
Privacy by Design: Users who connect their own ElevenLabs API key benefit from enhanced privacy.
3. User Anonymity and Data Minimization
We follow User Anonymization practices to protect personal information:
Personal data is anonymized to ensure that it cannot be linked back to specific users without additional details.
Our tracking mechanisms, including MixPanel, do not collect identifiable user data. We prioritize Data Minimization by anonymizing all tracking, ensuring that even emails are excluded from any analytics processes.
4. Authentication and Access Control
Naitiv utilizes Passwordless Authentication via OTP to ensure secure access to the platform:
No passwords are stored in our databases, eliminating the risks associated with password-related breaches.
5. Subprocessors and Third-Party Service Providers
Naitiv works with a select group of trusted subprocessors to deliver high-quality services. Each subprocessor follows strict security and privacy standards to ensure compliance with global regulations. The following subprocessors are involved in Naitiv’s services:
Azure OpenAI: Handles advanced natural language processing without using any customer data for training. Privacy Policy
Hume AI: Provides emotion recognition and analysis services in real-time conversations. Privacy Policy
MixPanel: An anonymized tracking tool used for product improvement. No identifiable personal information is collected. Privacy Policy
ElevenLabs: Provides voice generation services, and no conversational data is stored unless a user’s own API key is used. Privacy Policy
6. Data Flow and Encryption Standards
Naitiv adheres to strict encryption standards and follows a well-defined data flow for processing user interactions:
Local Data Storage: We do not store any conversation logs or transcripts on our backend or in our cloud. Transcripts are saved directly to the user's local machine, ensuring complete control and privacy over your data.
7. Contact Information
If you have any questions or concerns regarding this Security & Privacy Policy, you can contact us using the following details:
Email: privacy@naitiv.ai
Chief Security Officer:Gayatri Shahane, gayatri@naitiv.ai
8. Organizational Security Practices
Naitiv employs best-in-class organizational security practices to protect access to internal systems:
Multi-factor authentication (MFA) is enforced for all employees, adding an additional layer of security to sensitive systems.
We are actively looking into pursuing SOC 2 compliance in the next 3 - 6 months