Privacy Policy

1.1 Account Information. When you create an account, we collect identifiers such as name, work email, organization, and authentication credentials (or the OAuth identifier from your identity provider).

1.2 Customer Data. Datasets, files, prompts, configurations, and other content that you or your organization submit to the Service. Customer Data is processed on your behalf under the Terms of Service.

1.3 Usage, Device, and Service Telemetry. Logs and service metadata related to feature usage, performance, errors, model latency, IP address, browser, device type, approximate location, and other operational signals used to operate, secure, support, and improve the Service.

1.4 Communications. Information you provide when you contact sales or support, respond to surveys, or subscribe to updates.

1.5 Cookies. We use a limited set of cookies and similar technologies. Strictly necessary cookies (for authentication, security, and core functionality) are always active. Any non-essential cookies (such as product analytics) are used only with your consent, which you can grant or withdraw at any time through our cookie controls. We do not use advertising cookies. See our cookie controls for details and to change your choices.

We use the information described above to: (a) provide, maintain, secure, and improve the Service; (b) authenticate users and protect accounts; (c) provide customer support and respond to inquiries; (d) monitor performance, debug issues, and prevent abuse; (e) communicate service notices and, where permitted, product updates; and (f) comply with legal obligations.

3.1 Ownership. Customer Data and Output belong to the Customer. We process Customer Data to provide the Service to you under the Terms of Service.

3.2 Starter and Student Plans. Starter and Student plans run on shared-cloud infrastructure hosted on Google Cloud Platform (GCP). We process Customer Data on these plans to provide, maintain, secure, support, and troubleshoot the Service. Data is encrypted in transit and at rest, and workspaces are logically isolated from one another.

3.3 Professional Plan. Professional runs on the same shared-cloud base infrastructure as Starter and Student, but with stronger platform-improvement restrictions. We do not use raw Customer Data or raw prompts from Professional accounts to improve the Niobia platform. We may use aggregated, de-identified, or higher-level service telemetry derived from platform operation to improve platform reliability, security, and features.

3.4 Model Providers and Training. We do not use Customer Data to train or fine-tune foundation models or any general-purpose models that are made available to other customers or to third parties. When the Service relies on third-party AI providers, Niobia configures those integrations so Customer Data is not used to train provider models. We also seek to minimize provider retention and enable no-retention settings where supported by the provider contract and configuration.

3.5 Enterprise Plans - Data Isolation. Enterprise plans include (a) dedicated single-tenant deployments on isolated Niobia-managed GCP infrastructure, with optional geographic isolation and BYOK where provisioned, and (b) platform-native deployments inside your own cloud or data platform. In both Enterprise models, Niobia does not use raw Customer Data for platform improvement. In platform-native deployments, Niobia may access deployed systems or data only if you explicitly grant support permissions.

3.6 No Sale; Limited Sharing. We do not sell Customer Data or personal information. We share information only as described in Section 4.

We share information only as needed to operate the Service: (a) with subprocessors and infrastructure providers that support hosting, authentication, observability, and email delivery, under written confidentiality and data-protection terms; (b) with third-party AI model providers solely to process requests on our behalf under provider terms that prohibit model training on Customer Data; (c) with your organization's administrators; (d) when required by law or to protect rights, safety, and the integrity of the Service; and (e) in connection with a business transfer, subject to equivalent privacy protections. We do not sell personal information. A current list of subprocessors is available on request and, where published, in our Security documentation.

Account and usage data are retained for the duration of the subscription and for a reasonable period thereafter for legal, accounting, and security purposes. Customer Data is retained according to the Customer's configuration and the Terms of Service, and is deleted upon Customer request or termination, subject to legal retention requirements.

We maintain administrative, technical, and physical safeguards designed to protect information, including encryption in transit and at rest, role-based access controls, audit logging, and least-privilege access for personnel. No system is perfectly secure; we continue to invest in our security posture and welcome responsible disclosure.

We may process information in countries other than your own. Where required, we use appropriate transfer mechanisms (such as Standard Contractual Clauses) to provide an adequate level of protection.

Depending on your jurisdiction, you may have rights to access, correct, delete, or port personal information, and to object to or restrict certain processing. For Customer Data, please direct requests to your organization's administrator; we will support our Customers in responding to verified requests as set out in the Terms of Service and any Data Processing Addendum. To exercise rights regarding your own account information, contact us at contact@niobia.ai.

The Service is intended for business and academic use and is not directed to children under 16. We do not knowingly collect personal information from children.

We may update this Privacy Policy from time to time. Material changes will be communicated by posting the updated policy with a new "Last updated" date and, where appropriate, by additional notice or by requesting renewed acceptance.

For privacy questions or requests, contact us at contact@niobia.ai.