Trust

Nitivai™ is a governance and certification platform. We take the security of your data seriously. This page describes how we handle it.

Our data commitment

Your data stays yours. Nitivai collects evidence from your connected tools to assess your AI governance posture. We do not sell, share, or use your data for any purpose other than delivering the service you signed up for.

Read-only access. All connectors operate in read-only mode. Nitivai never modifies, writes, or deletes any data in your connected tools.

Connector credentials are encrypted. All tokens and API keys you provide are encrypted before storage. They are only decrypted at the moment of use, in memory, and never logged.

PII is stripped before document evaluation. All personally identifiable information is removed from documents before they are processed. Document evaluation runs on Nitivai infrastructure. No document content is sent to third-party AI services.

No public database access. Our database is not exposed to the internet. All access goes through authenticated API endpoints scoped to your organisation.

You can delete your data.Contact us at any time to request complete deletion of your organisation's data. We will confirm deletion within 5 business days.

Desktop Agent privacy

The Nitivai Agent is a lightweight desktop application that detects AI tool usage across your organisation at department level. This section explains exactly what it collects, what it does not, and how your employees are protected.

What does the Nitivai Agent collect?

The Agent records three categories of data at the device level: network destinations (domains contacted, frequency, session count), AI process and application detection (which AI tools, browser extensions, and CLI tools are active), and department-level attribution assigned by your IT administrator. All collection is read-only and non-interactive.

What does the Agent NOT collect?

The Agent does not collect prompt content, conversation history, browsing history outside of AI tool detection, keystrokes, screenshots, file contents, or any personally identifiable information from employee activity. It cannot read what you type into an AI tool. It detects that the tool is in use, not what it is being used for.

Is data attributed to individual employees?

No. All Agent data is aggregated at department level. The platform receives signals such as "Engineering department: 14 Copilot sessions detected" — not "Alice used Copilot 14 times." Individual identification is by design not possible from Agent output.

What about small departments where individuals could be inferred?

In departments with fewer than three members, department-level aggregation may still allow individual patterns to be inferred. Organisations deploying the Agent in small teams should account for this in their employee disclosure and obtain appropriate consent. This requirement is referenced in control AIPRV-001.

Do employees need to be told the Agent is installed?

Yes. AIPRV-001 requires that organisations disclose Agent deployment to all employees before installation. Nitivai provides a disclosure template. Deploying the Agent without employee notification is a control failure, not a platform feature.

Who can access Agent data within our organisation?

Only organisation administrators with access to the Nitivai platform can view Agent output. Nitivai staff do not access your Agent data except where explicitly required to resolve a support issue, and only with your consent. Registered auditors reviewing your assessment can see aggregate department-level signals as part of the evidence record.

Can we limit which departments the Agent monitors?

Yes. Agent deployment scope is controlled by your IT administrator. You can deploy to all departments, a subset of departments, or exclude specific teams entirely. Excluded departments produce NOT_APPLICABLE scores for Agent-dependent controls, which is a valid assessment outcome.

How long is Agent data retained?

Agent telemetry is retained in accordance with the retention period set in your organisation settings and the terms in the Data Processing Agreement. You can request deletion of all Agent data at any time by contacting privacy@nitivai.com.

Full details of Agent data collection are in the Privacy Policy, section 2.3.

Sub-processors

These are the third-party services that process data as part of delivering Nitivai.

RailwayEU (Netherlands)

Application hosting and database infrastructure.

ResendUnited States

Transactional email delivery for notifications and account communications.

Security measures

Encryption at rest

All connector credentials and sensitive data are encrypted before storage. Databases run on encrypted volumes.

Encryption in transit

All connections use HTTPS. No unencrypted traffic is accepted.

Authentication and access control

Token-based authentication with expiry enforcement. Rate limiting on authentication endpoints.

Tenant isolation

Every request is scoped to your organisation. Cross-tenant access is continuously tested in our CI pipeline.

PII sanitisation

All text sent to third-party AI services is stripped of personally identifiable information before transmission.

Automated security testing

Every code change runs through authentication, authorisation, and cross-tenant isolation tests before deployment.

Infrastructure

Hosted in the EU. No public database access. Secrets managed via platform-level secret storage, never in code.

Our own NIVAI score

We hold ourselves to the same standard we ask our customers to meet. Nivaya Technologies runs Nitivai on its own organisation and publishes the results.

View our NIVAI score

Contact for data requests

For data access, correction, portability, or deletion requests:

Privacy: privacy@nitivai.com

General: certify@nitivai.com

We will respond to all data requests within 5 business days.

← Back to nitivai.com