Log in
Get Started

HomeLegal CenterEXPORT CONTROL STATEMENT

EXPORT CONTROL STATEMENT

NYGMA.AI

Last Updated: March 18, 2025

This Export Control Statement (“Statement”) outlines the export control implications of using the Nygma.ai service (“Service”) operated by Genie9 LTD (“Genie9”, “we”, “us”, or “our”), a company registered in England and Wales with company registration number 08669198.

The Service incorporates encryption technology that is subject to export control regulations in various countries. This Statement provides important information about compliance requirements, restricted jurisdictions, and user responsibilities.

1. ENCRYPTION TECHNOLOGY OVERVIEW

1.1 Encryption Capabilities

  • The Service implements the following encryption technologies:
    • AES-256-GCM (Advanced Encryption Standard with 256-bit keys in Galois/Counter Mode)
    • ChaCha20-Poly1305 (for performance-optimized encryption)
    • PBKDF2 with 100,000 iterations (for key derivation)
    • TLS 1.3 (for data in transit)
  • All encryption/decryption occurs client-side using locally generated keys
  • Zero-knowledge architecture prevents server-side access to unencrypted data

1.2 Technical Classification

  • The Service falls under the following technical classifications:
    • U.S. Export Administration Regulations (EAR): ECCN 5D002
    • EU Dual-Use Regulation: 5D002.c.1
    • Wassenaar Arrangement: Category 5, Part 2
  • These classifications are subject to change based on regulatory updates

1.3 Export Control Status

  • The Service qualifies for the following exemptions under U.S. law:
    • License Exception ENC (encryption commodities and software)
    • Mass Market exemption for publicly available software
  • Similar exemptions may apply under the laws of other jurisdictions

2. RESTRICTED JURISDICTIONS

2.1 Comprehensively Sanctioned Countries

  • The Service is not available for use in the following comprehensively sanctioned countries:
    • Cuba
    • Iran
    • North Korea
    • Syria
    • The Crimea, Donetsk, and Luhansk regions of Ukraine

2.2 Other Restricted Jurisdictions

  • The Service may be subject to additional restrictions in other countries based on:
    • Local encryption import/export regulations
    • Local content restrictions
    • Data localization requirements
    • Other legal requirements

2.3 Dynamic Restrictions

  • Export control regulations and sanctions programs change frequently
  • Additional countries may become restricted at any time
  • The current list of restricted jurisdictions is maintained on our website

2.4 IP Blocking and Access Controls

  • We implement technical measures to restrict access from sanctioned jurisdictions
  • Attempts to circumvent these restrictions violate our Terms of Service
  • Users may be required to verify their location before accessing certain features

3. USER RESPONSIBILITIES

3.1 Compliance Obligation

  • As a user of the Service, you are responsible for:
    • Complying with all applicable export control laws and regulations
    • Not accessing the Service from restricted jurisdictions
    • Not transferring access to the Service to individuals in restricted jurisdictions
    • Not using the Service for prohibited end-uses

3.2 Prohibited End-Uses

  • The Service may not be used for:
    • Nuclear, chemical, or biological weapons development
    • Missile or unmanned aerial vehicle technology
    • Military end-uses in certain countries
    • Terrorist activities
    • Any other activities prohibited by applicable export control laws

3.3 User Representations

  • By using the Service, you represent and warrant that:
    • You are not located in a restricted jurisdiction
    • You are not a prohibited person or entity under applicable sanctions
    • You will not use the Service for any prohibited end-use
    • You will comply with all applicable export control laws

3.4 Re-export Controls

  • Re-exports of the Service (transfer to another country after initial export) must comply with:
    • The export control laws of the country from which the re-export occurs
    • U.S. re-export controls, which may apply regardless of location
    • Any other applicable international requirements

4. SPECIFIC COUNTRY REQUIREMENTS

4.1 United States

  • U.S. persons must comply with all U.S. export controls and sanctions
  • The Service complies with reporting requirements to the U.S. Bureau of Industry and Security (BIS)
  • U.S. government end-users receive limited rights as provided in DFARS 227.7202 and FAR 12.212

4.2 European Union

  • EU users must comply with EU Dual-Use Regulation (Regulation (EU) 2021/821)
  • The Service complies with EU cryptography export requirements
  • Additional member state requirements may apply

4.3 United Kingdom

  • UK users must comply with the Export Control Order 2008
  • The Service complies with UK cryptography export requirements
  • Post-Brexit requirements are incorporated in our compliance program

4.4 Other Jurisdictions

  • Various countries have specific registration, notification, or licensing requirements
  • We maintain compliance with major jurisdiction requirements
  • Users remain responsible for compliance with their local laws

5. SPECIAL CATEGORIES OF USERS

5.1 Government Users

  • Government users may be subject to additional restrictions
  • Government users should verify that their use complies with:
    • Applicable procurement regulations
    • Security clearance requirements
    • International agreements and treaties
    • Agency-specific restrictions on cloud or encryption use

5.2 Educational and Research Institutions

  • Educational and research users may qualify for certain exemptions
  • Fundamental research exemptions may apply to certain activities
  • These exemptions are limited and users must ensure compliance

5.3 Commercial Users

  • Business users must ensure their use complies with:
    • Corporate export control policies
    • Trade compliance programs
    • Industry-specific regulations
    • International business conduct requirements

6. TECHNICAL COMPLIANCE MEASURES

6.1 Implementation Details

  • All encryption features are implemented using standard libraries
  • No proprietary encryption algorithms are used
  • Key lengths and encryption modes comply with commercial best practices

6.2 Key Management

  • Encryption keys are generated on user devices
  • Keys are never transmitted to our servers in unencrypted form
  • No “backdoors” or key escrow mechanisms are implemented

6.3 Technical Documentation

  • Technical details about encryption implementation are available for review by:
    • Export control authorities
    • Security researchers
    • Enterprise customers with compliance requirements

7. ENFORCEMENT AND PENALTIES

7.1 Account Termination

  • We may suspend or terminate accounts that violate this Statement
  • Attempts to access the Service from restricted jurisdictions will be blocked
  • No refunds will be provided for terminations due to compliance violations

7.2 Legal Consequences

  • Violations of export control laws can result in:
    • Severe civil penalties
    • Criminal penalties including fines and imprisonment
    • Loss of export privileges
    • Reputational damage
  • We cooperate with authorities investigating alleged violations

7.3 Reporting Violations

  • Suspected violations of this Statement should be reported to:
    • Email: compliance@genie9.com
    • Subject: “Export Control Compliance”

8. COMPLIANCE UPDATES

8.1 Regulatory Monitoring

  • We monitor changes in export control regulations
  • We update our compliance program as needed
  • Significant changes will be communicated to users

8.2 User Notifications

  • Users will be notified of material changes to:
    • Restricted jurisdictions list
    • Allowed use cases
    • Compliance requirements
  • Users are responsible for reviewing updates

9. JURISDICTIONAL INFORMATION

9.1 Corporate Jurisdiction

  • Genie9 LTD is incorporated in England and Wales
  • Our services are subject to UK export control laws
  • We also comply with EU and U.S. requirements where applicable

9.2 Service Infrastructure

  • The Service’s infrastructure is located in the United States
  • Data transfers to and from this infrastructure are subject to applicable export controls
  • Users connect to the Service from their local jurisdiction

10. CHANGES TO THIS STATEMENT

10.1 Updates

  • We may update this Export Control Statement from time to time
  • Material changes will be communicated to users
  • The current version will always be available on our website

11. LIMITATION OF LIABILITY

11.1 Liability Cap

  • IN NO EVENT SHALL GENIE9’S TOTAL LIABILITY TO YOU FOR ANY CLAIMS RELATED TO EXPORT CONTROL COMPLIANCE OR THE SUBJECT MATTER OF THIS STATEMENT EXCEED ONE HUNDRED U.S. DOLLARS ($100.00), REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT, OR OTHERWISE.

11.2 Compliance Responsibility

  • You are solely responsible for ensuring your compliance with applicable export control laws
  • We provide this Statement for informational purposes only
  • This Statement should not be considered legal advice

12. CONTACT INFORMATION

For questions about this Export Control Statement, please contact:

Genie9 LTD
 3 Shortlands
 W68DA, London
 United Kingdom
 Email: compliance@genie9.com

END OF EXPORT CONTROL STATEMENT