Log in
Get Started

HomeLegal CenterREGIONAL COMPLIANCE NOTICES

REGIONAL COMPLIANCE NOTICES

NYGMA.AI

Last Updated: March 18, 2025

This Regional Compliance Notices document outlines specific legal information and disclosures required by various jurisdictions for users of the Nygma.ai service (“Service”) operated by Genie9 LTD (“Genie9”, “we”, “us”, or “our”), a company registered in England and Wales with company registration number 08669198.

The information in this document supplements our Privacy Policy, Terms of Service, End User License Agreement (EULA), and other applicable legal documents. The information provided is region-specific and applies only to users in the relevant jurisdictions.

1. EUROPEAN UNION AND UNITED KINGDOM (GDPR/UK GDPR)

1.1 Legal Basis for Processing

  • We process your personal data on the following legal bases:
    • Performance of Contract: To provide you with the Service and fulfill our obligations under the Terms of Service
    • Legitimate Interests: For our legitimate business interests, such as improving and securing the Service
    • Consent: Where you have given explicit consent for specific processing activities
    • Legal Obligation: To comply with legal obligations to which we are subject

1.2 Data Subject Rights

  • Under the GDPR and UK GDPR, you have the following rights:
    • Right to access your personal data
    • Right to rectification of inaccurate data
    • Right to erasure (“right to be forgotten”)
    • Right to restriction of processing
    • Right to data portability
    • Right to object to processing
    • Rights related to automated decision-making and profiling

1.3 Exercising Your Rights

  • To exercise your data subject rights, email: privacy@genie9.com
  • We will respond to requests within one month (may be extended by up to two additional months if necessary)
  • We may request specific information to confirm your identity

1.4 Data Protection Officer

  • Our Data Protection Officer can be contacted at: dpo@genie9.com

1.5 Supervisory Authority

  • For EU residents: You have the right to lodge a complaint with your local data protection authority
  • For UK residents: You can lodge a complaint with the Information Commissioner’s Office (ICO)

1.6 Zero-Knowledge Limitations

  • Due to our zero-knowledge architecture, we cannot:
    • Access or retrieve specific content within your encrypted files
    • Provide specific data from encrypted content in response to data subject requests
    • This technical limitation affects how certain data subject rights can be exercised regarding encrypted content

1.7 International Data Transfers

  • Your data may be transferred to countries outside the EU/UK, including the United States
  • We implement appropriate safeguards for such transfers including:
    • Standard Contractual Clauses
    • UK International Data Transfer Agreement
    • Additional technical measures (zero-knowledge encryption)

2. CALIFORNIA, USA (CCPA/CPRA)

2.1 California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) Rights

  • California residents have the following rights:
    • Right to know what personal information is collected, used, shared, or sold
    • Right to delete personal information held by businesses
    • Right to opt-out of the sale or sharing of personal information
    • Right to non-discrimination for exercising CCPA rights
    • Right to correct inaccurate personal information
    • Right to limit use and disclosure of sensitive personal information

2.2 Categories of Personal Information Collected

  • Identifiers: Name, email address, IP address
  • Commercial Information: Subscription records, payment information
  • Internet Activity: Login history, service usage
  • Geolocation Data: General location based on IP address

2.3 How to Exercise Your Rights

  • To exercise your California privacy rights, email: privacy@genie9.com
  • Or submit a request through our website: [privacy request form link]
  • We will verify your identity before processing your request

2.4 Authorized Agent

  • California residents may designate an authorized agent to make requests on their behalf
  • Authorized agents must provide proof of authorization

2.5 Do Not Sell or Share My Personal Information

  • We do not sell personal information as defined by the CCPA
  • We do not share personal information with third parties for cross-contextual behavioral advertising

2.6 Zero-Knowledge Context

  • Our zero-knowledge architecture provides additional privacy protections:
    • We cannot access the contents of your encrypted files
    • We cannot provide specific data from encrypted content in response to CCPA requests
    • This technical limitation affects how certain CCPA rights can be exercised regarding encrypted content

2.7 Shine the Light Law

  • California’s “Shine the Light” law gives residents the right to ask once a year how their personal information has been shared for direct marketing purposes
  • To make such a request, contact: privacy@genie9.com

3. CANADA (PIPEDA)

3.1 Personal Information Protection and Electronic Documents Act (PIPEDA) Compliance

  • We comply with PIPEDA regarding the collection, use, and disclosure of personal information
  • We only collect, use, and disclose your personal information with your knowledge and consent
  • We limit collection to what is necessary for identified purposes

3.2 Canadian Privacy Rights

  • Canadian users have the right to:
    • Access their personal information
    • Challenge the accuracy and completeness of their information
    • Withdraw consent to the collection, use, or disclosure of personal information
    • File a complaint regarding the handling of their personal information

3.3 How to Exercise Your Rights

  • To exercise your Canadian privacy rights, email: privacy@genie9.com
  • We will respond to requests within 30 days (may be extended if necessary)

3.4 Office of the Privacy Commissioner

  • If you have concerns about our privacy practices, you can contact the Office of the Privacy Commissioner of Canada

4. AUSTRALIA (PRIVACY ACT)

4.1 Australian Privacy Principles (APPs) Compliance

  • We comply with the APPs under the Privacy Act 1988 (Cth)
  • We handle personal information in accordance with the APPs

4.2 Australian Privacy Rights

  • Australian users have the right to:
    • Request access to their personal information
    • Request correction of their personal information
    • Make a complaint about a breach of the APPs

4.3 How to Exercise Your Rights

  • To exercise your Australian privacy rights, email: privacy@genie9.com
  • We will respond to access and correction requests within 30 days

4.4 Office of the Australian Information Commissioner

  • If you have concerns about our privacy practices, you can contact the Office of the Australian Information Commissioner

5. BRAZIL (LGPD)

5.1 Lei Geral de Proteção de Dados (LGPD) Compliance

  • We comply with the LGPD regarding the processing of personal data
  • We process personal data lawfully, fairly, and transparently

5.2 Brazilian Data Subject Rights

  • Brazilian users have the right to:
    • Confirm the existence of personal data processing
    • Access their personal data
    • Correct incomplete, inaccurate, or outdated data
    • Request anonymization, blocking, or deletion of unnecessary or excessive data
    • Request portability of data
    • Request deletion of personal data processed with consent
    • Receive information about entities with which personal data has been shared
    • Revoke consent

5.3 How to Exercise Your Rights

  • To exercise your Brazilian data subject rights, email: privacy@genie9.com
  • We will respond to requests within 15 days

6. AGE RESTRICTIONS

6.1 Minimum Age Requirements

  • European Union/European Economic Area: 16 years old (or the applicable age in your member state)
  • United Kingdom: 13 years old
  • United States: 13 years old
  • Canada: 13 years old
  • Australia: 13 years old
  • Brazil: 13 years old

6.2 Age Verification

  • We do not knowingly collect personal information from children under the applicable minimum age
  • If we learn we have collected personal information from a child under the applicable minimum age, we will delete that information

7. INTERNATIONAL USERS

7.1 Governing Law

  • As specified in our Terms of Service, our legal agreements are governed by the laws of England and Wales
  • This does not affect statutory rights you may have under the laws of your country of residence

7.2 Language Availability

  • Our legal documents are available in English
  • In case of any discrepancy between translations, the English version shall prevail

7.3 Regional Restrictions

  • The Service is not available in countries subject to U.S. or U.K. export restrictions or sanctions
  • Users in certain jurisdictions may be subject to additional restrictions or limited functionality

8. EXPORT CONTROL STATEMENT

8.1 Encryption Technology

  • The Service incorporates encryption technology that may be subject to export control regulations
  • Users are responsible for complying with applicable export controls when using the Service

8.2 Restricted Countries

  • The Service is not available in countries subject to comprehensive U.S. or U.K. sanctions, including:
    • Cuba
    • Iran
    • North Korea
    • Syria
    • The Crimea, Donetsk, and Luhansk regions
    • Any other countries or regions subject to sanctions that prohibit the provision of the Service

8.3 Export Compliance

  • You agree to comply with all applicable export control laws and regulations
  • You will not use the Service in violation of any export restrictions
  • You will not access the Service from a prohibited jurisdiction

9. COOKIE STATEMENT

9.1 EU/UK Cookie Law Compliance

  • We comply with the EU ePrivacy Directive and UK PECR regarding cookies and similar technologies
  • We obtain consent for non-essential cookies as required by law
  • You can manage cookie preferences through our cookie banner

9.2 Types of Cookies Used

  • Essential Cookies: Required for the Service to function and cannot be opted out of
  • Analytics Cookies: Help us understand how users interact with our Service
  • Preference Cookies: Remember your settings and preferences

9.3 Cookie Controls

  • You can control cookies through:
    • Our cookie preference center
    • Your browser settings
    • Third-party opt-out mechanisms

10. DATA LOCALIZATION

10.1 Data Storage Locations

  • Your encrypted data is stored on servers located in the United States
  • Account information may be processed and stored in various locations globally

10.2 Regional Requirements

  • We comply with applicable data localization requirements where feasible
  • The zero-knowledge architecture provides additional protection for cross-border data transfers

11. CHANGES TO THIS NOTICE

11.1 Updates

  • We may update these Regional Compliance Notices from time to time
  • Material changes will be communicated to users
  • The current version will always be available on our website

12. LIMITATION OF LIABILITY

12.1 Liability Cap

  • IN NO EVENT SHALL GENIE9’S TOTAL LIABILITY TO YOU FOR ANY CLAIMS RELATED TO REGIONAL COMPLIANCE OR THE SUBJECT MATTER OF THIS NOTICE EXCEED ONE HUNDRED U.S. DOLLARS ($100.00), REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT, OR OTHERWISE.

13. CONTACT INFORMATION

For questions about these Regional Compliance Notices, please contact:

Genie9 LTD
 3 Shortlands
 W68DA, London
 United Kingdom
 Email: legal@genie9.com

END OF REGIONAL COMPLIANCE NOTICES