Privacy Policy

1. Data Controller

The data controller for nivq is Nivorbit Technology (Nivorbit Teknoloji). For privacy inquiries, contact us at [email protected].

2. Information We Collect

Account Information: When you register, we collect your name, email address, and organization name. If you use SSO, we receive identity information from your OIDC provider.

Database Credentials: You provide database connection details to use the Service. These are encrypted with AES-256-GCM and stored securely. We never access your database outside of your explicit query requests.

Usage Data: We collect information about how you interact with the Service, including query frequency, feature usage, and error logs. This helps us improve the product.

We do NOT collect or store: query results, the contents of your database, your LLM API keys in plain text, or any personally identifiable information from your database.

3. How We Use Your Information

To provide and maintain the Service, including processing your natural language queries and delivering results.

To improve the self-learning agent's accuracy for your specific Workspace using your query patterns. This data never leaves your tenant.

To communicate with you about account updates, security alerts, pricing changes, and product announcements.

To comply with legal obligations and enforce our Terms of Service.

4. Data Processing and Storage

Query results are processed in real-time and are never stored on nivq servers. The Service acts as a secure pass-through.

Account data and encrypted credentials are stored in secure, access-controlled environments.

In multi-tenant deployments, all data is strictly isolated between tenants. No data is shared across Workspaces.

5. Third-Party Services

When you use nivq, your natural language queries are sent to the LLM provider you configured (e.g., OpenAI, Anthropic). Each provider has its own privacy policy that governs how they process your data.

If you use Ollama (self-hosted), your queries never leave your infrastructure.

For paid subscriptions, billing data is processed by our payment processors: Paddle (Paddle.com Market Ltd) for international customers, acting as Merchant of Record, and PayTR for customers in Türkiye. We do not store your full card details; these are handled directly by the payment processor under their own privacy policies.

We do not sell, rent, or share your personal information with third parties for marketing purposes.

6. Data Retention

Account data is retained as long as your account is active. Upon account deletion, all associated data is permanently removed within 30 days.

Usage logs and analytics data are retained for up to 12 months for product improvement purposes and then anonymized or deleted.

Database credentials are immediately deleted when you remove a database connection from the Service.

7. Your Rights

Under GDPR and KVKK, you have the right to: access your personal data, request correction of inaccurate data, request deletion of your data, restrict processing, data portability, and object to processing.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

You may also lodge a complaint with the relevant data protection authority (KVKK in Turkey, or your local DPA in the EU).

8. Cookies

nivq uses essential cookies required for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

You can control cookie preferences through your browser settings.

9. Security

We implement industry-standard security measures including AES-256-GCM encryption, OIDC/SSO integration, role-based access control, and complete tenant isolation.

Despite our best efforts, no method of electronic transmission or storage is 100% secure. If you discover a security vulnerability, please report it to [email protected].

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email at least 30 days before they take effect.

The "Last updated" date at the top of this page indicates when this policy was last revised.

11. Contact

For privacy-related questions or concerns, contact us at [email protected] or visit https://nivorbit.com.