Privacy Policy

Effective Date: August 14, 2025Version 1.0

IMPORTANT NOTICE

This Privacy Policy applies to Niwt, LLC and its digital twin platform services. This policy works together with our Terms of Service. Capitalized terms not defined here have the meanings in the Terms of Service.

Key Points

  • We handle data as both Controller (our operations) and Processor (your platform data)
  • U.S. businesses only - no EU/UK/Swiss users or data
  • We do NOT sell personal information or use it for advertising
  • We do NOT train AI models on your customer data
  • Contact privacy@niwt.com for any privacy requests

1. Scope and Roles

This Privacy Policy explains how Niwt handles personal information in:

Controller context (Niwt-Direct PI): our websites, sales/marketing operations, account administration, billing, support, and security operations we run for ourselves.

Service Provider/Processor context (Customer Data): information we process on behalf of our business customers inside the Platform. In this context, the customer controls the data and directs our processing.

Capitalized terms not defined here have the meanings in the Terms of Service.

2. U.S.-Only; No EU/UK/Swiss Offering

We market and offer the Platform only to U.S. businesses for U.S. use. We do not offer the Platform to individuals located in the EEA, UK, or Switzerland ("EU+"). Do not permit access from the EU+ or submit EU+ personal data. See ToS §1.1 and §12.

3. What We Collect

3.1 Niwt-Direct PI (Controller)

Contact and account data (name, business email, phone), company details, billing/payment identifiers, authentication data (for Niwt accounts), support and communications, usage/telemetry of our sites and admin consoles, cookie/analytics data, and security logs.

3.2 Customer Data (Service Provider/Processor)

Data you connect into the Platform from your business systems (e.g., email, SharePoint, Teams, Slack, Figma, CRM, file stores) and any derived Outputs. You, as Customer, determine the nature of this data, the lawful basis, and the access grants. We process it only as instructed to provide the Services.

3.3 Service/Usage Data and De-Identified Data

Operational telemetry, logs, performance metrics, and De-Identified Data created to operate, secure, and improve the Services.

3.4 No Children's Data

The Services are for business use and not directed to children under 13; Authorized Users must be 18+.

4. How We Use Information

4.1 For Niwt-Direct PI (Controller)

Provide and administer our sites and Services, communicate with you, process transactions, provide support, secure and protect against abuse, analyze and improve, and comply with law.

4.2 For Customer Data (Service Provider/Processor)

Provide, maintain, secure, support, and back up the Services; configure how the Services work with your data (e.g., customer-specific dictionaries, embeddings, tuning confined to your environment). We do not sell Customer Data, do not use Customer Data (or Outputs) to train generalized models for other customers, and do not use Customer Data for advertising—consistent with the ToS.

4.3 Service/Usage & De-Identified Data

Operate, secure, and improve the Services, capacity planning, and quality assurance. We will not attempt to re-identify De-Identified Data.

5. How We Share Information

• Service providers/subprocessors supporting hosting, storage, security, payments, email delivery, analytics, support, and similar enterprise functions.

• At your direction (e.g., connectors to Third-Party Services that you enable).

• Corporate transactions (e.g., merger, financing, acquisition) subject to customary safeguards.

• Legal and safety requirements (lawful requests, protection of rights).

We do not sell personal information and do not "share" personal information for cross-context behavioral advertising.

6. Third-Party Services and Integrations

When you enable a connector or integration, the third party's terms and privacy notices govern its handling of data. Do not enable integrations that route EU+ personal data into the Services unless expressly agreed in writing.

7. Security

We maintain administrative, technical, and physical safeguards designed to protect personal information. No system is perfectly secure; we cannot guarantee absolute security. Security measures align with the ToS Security section.

8. Data Retention; Access, Export, and Deletion

We retain Niwt-Direct PI for as long as needed for the purposes above and as required by law. For Customer Data, access, export, retention, and deletion follow ToS §29 (Data Portability and Deletion) and any applicable DPA. After termination, we provide a retrieval window and then delete Customer Data from active systems, subject to backups/legal holds.

9. Your Privacy Requests

9.1 Where Niwt is Controller (Niwt-Direct PI)

You may request access, correction, deletion, or a copy of your Niwt-Direct PI, or opt-out of marketing. We will verify your identity and respond as required by applicable U.S. law.

9.2 Where Niwt is Service Provider/Processor (Customer Data)

For requests about Customer Data (including data tied to your employment—e.g., company email), contact your employer. We will assist the Customer in responding to the request as required by our DPA and applicable law.

9.3 Submission Channels

Email: privacy@niwt.com. If we offer a web form, it will be linked on our site. You may authorize an agent as allowed by applicable law; we will verify both the agent and you.

10. California and Other U.S. State Privacy Laws

Niwt is a B2B provider. We do not sell or share personal information. If and when we meet a state law's applicability thresholds (e.g., CPRA, Colorado CPA, Virginia VCDPA, Connecticut, Utah), we will honor the rights provided by that law for Niwt-Direct PI (e.g., access, deletion, correction, appeal). For Customer Data, rights requests must be directed to the Customer (your employer). We do not discriminate for exercising rights permitted by law.

11. Cookies and Analytics

We use strictly necessary cookies to operate the Services and may use analytics to understand usage and improve performance. You may control cookies through your browser settings. Our sites do not currently respond to "Do Not Track" signals.

12. U.S. Hosting and Transfers

Data is stored and processed in the United States. We do not offer the Services to EU+ users. If we later support additional regions or cross-border transfers, we will update this Policy and post the relevant transfer mechanism information.

13. Changes to This Policy

We may update this Policy from time to time. Material changes will be posted to our site with an updated effective date. Your continued use after an update means you accept the revised Policy.

14. Contact Us

Niwt, LLC

1621 Central Avenue, Cheyenne, WY 82001 USA

Email: privacy@niwt.com

Last Updated: August 14, 2025

For questions about this Privacy Policy, please contact: privacy@niwt.com

© 2025 Niwt, LLC. All rights reserved.

Table of Contents