top of page

Privacy Policy

NuComply™ Application Privacy Policy

Effective Date: 02.13.2025

Introduction

Information We Collect

Welcome to NuComply™, NuArca's Generative AI Compliance application. We value your privacy and are committed to protecting your personal and business data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application ("App"), which currently utilizes the OpenAI model hosted on Microsoft Azure OpenAI Service. The App is designed to be LLM-agnostic and allow for models that can be hosted in an organization's private cloud.

By accessing or using our App, you agree to the terms of this Privacy Policy. If you do not agree with these terms, please do not use the App.

Personal Information
We may collect personal information that you provide to us directly, including but not limited to:

  • Name

  • Email address

  • Phone number

  • Any other information you choose to provide
     

Usage Data
We automatically collect certain data when you use the App, including:

  • IP address

  • Device type

  • Operating system

  • Browser type

  • Usage details (e.g., access times, pages viewed, and interactions with the App)
     

Communications
If you contact us directly, we may receive additional information about you such as your name, email address, phone number, and the content of your message.

How We Use Your Information

We may use the information we collect for various purposes, including to:

 

  • Provide, operate, and maintain our App

  • Improve, personalize, and expand our App

  • Understand and analyze how you use our App

  • Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the App, and for marketing and promotional purposes

  • Process your transactions and manage your orders

  • Find and prevent fraud

  • Ensure compliance with legal obligations

Confidential Business Data

In the course of using our App, you may share confidential business data that is not personally identifiable information (PII). This data can include, but is not limited to:

  • Organization-specific compliance questions

  • Financial information

  • Proprietary business processes
     

How We Use Confidential Business Data

We use confidential business data to:

  • Provide outputs that are unique and relevant to your organization

  • Provide, operate, and maintain our App

  • Improve, personalize, and expand our App

  • Understand and analyze how you use our App

  • Develop new products, services, and features

  • Ensure compliance with legal obligations

Protection of Confidential Business Data

We are committed to maintaining the confidentiality of your business data. We implement a variety of security measures, including encryption, protected endpoints, secure authorizations, and access controls, to protect this data from unauthorized access, use, or disclosure.

Specifically, while we use Azure OpenAI models we are not sharing your inputs or outputs with other users of Azure OpenAI models or NuComply. Each client's data is used only within its account; it is not used to train the Azure OpenAI models for other clients or competitors. Specifically, per the Azure OpenAI Service Privacy Policy:

  • "Your prompts (inputs) and completions (outputs):

  • are NOT available to other customers.

  • are NOT available to OpenAI.

  • are NOT used to improve OpenAI models.

  • are NOT used to improve any Microsoft or 3rd party products or services.

  • are NOT used for automatically improving Azure OpenAI models for your use in your resource (The models are stateless).
     

The Azure OpenAI Service is fully controlled by Microsoft; Microsoft hosts the OpenAI models in Microsoft's Azure environment and the Service does NOT interact with any services operated by OpenAI (e.g. ChatGPT, or the OpenAI API).

Data Storage and Security

We use Microsoft Azure to host our Azure OpenAI model endpoint and to store data. Microsoft Azure employs a range of security measures to protect your data, including encryption and access controls. We also implement reasonable security measures to protect your information from unauthorized access, use, or disclosure.

Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to outside parties without your consent, except as described below:

  • Service Providers: We may share your information with third-party service providers who perform services on our behalf and help us operate our App.

  • Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

  • Business Transfers: In the event of a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

Other Terms of Use and Privacy Policy

Our App currently uses an Azure-hosted version of OpenAI's model, which is subject to OpenAI's Terms of Use and Microsoft Azure’s Privacy Policy. By using our App, you also agree to comply with these terms and policies. Note, while direct users of Azure may provide more personal data than our App accepts or processes, NuArca’s more-restrictive Privacy Policy provides a more protected environment and dataset. We encourage you to review Azure’s policies to understand how your data may be handled by Azure.

User Consent for API Calls

Azure handles user consent for API calls made through the model. By using our App, you acknowledge that your interactions with the model are processed by Azure, and you consent to the collection and use of data as outlined in Azure’s policies. The types of data shared with the public API include:

  • Text inputs provided by users

  • Metadata such as timestamps of interactions

  • Potentially sensitive information contained within the user inputs

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • The Right to Access: You have the right to request copies of your personal data.

  • The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

  • Right to Deletion of Personal Data: In addition to the rights outlined above, you have the right to request the deletion of your personal data from our records. If you wish to exercise this right, please send a written request to our Compliance Officer at [email protected]. In your request, kindly include sufficient details to help us identify your records. We may require additional information to verify your identity before processing your request.

  • We will review and process deletion requests in accordance with applicable laws and our data retention policies.

  • Certain data may be retained if required to comply with legal obligations, for fraud prevention, or for other legitimate business purposes.

  • The deletion of personal data may impact the availability or functionality of services provided through our App.

Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: [email protected]

Address: NuArca Labs, Inc. 304 Cambridge St. Suite 210, Woburn, MA 01801, USA

bottom of page