Privacy Policy

1. Introduction

Nivi ("we," "our," or "us") operates the Nivi mobile application and the website at niviapps.com (collectively, the "Service"). This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. Nivi is built for India and is designed to be aligned with India's Digital Personal Data Protection Act, 2023 (the "DPDP Act").

Nivi is built so that your vault content is, by design, readable only by you — and, after you, by your verified loved ones. Your personal space data — assets, liabilities, responsibilities, memories, loved-one details, and documents — is encrypted on your device with strong end-to-end encryption, and our servers only ever store opaque, encrypted blobs that we cannot read. To make inheritance possible, your vault key is escrowed under strict, audited controls (see "Key escrow for legacy release" in Section 6); it is never used to read your data and is only unlocked through the verified legacy-release process.

2. Information We Collect

2.1 Account Information

• Email address — for login, account recovery, and transactional notifications
• Phone number — for SMS verification and two-factor authentication
• Password — securely hashed; we never store your password in readable form
• Device information — device model, operating system, and a push notification token, plus a device fingerprint used to detect unauthorized access
• Session data — authentication tokens and session metadata for keeping you logged in

2.2 Encrypted Space Data

The following is encrypted on your device before it reaches our servers. We never see it in plaintext and do not read it in the course of providing the Service (the only exception is the verified legacy-release process described in Section 6):

• Space names and descriptions
• Asset details (bank accounts, deposits, insurance, mutual funds, property, crypto, etc.)
• Liability details (loans, credit cards, mortgages, etc.)
• Responsibility details (bills, subscriptions, rent, EMIs, etc.)
• Memory content (letters, journal entries, photo albums, video messages, voice notes)
• Loved-one details you store (name, contact, address, government ID, photo)
• Attached documents and photos (encrypted before upload)

2.3 Security Credentials

Your vault password protects all your data. We never see or store your password. Encrypted credentials are stored on our server to enable multi-device access, but they can only be unlocked by you. If you forget your password, you can restore access using the recovery question you set up. Without it, your data cannot be recovered — not even by Nivi.

2.4 Face & Liveness Data

• Face matching: When you (or a loved one, at release time) register a face, the image is processed by a facial-recognition service (AWS Rekognition) to create a numeric face template used only for identity matching. We do not use it for surveillance, profiling, or advertising.
• Liveness / anti-spoofing: To confirm a real person is present (and prevent photo/video spoofing), face checks may use a liveness-verification provider (Didit.me). This processing happens for the verification only.
• Device biometrics: FaceID / TouchID unlock is handled entirely by your device. We never receive or store your device biometric data.

2.5 Location Data

If you grant permission, we record approximate location at security-relevant moments (sign-in, vault access, and other sensitive operations) to help detect and alert you to unauthorized access to your account. You can deny or revoke this permission in your device settings; the Service still works without it.

2.6 Contacts (Optional)

If you grant permission, you can pick a contact to quickly fill in a loved one's name and phone number. We only access a contact you actively select — we do not upload or store your address book.

2.7 Death Certificates & Legacy-Release Data

During the legacy-release process, a loved one may upload an official death certificate. This is reviewed by our team to confirm the event before any access is granted, and is retained for audit, fraud-prevention, and legal-compliance purposes.

2.8 Usage and Diagnostic Data

• Last check-in timestamp (for inactivity monitoring — a core feature you configure)
• Audit logs of security-relevant actions (login, password change, device registration)
• Crash and performance diagnostics (via Google Firebase) to keep the app stable — this is technical diagnostic data, not advertising or cross-site tracking

3. How We Use Your Information

• Provide the Service: Authenticate you, store your encrypted data, deliver notifications, and run check-in reminders and the verified legacy-release process.
• Security: Detect unauthorized access, enforce rate limits, and maintain audit trails.
• Communication: Send verification codes, security alerts, check-in reminders, and loved-one notifications via email, SMS, or push.
• Inactivity monitoring: Track your last check-in to remind you and, if you remain unresponsive past your configured threshold, to notify your loved ones.

Our legal basis is your consent and the performance of our service to you. We do not sell your personal data, and we do not use it for advertising.

4. Third-Party Service Providers

We rely on the following processors to operate Nivi. None of them can read your encrypted vault contents, password, or security credentials:

• Amazon Web Services (AWS): stores encrypted file attachments (S3), provides facial matching (Rekognition), and securely manages your escrowed vault key (KMS). Servers are hosted in the Mumbai, India region (ap-south-1).
• Google Firebase: push notifications, plus crash and performance diagnostics.
• SendGrid: transactional email (verification codes, security alerts, reminders) — receives your email address and the message content only.
• Twilio: SMS for phone verification and two-factor authentication — receives your phone number and the code only.
• Didit.me: face liveness / anti-spoofing checks during verification.

Payments: Nivi is currently free, and we do not process any payment information. If we introduce paid plans in the future, we will update this policy to disclose the payment processor and what it handles.

5. Data Storage and Security

• Encryption at rest: Your space data is encrypted on your device before storage; our servers hold only encrypted blobs.
• Encryption in transit: All communication uses industry-standard transport security (TLS).
• Key escrow for legacy release: Your vault key is escrowed using envelope encryption backed by a hardware-security-module-based key service (AWS KMS), so that — only after a verified death certificate — it can be released to your verified loved ones. Nivi cannot use it to read your data.
• Server location: Hosted in the AWS Mumbai (ap-south-1) region.
• Access controls: Server access is restricted to essential personnel. Your escrowed key is only ever unlocked through the verified legacy-release process — never to browse your content — and such access is logged.

6. Data Retention

• Active accounts: retained while your account is active.
• Deleted accounts: when you delete your account, associated data (encrypted space data, account information, face templates, attachments) is permanently deleted within 30 days.
• Audit & legal records: security audit logs and submitted death certificates may be retained for up to 12 months for fraud prevention and legal compliance.

7. Your Rights

Subject to applicable law (including the DPDP Act), you have the right to:

• Access your personal data — your vault data is always accessible in the app (since only you can decrypt it).
• Correct inaccurate account information.
• Delete your account and associated data through the app settings.
• Export your decrypted data from the app at any time.
• Withdraw consent for optional permissions (location, contacts) and communications.
• Grievance redressal — raise a concern and have it addressed (see Section 10).

8. Children's Privacy

Nivi is not intended for individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us data, contact us and we will delete it promptly.

9. Cookies and Tracking

The niviapps.com website uses no advertising or analytics tracking scripts. The Nivi app uses Firebase only for push notifications and crash/performance diagnostics — never for advertising or cross-site/cross-app tracking. We do not sell your data or track your behaviour across other apps or websites.

10. Grievance Redressal & Governing Law

If you have questions, requests, or complaints about your data, contact us at support@niviapps.com and we will respond within a reasonable time. As our user base grows, we will designate a Grievance Officer as required under the DPDP Act and publish their details here. This policy is governed by the laws of India.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you through the app or by email. The "Last updated" date above reflects the most recent revision.

12. Contact Us

• Email: support@niviapps.com