Our priority,
your protection
Data Security
Last Updated March 30 2024

Introduction

NYX.today recognizes the critical role data security plays in maintaining user trust and brand partnerships. This Data Security Policy outlines our comprehensive approach to protecting the data entrusted to us by our users and brand partners. We are committed to exceeding industry standards and adhering to all applicable Indian laws and regulations, including the Information Technology Act, 2000 (IT Act) and its amendments.

Scope

This policy applies to all data collected, processed, and stored by NYX.today across our platforms and services. This includes:
User Data: Information we collect during registration and use of our services, such as names, email addresses, phone numbers (if applicable), content creation preferences, and usage data.
Content Data: Text, music, static graphics (images, logos), and video content uploaded by users or generated by NYX AI platforms. Ownership of content remains with the user, but NYX requires temporary access for processing and delivery.
Brand Data: Information provided by brands and advertisers, including campaign details, target audience data, brand assets (logos, images), and performance metrics.

Data Security Measures

NYX.today implements a multi-layered security program to safeguard data throughout its lifecycle, from collection to storage and disposal. These measures include:
Access Controls Strong authentication mechanisms like multi-factor authentication (MFA) with one-time passwords (OTP) for added security control user access to NYX platforms. Access privileges are granted on a least-privilege basis, ensuring users only access data necessary for their specific roles. User activity is logged and monitored for suspicious behavior.
Data Encryption Data is encrypted at rest using industry-standard algorithms like AES-256, rendering it unreadable even if breached. Data is also encrypted in transit using protocols like HTTPS to ensure secure transfer between user devices and NYX servers.
Network Security We employ robust firewalls, intrusion detection/prevention systems (IDS/IPS), and other advanced security measures to protect our network infrastructure from unauthorized access and malicious activity. Regular vulnerability scans are conducted to identify and address potential security weaknesses.
Data Minimization We collect and store only the data necessary for our services to function effectively. We regularly review data retention policies to ensure data is not stored for longer than required.
Data Segregation User data, content data, and brand data are segregated and stored in separate environments to minimize risk in case of a breach.
Regular Security Reviews We conduct regular penetration testing and security assessments to identify and address potential vulnerabilities in our systems and processes.
Employee Training All NYX.today employees undergo comprehensive training on data security best practices and procedures, including data handling, user privacy, and incident response protocols.

Security of AI Models and Tech Stack

NYX.today understands the unique security considerations of AI models and the tech stack that powers them. We implement the following measures to ensure the security and responsible development of our AI:
Model Monitoring We continuously monitor our AI models for potential biases that could lead to discriminatory outputs. Additionally, we monitor for security vulnerabilities that could be exploited to manipulate the models's behavior.
Data Sanitization Training data for AI models is carefully sanitized to remove any personally identifiable information (PII) or sensitive data that could be leaked through the model's outputs.
Secure Coding Practices NYX.today software developers adhere to secure coding practices to minimize vulnerabilities in our codebase. This includes following secure coding guidelines and using static code analysis tools.
Third-Party Security Reviews We conduct thorough security reviews of third-party libraries and frameworks used in our tech stack to ensure they meet our security standards.

Data Breach Notification

In the event of a data breach, NYX.today will take immediate action to contain the breach, investigate the incident, and determine the scope of the issue. We will notify affected individuals and regulatory authorities as required by law. The notification will include details of the breach, the data involved, and steps taken to mitigate the risk.

Compliance with Indian Laws and Regulations

NYX.today is committed to complying with all applicable Indian laws and regulations regarding data protection and privacy. This includes, but is not limited to: The Information Technology Act, 2000 (IT Act) and its amendments, particularly those related to data security, reasonable security practices, and sensitive personal data protection. The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, which outline specific security practices organizations must follow to protect sensitive personal data