Niyam v2 is live — start for just ₹100 — 200 credits to try

Niyam
Start for ₹100

Last updated: June 2026

Privacy Policy

This Privacy Policy describes how NIYAM.AI APP PRIVATE LIMITED, a company incorporated under the Companies Act, 2013 with its registered office at 136, 1st Floor, Orchid Business Park, Sector-48, Narsinghpur, Gurgaon (Gurugram), Haryana, India 122004 ("Niyam", "we", "us", or "our"), collects, uses, stores, discloses, and protects information when you use Niyam (the "Service"). We treat your data — and your clients' matters — with the confidentiality that legal professional work demands. This policy is published in accordance with the Information Technology Act, 2000, the rules made under it, and the Digital Personal Data Protection Act, 2023 (the "DPDP Act").

1. Who we are and scope

The data fiduciary responsible for your personal data is NIYAM.AI APP PRIVATE LIMITED, registered office 136, 1st Floor, Orchid Business Park, Sector-48, Narsinghpur, Gurgaon (Gurugram), Haryana, India 122004.

This policy applies to personal data we process about visitors to our website (niyam.ai), users of the product app (app.niyam.ai), and people who contact us. Where you use the Service to process personal data about your own clients or matters, you act as the data fiduciary or controller for that data and we act as your processor; that relationship is governed by our Data Processing Agreement.

By using the Service, you acknowledge that you have read this policy. Where the law requires consent for a specific processing activity, we rely on the consent you provide at the point of collection.

2. Information we collect

Account information: When you register, we collect your name, email address, and payment details. Payment-card data is processed by our payment provider; we do not store complete card numbers.

Usage data: We collect information about how you use the Service, including queries submitted, features used, and session metadata such as timestamps, device and browser type, and IP address. This helps us operate, secure, and improve the Service.

Content you provide: Documents you upload, queries you submit, and work product you generate within the Service. This Content is yours; we process it only to deliver the Service to you.

Communications: If you contact us by email or through a form, we retain the content of that communication to respond and, where relevant, to improve support.

Cookies and similar technologies: As described in our Cookie Policy, we use strictly necessary cookies for authentication and security and limited, privacy-respecting analytics.

3. Lawful basis and purposes of processing

To deliver the Service: processing your queries, generating research and drafting Outputs, maintaining your account, and providing support. This is necessary to perform our contract with you.

To operate, secure, and improve the Service: analysing aggregated, anonymised usage patterns; detecting and preventing fraud, abuse, and security incidents. We rely on our legitimate interest in running a safe and reliable service and do not analyse your individual Content for product improvement.

To process payments: sharing the minimum necessary payment information with our payment processor solely to complete and reconcile transactions.

To communicate with you: sending service notices, responding to your requests, and notifying you of changes to these policies.

To comply with law: where processing is required by applicable law, regulation, or a valid legal request, or to establish, exercise, or defend legal claims.

Where we rely on your consent, you may withdraw it at any time by contacting us; withdrawal does not affect processing carried out before withdrawal or processing on another lawful basis.

4. What we do not do

We do not sell your personal data or your work product to any third party.

We do not use your queries, documents, or work product to train public AI models.

We do not share your Content with other users of the Service.

We do not use your data for advertising targeting, profiling for advertising, or cross-site tracking.

5. AI model providers

Niyam uses third-party AI model providers to generate Outputs. When you submit a query, your input is processed by these providers under contractual terms that prohibit them from using your data to train their public models. We select providers whose data-handling commitments align with our confidentiality obligations.

We do not transmit personally identifying client information to model providers unless you explicitly include it in your query. We recommend that you avoid including client names or identifying matter details in queries where they are not necessary for the research task.

6. Disclosure of information

We disclose personal data only to: (a) service providers and processors who help us run the Service (such as hosting, payment, and analytics providers) under appropriate confidentiality and data-protection obligations; (b) authorities or other parties where required by law, court order, or valid legal process, or to protect rights, safety, and security; and (c) a successor entity in connection with a merger, acquisition, or sale of assets, subject to this policy.

We do not otherwise disclose your personal data to third parties without your consent.

7. Data retention

We retain your account data for as long as your account is active and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements.

Query and session data may be retained in logs for operational and security purposes for a limited period, after which we delete or anonymise data that is no longer required.

You may request deletion of your account and associated personal data by contacting us at [email protected], subject to retention we are required or permitted to maintain under applicable law.

8. Security

We apply security controls appropriate to the sensitivity of legal professional data, including encryption of data in transit (TLS) and at rest, access controls that limit who within our team can access user data, and monitoring for unauthorised activity. Our security posture is described at niyam.ai/security.

No system is perfectly secure. If we become aware of a personal-data breach that is likely to cause harm, we will notify affected users and the competent authority as required by applicable law, including the DPDP Act and the Information Technology Act, 2000.

9. International transfers

Some of our service providers may process data on servers located outside India. Where personal data is transferred outside India, we take steps to ensure that it is protected consistently with this policy and with applicable law, including any restrictions or conditions notified under the DPDP Act.

10. Your rights as a data principal

Subject to applicable law, including the DPDP Act, you have the right to: access a summary of the personal data we process about you and how we process it; seek correction, completion, or updating of inaccurate or incomplete data; seek erasure of personal data that is no longer required; withdraw consent where processing is based on consent; and nominate another individual to exercise your rights in the event of death or incapacity.

To exercise any of these rights, contact us at [email protected]. We may need to verify your identity before acting on a request and will respond within the timeframe required by applicable law.

If you are located in a jurisdiction that grants additional rights, such as data portability or the right to object to certain processing, you may exercise those rights by contacting us.

11. Children's data

The Service is intended for legal professionals and adults. It is not directed at children. We do not knowingly collect personal data from a person under 18 years of age. If we learn that we have collected such data without the consent required under applicable law, we will delete it.

12. Cookies and tracking

We use cookies and similar technologies for authentication, security, and basic, privacy-respecting analytics. We do not use advertising cookies or cross-site tracking. Our Cookie Policy at niyam.ai/legal/cookies describes these in detail.

13. Grievance Officer

In accordance with the Information Technology Act, 2000, the rules made under it, and the DPDP Act, you may direct any complaint or concern about the processing of your personal data to our Grievance Officer.

Grievance Officer — NIYAM.AI APP PRIVATE LIMITED. Registered office: 136, 1st Floor, Orchid Business Park, Sector-48, Narsinghpur, Gurgaon (Gurugram), Haryana, India 122004. Email: [email protected]. We will acknowledge complaints promptly and resolve them within the timeframe prescribed by applicable law.

14. Governing law and jurisdiction

This Privacy Policy is governed by the laws of India. Any dispute arising out of or relating to this policy is subject to the exclusive jurisdiction of the competent courts at Gurugram (Gurgaon), Haryana, India.

15. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page with an updated date and, where the changes are material, take reasonable steps to notify you. Your continued use of the Service after the changes take effect constitutes acceptance of the revised policy.

16. Contact

NIYAM.AI APP PRIVATE LIMITED

Registered office: 136, 1st Floor, Orchid Business Park, Sector-48, Narsinghpur, Gurgaon (Gurugram), Haryana, India 122004

Email: [email protected]