Request Enterprise Access
In order to request enterprise access or for more information, please fill out the form below and our team will contact you accordingly.
Cancel
Thank you! Our team will reach out shortly.
Oops! Something went wrong while submitting the form.
© 2026 Nini. All rights reserved.
System
Why
What
How
Controls
Modules
Who
Request Access
Back to Home
System
Why
What
How
Controls
Modules
Who
© 2026 Nini. All rights reserved.
Our Privacy Policy

Effective date: March 2, 2026

This Privacy Policy explains how Nini (“nini,” “we,” “us”) collects, uses, discloses, and protects personal information in connection with our websites, design-partner onboarding, and the Nini platform (collectively, the “Services”).

Contracting Entity

“Nini” means the applicable Nini contracting entity identified in the applicable order form, master services agreement, or other written agreement governing your organization’s use of the Services (the “Agreement”).

For website-only interactions where no Agreement exists, “Nini” refers to the entity operating the website.

Privacy contact / Privacy Officer

privacy@nini.io

If there is a conflict between this Privacy Policy and a signed data processing addendum or similar privacy terms in an Agreement (a “DPA”), the DPA controls for Customer Data.

Scope

This Privacy Policy applies to:

• Website visitors (including “Request Access” submissions)
• Design partners and prospects during onboarding
• Business customers and authorized users using the platform

If you use the Services on behalf of an organization (the “Customer”), Customer administrators may access and manage information in accordance with the Agreement.

Key Definitions

Personal Information

Information about an identifiable individual, as defined under applicable privacy laws.

Customer Data

Data, documents, files, records, and content submitted to the Services by or on behalf of Customer, including uploaded artifacts and integration data.

Controller / Processor

In most business-to-business contexts, Customer is the controller of Customer Data and Nini is the processor/service provider processing Customer Data on Customer’s instructions, as further described in the Agreement and any DPA.

Information We Collect

We collect information in three ways:

1. Information you provide
2. Information generated through use of the Services
3. Information provided by Customer or connected third parties

Information You Provide

• Contact details (name, work email, phone number, role/title, company)
• Account and authentication information (login identifiers; authentication factors)
• Communications (messages, support requests, meeting notes you share)
• Contract and billing contacts (business contact details; invoice metadata)

Information Generated by Use of the Services

• Usage data (feature usage, actions taken, timestamps)
• Logs and diagnostic data (IP address, device/browser information, error logs)
• Audit and evidence trails (who reviewed/approved, when, and why)

Information Provided by Customer or Connected Systems

Depending on what Customer uploads or connects, the Services may process business records that can include Personal Information, such as:

• Names and contact details in invoices, statements, payroll reports, or correspondence
• Transaction line items and identifiers, remittance details, and related metadata
• Employee/vendor/customer identifiers included in source artifacts

Customer is responsible for ensuring it has lawful authority to provide such information to Nini for processing.

How We Use Information

We use Personal Information for:

• Providing and operating the Services (authentication, access control, feature delivery)
• Security and integrity (fraud prevention, monitoring, incident detection, audit logging)
• Onboarding and pilots (configuration, evaluation, and support requested by Customer)
• Support and communications (responding to inquiries, service messages)
• Service improvement (performance, reliability, product development)
• Legal and compliance (meeting lawful requests, enforcing agreements, maintaining required records)

AI and Automated Processing

The Services may use automated methods (including machine learning) to propose interpretations, classify content, and support workflows.

Customer Data and Model Training

Nini does not use Customer Data to train public or general-purpose models.

Any use of Customer Data to improve the Services is governed by the Agreement and any DPA and may include configuration tuning, quality assurance, and security activities using safeguards appropriate to the sensitivity of the data.

We may use de-identified and/or aggregated information (where it cannot reasonably identify an individual) for analytics and service improvement.

Third-Party AI Service Providers

If Customer enables features that rely on third-party AI services, or if the Agreement permits use of subprocessors for such processing, those providers act as service providers/subprocessors under contractual restrictions to process data only to provide services to Nini.

Customers may request subprocessors information as described below.

Legal Basis (Canada), Sensitive Information, and Safeguards

Where applicable under Canadian privacy laws (including PIPEDA), we process Personal Information based on:

• Consent (express or implied, depending on the context)
• Contractual necessity to provide the Services
• Legitimate business purposes such as security, fraud prevention, and service improvement

Some Customer Data may include financial, payroll, banking, or transactional information that can be considered sensitive in context. We treat such information with heightened care, including access controls, audit logging, and safeguards designed for sensitive finance workflows.

You may withdraw consent where it applies, subject to legal and contractual restrictions and reasonable notice.

Cookies and Similar Technologies

We use cookies and similar technologies for:

• Strictly necessary site functionality (security, session management)
• Preferences (remembering choices)
• Performance and reliability (diagnostics, uptime, page performance)

You can control cookies via browser settings. Blocking certain cookies may affect functionality.

How We Share Information

We do not sell Personal Information.

We may share Personal Information with:

• Service providers and subprocessors that help operate the Services (hosting, monitoring, security, support tooling)
• Customer and its authorized users under Customer’s account administration and permissions
• Connected third parties when Customer enables integrations
• Legal and safety recipients when required to comply with law, enforce agreements, respond to lawful requests, or protect rights and safety

Subprocessors

A current list of subprocessors relevant to the Services can be made available to Customers upon request under the Agreement and/or NDA.

Data Location and Cross-Border Processing

Customer Data may be processed in Canada and, depending on configuration and subprocessors, may be processed in other jurisdictions.

When cross-border processing occurs, we use contractual and technical safeguards appropriate to the sensitivity of the information.

Customers may request Canada-only data residency commitments through their Agreement and/or DPA.

Security Safeguards

We maintain an information security program designed to protect Personal Information and Customer Data.

No method of transmission or storage is 100% secure. We continuously improve safeguards and encourage Customers to use strong authentication and access governance.

Retention

We retain Personal Information and Customer Data for as long as necessary to:

• Provide the Services and meet contractual obligations
• Comply with legal and regulatory requirements
• Maintain auditability and resolve disputes
• Enforce agreements and prevent fraud

Retention and deletion/export mechanics for Customer Data are governed by the Agreement and any DPA.

Your Rights (Access, Correction, Deletion)

You may request access to, correction of, or deletion of Personal Information, subject to applicable law.

For data processed on behalf of a Customer, requests may need to be directed through Customer’s administrator or we may refer the request to Customer to verify authorization.

To submit a request:

privacy@nini.io

We may require verification of identity and authorization before responding.

Marketing Communications (CASL)

If you submit “Request Access” or otherwise provide contact information, we may send onboarding-related and service communications. Where required, you consent to receive such communications.

You may unsubscribe from non-essential communications at any time using the link provided or by contacting privacy@nini.io.

Children

The Services are not intended for children, and we do not knowingly collect Personal Information from children.

Changes

We may update this Privacy Policy from time to time. We will post the updated version with a new effective date.

Material changes may also be communicated through the Services.

Contact

Privacy inquiries: privacy@nini.io

Financial Truth Infrastructure.
Privacy Policy
Security
Terms of Service
Compliance
Careers
Trust Center
Contact
Design Partners
LinkedIn
X
Instagram
Careers
We’re building the verification layer for finance. If you care about correctness, auditability, and craft, reach out.
careers@nini.io
Design Partners
Design partner onboarding is limited and intentionally selective.
Send a short note with your systems, entity count, and what you want to prove first.
designpartners@nini.io
© 2026 Nini. All rights reserved. This website and its content are provided for informational purposes only and are subject to our Terms of Service and Privacy Policy. We use cookies and similar technologies to ensure the proper functioning of the site, analyze traffic, and improve user experience.