Privacy Policy

1. Scope

This Privacy Policy describes how Null Technologies Pte. Ltd. (“Null”) processes information in connection with its products, including Null Lens.

This document applies to organization-authorized users and enterprise customers. Null does not offer consumer-facing services.

2. Data We Do Not Collect

• Prompt text submitted to Null Lens
• Authorized Intent Records (AIR) content
• Model responses or outputs
• User-generated content of any kind
• Training data derived from customer inputs

Null Lens does not store, retain, cache, or persist inference content. All content is processed in-memory and discarded immediately after response generation.

3. Ephemeral Processing Model

Null Lens operates as a stateless, application-layer service. Each request is processed independently and is not linked to any prior or subsequent request.

No request or response content is written to disk, logs, analytics systems, or long-term storage controlled by Null.

4. Limited Operational Metadata

To operate the service reliably and securely, Null may collect and temporarily retain minimal operational metadata, including:

• Organization identifier
• Request timestamp
• Latency and status codes
• Infrastructure-level error signals

This metadata does not include prompt text, response content, or extracted intent fields. Metadata is rotated automatically and is not used for analytics, profiling, or training.

5. Model Training

Null does not train public or private models using customer prompts, AIR outputs, or inference content.

Any model improvements are derived from internal testing, synthetic inputs, or licensed datasets independent of customer data.

6. Infrastructure & Subprocessors

Null Lens operates on third-party infrastructure providers for compute, authentication, storage of account metadata, and network delivery.

These providers may process limited technical metadata as part of normal infrastructure operation. Null does not grant providers access to customer prompt or response content.

Current core providers include cloud GPU infrastructure, identity management, and hosting platforms with independent security and compliance attestations.

7. Customer Responsibilities

• Customers determine what data is submitted to Null Lens.
• Customers are responsible for ensuring they have authority to process submitted data.
• Customers are responsible for implementing downstream logging, audit trails, retention, and compliance controls.

8. Regulated & Sensitive Data

Customers should avoid submitting regulated personal data (including PII, PHI, or financial information) unless explicitly authorized under a separate written agreement.

Data Processing Addendums (DPAs) or Business Associate Agreements (BAAs) are provided only upon request and where legally required.

9. Security

Null applies reasonable technical and organizational measures to protect service integrity, including encrypted transport, strict access controls, and isolated execution environments.

No system is perfectly secure. Customers should not submit data they cannot risk transmitting to third-party infrastructure.

10. Retention & Deletion

Because Null does not retain prompt or response content, there is no customer content to delete from Null-controlled systems.

Account-level metadata may be retained as required for billing, security, and legal obligations and deleted upon account termination subject to applicable law.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in law, infrastructure, or service operation. Material changes will be reflected by an updated date on this page.

12. Contact

Privacy, security, or data governance inquiries:founder@null-core.ai