Data Protection and Privacy Policy

Last Updated: 29-09-1995

This Data Protection and Privacy Policy outlines the types of data collected when you interact with the Platform, the purposes for which the data is used, and the measures taken to protect its security (“Privacy Policy” or “Policy”). Please read this Policy carefully before registering on and using the services of the Platform.

Nox **(accessible through the website https://www.app.nox.today or https://www.nox.today (“the Platform”/ “we”/ “us”/ “ours”) is committed to protecting the privacy of its users (“User” / “you”/ “yours”). We maintain stringent policies to ensure that all personal information submitted to us by you is securely collected and stored and used. Such information is utilized as may be deemed reasonably necessary by the Platform.

This Policy applies exclusively to the online activities conducted on the Platform and governs the collection and use of information provided by visitors and users of the Platform. It does not extend to any information collected offline or through channels other than the Platform. The Platform employs cookies to improve your browsing experience. By accessing and using the Platform, and by accepting this Privacy Policy, you consent to the use of cookies in accordance with the terms set forth herein.

If you do not agree with the terms outlined in this Privacy Policy, you are advised to discontinue using this Platform immediately. **Please note that we reserve our right to modify or update this Privacy Policy at any time, with appropriate notification and consent being taken in case of any significant change. Continued use of the Platform after such modifications or updates will be considered as your acknowledgment and acceptance of the revised Privacy Policy.

1. CONSENT

1. By registering on the Platform, you hereby confirm that you have read, understood, and consented to this Privacy Policy and agree to its terms. In case you do not agree with the terms or do not wish to provide your consent, please do not register or use the services on our Platform.

2. By accessing and using our Platform, you acknowledge and consent to the collection, processing, and use of your personal data by the Platform, its partners, and affiliates in accordance with this Policy; including but not limited to your name, email address, phone number, gender, date of birth, profile picture, , proof submissions (such as photos, videos, or written logs), device information, IP address, and usage behaviour, interactions with other accounts, etc.

3. If you choose not to share the required information, the Platform reserves the right to restrict or deny access to its services. You acknowledge that refusal to provide consent may result in the inability to access or use certain features of the Platform, and you shall not be entitled to raise any claims or objections in this regard.

WITHDRAWAL AND DELETION OF CONSENT

1. Once you provide your personal data and register on the Platform, you retain the right to revoke your consent to the collection, processing, and our use of your personal data provided at any time by submitting a written or electronic request to us on support@nox.today.

2. Upon receipt of a valid revocation request, we shall acknowledge the request within [30] Business Days and cease processing your personal data unless required to retain it under applicable laws. In such cases, personal data may be retained for compliance with legal obligations, fraud prevention, dispute resolution, regulatory requirements, or protection against legal claims. Once no longer required for such purposes, the data shall be securely deleted or anonymized in accordance with industry standards.

INFORMATION COLLECTED BY US

1. When you register on Nox, we may collect and process personal data, including your name, date of birth, gender, nationality, and contact details.

2. Please note that all information is collected with your informed and explicit consent.

3. These Privacy Policy terms may be periodically reviewed and revised. The revised terms shall be uploaded on the Platform and shall reflect the modified date of the terms.

TYPES OF PROOF COLLECTED

1. Users may be required to submit evidence demonstrating progress toward their stated goals. Such proof may include, but is not limited to:

   1. Images, videos, or audio recordings, or

   2. Written statements or digital declarations, or

   3. Workout logs, employment letters, or

   4. Any other relevant documents as may be specified.

2. Submission Frequency and Deadlines

   1. Users may be required to submit proof at specified intervals (e.g., daily, weekly, monthly) before a final deadline, as determined by their selected goal structure.

   2. Interim deadlines may be set for ongoing accountability, and failure to submit proof within the required timeframe may impact goal validation.

Data Retention and Security

1. Proof submissions are securely stored and retained to facilitate the verification of goal achievement and to maintain platform integrity. Participants must ensure that any and all proofs required to be submitted does not to the extent possible include any personal or sensitive information or data unless the same is mandated under the rules of a Pact.

2. All proof submissions made by Participants in relation to any completed Pact will be stored and made accessible under the “Track Record” section of the respective Pact. These records are intended to ensure transparency, facilitate retrospective accountability, and support future audits or appeals.

3. All proofs will remain accessible in perpetuity, subject to Nox’s data retention policies and Applicable Laws. Participants may submit a request for removal of their stored proofs from the Track Record, and Nox may, at its sole discretion, consider such requests on a case-by-case basis. Approval of such removal requests may be contingent upon the closure of any related dispute or audit process.

4. At present, all submitted proofs are verified manually by designated human Verifiers. In the future, Nox may deploy artificial intelligence (AI) or automated verification systems to assist or supplement the verification process. Regardless, Nox shall ensure that each proof is reviewed by a human Verifier at the current stage. In addition to the assigned Verifier, authorized Nox administrators may access, and review submitted proofs where necessary to facilitate operational efficiency, resolve bottlenecks, monitor quality, or address disputes. All such access shall be governed by strict internal protocols to ensure privacy, integrity, and confidentiality of Participant data.

5. Users retain control over their submitted proof and may request deletion of their data, subject to compliance with applicable laws and Nox’s data retention policies.

Sharing and Confidentiality

1. Proof submissions are made visible to the Participants of the Pact along with the Verifier of the Pact (if applicable) by default to peruse and also for the verification of evidence and for any other purposes such as but not limited to a dispute as stated in our Terms and Conditions. Additionally, proofs of pacts can be viewed by members of Groups or Communities that such Pacts are tagged to.

2. Nox does not sell or share proof submission data with third parties, except where required by law or with prior user authorization.

3. By continuing to use Nox, you consent to the collection and processing of proof submission data as outlined in this Policy.

HOW THE COLLECTED INFORMATION IS UTILISED

1. By accessing and using the Platform and its Services, you hereby acknowledge and consent to Nox’s use of your data, including, but not limited to, your interactions, submissions, preferences, and engagement patterns for the purpose of improving and enhancing the functionality and performance of the Platform.

2. The personal information that you are asked to provide may be used for the following purposes:

3. Administration of the Platform.

4. To improve and enhance the Platform based on your preferences and usage in order to constantly improve your browsing and user experience.

5. To send you general or promotional communications, including email notifications, if you have provided explicit consent to receive them. You retain the right to withdraw your consent at any time by contacting us or by unsubscribing to such communications.

6. To verify your identity, maintain accurate records, and ensure compliance with the Platform’s Terms, Policies, and applicable laws.

7. To address and resolve any inquiries or complaints you submit through the Platform.

8. To uphold the security of the Platform and implement measures to detect and prevent fraudulent activities in line with the Platform’s Policies.

9. To facilitate your access to and use of the services offered on the Platform.

10. To monitor compliance with the Platform’s Terms and Conditions/Policies and of applicable laws and regulations.

11. To conduct internal research aimed at developing new features, optimizing user experience, and enhancing the overall effectiveness, fairness, and usability of the Platform and its services.

12. To train machine learning and artificial intelligence (AI) models that may be used to assist in verification processes, detect anomalies or suspicious behaviour, improve user experience, and automate administrative functions.

13. To develop and refine analytical tools and models that provide customized recommendations of Pacts, challenges, or activities tailored to your past behaviour, performance trends, and interests, thereby personalizing your experience on the Platform

14. We reserve the right to conduct security reviews to verify your identity, age, registration details, and usage of the services provided on our Platform for compliance with our Terms and Conditions and applicable laws.

15. By accessing and using our Platform, you consent to our employees, agents, and/ or service providers using and disclosing that information which is required to be divulged to third-parties due to the necessity to validate the information provided.

16. Any and all data collected from you is merely collected, processed and handled by the Platform. The end user is considered the rightful owner of their personal data, while the Platform merely acts as a custodian or fiduciary of the data without any rights to own such data. We do not market or sell any personal information for monetary gain.

17. All such use of data shall be compliant with applicable data protection laws and subject to the terms outlined in the Platform’s Privacy Policy. Personal data shall not be sold to third parties, and adequate safeguards shall be implemented to ensure data anonymization, security, and integrity during all stages of processing.

18. Nox may analyse any historical and ongoing Participant submitted data including but not limited to user habits, activity logs, proof submissions, photos, videos, and engagement patterns for the purpose of improving the functionality, performance, and effectiveness of the Pacts, Services and Platform. Such analysis may involve the use of advanced methodologies, including machine learning and artificial intelligence (AI), to derive insights, test new features, and enhance user experience. Where applicable, this may include the training of proprietary or third-party AI models. All data used for research and development will be anonymized and aggregated prior to use, ensuring that no personally identifiable information (PII) is included in such analysis or shared with third parties unless we have obtained your explicit and informed consent to do so. By using the Platform, you consent to the use of your non-identifiable data for such purposes. Should Nox seek to utilize identifiable information for research, AI training, or external collaboration, we will request and obtain your express written consent in advance, in compliance with applicable data protection laws and the Nox Privacy Policy.

DISCLOSING YOUR DETAILS

1. Personal or sensitive data collected from your device during your use of our Platform will not be stored, recorded, monitored, or shared unless it is essential for ensuring compliance with applicable laws and regulations and our Platform policies, including but not limited to this Privacy Policy and Terms and Conditions, as updated from time to time.

2. In addition, we may disclose your personal information:

   1. As required by applicable law, regulation, or legal process;

   2. To establish, exercise, or defend our legal rights, including for the prevention and detection of fraud;

   3. In connection with any ongoing or anticipated legal proceedings;

   4. To any individual or entity reasonably believed to be entitled to obtain such information through a lawful court or regulatory authority order;

   5. To any relevant authorities, financial institutions, or other necessary entities in compliance with legal requirements;

   6. To any third parties as necessary to validate the information you have provided.

3. Nox may, from time to time, share certain data with third-party service providers, advertisers, or partners for the purpose of delivering and enhancing its Services—strictly in accordance with your explicit consent.

4. Personal information shall only be disclosed to third-party vendors, affiliates, or advertisers, in line with applicable laws, privacy regulations and the present Policy. Such sharing may be used to personalize content, deliver targeted communications, improve service delivery, or facilitate integrated services. All third-party access and data-sharing arrangements will be subject to confidentiality obligations and appropriate data protection safeguards, and governed by the relevant third party’s privacy and data usage policies, in addition to Nox’s own Privacy Policy.

5. Nox may share aggregated and anonymized user data with third-party vendors such as our brand collaborators, sponsors, and other commercial partners. Such data may include, but is not limited to general traffic trends, behavioural patterns, responsiveness to features or content, and aggregated performance metrics.

6. No Personally Identifiable Information (PII), such as your name, contact details, or government-issued identification, shall be disclosed in connection with such data sharing. Where a brand partner sponsors or facilitates a challenge or Pact, that partner may be granted limited access to data voluntarily uploaded by Participants in that specific challenge (e.g., progress updates, completion metrics, non-sensitive user responses).

7. Furthermore, IP-derived location data may also be used for geo-targeting or to deliver region-specific experiences, offers, advertisements or content. Commercial partners may use this aggregated data to design better engagements, analyse participation trends, or run promotional campaigns that enhance user interaction on the Platform.

8. Nox may engage third-party vendors and service providers for certain functions, including but not limited to analytics, marketing optimization, feature development, and user experience improvement. For these purposes:

9. Certain user data may be shared with third-party analytics platforms or similar tools to understand usage patterns, troubleshoot issues, enhance feature performance, and improve service delivery.

10. These service providers operate under strict contractual obligations to protect your data, ensure confidentiality, and limit use exclusively to internal processing and analysis purposes as instructed by Nox.

11. Continued access and use of the Platform and its Services constitutes your agreement and consent to such data-sharing arrangements. Where required by law, or where the nature of the data or jurisdiction demands, Nox will obtain additional specific consent before initiating such sharing.

12. Additionally, where you have voluntarily connected your Nox account to external platforms or devices—such as fitness trackers, health monitoring apps, or other partner services (e.g., Fitbit, Apple Health, or Google Fit)—you authorize Nox to access and retrieve relevant data from those platforms for the purposes of syncing your progress, verifying activity within a Pact, or enhancing personalization features. This access will be maintained only for as long as the integration remains active and can be revoked by you at any time through your user settings.

SECURE YOUR INFORMATION

1. The Platform takes appropriate security measures to prevent unauthorized access, loss, misuse, or alteration of your personal data. Information provided by you is securely stored, and data processing activities are conducted in compliance with applicable security standards to ensure data protection.

2. As provided hereinabove, we shall ensure all reasonable safeguards are implemented for the protection of your personal data in accordance with relevant industry standards and practices. However, it is pointed out that the Platform cannot be held liable for breaches or unauthorized access resulting from third party cybersecurity incidents that may not be attributable to the Platform either directly or indirectly. While we strive to engage reputed security service providers to safeguard your personal data, we cannot guarantee the absolute security of the online system. Furthermore, you acknowledge that no data transmission over the internet or electronic storage system can be guaranteed to be completely secure. Accordingly, while Nox strives to protect your information using industry-standard practices, we cannot and do not guarantee absolute security.

3. In the event that we become aware of any actual or suspected data breach involving your personal information, we may notify affected users promptly using electronic means, such as emails, in-app notifications, or Platform alerts. You may also request to receive such notifications in written form by contacting us through the details provided in the “Contact Us” section of these Terms. Furthermore, we shall take prompt action to mitigate risks, notify the affected Users as mandated under applicable law, and coordinate with the relevant service provider to address vulnerabilities. By using our services, you acknowledge and agree that our liability is limited to the extent permitted by law in such instances.

4. By registering on the Platform and agreeing to these terms, you acknowledge that while we take stringent security measures, the transmission of data over the internet carries inherent risks. We cannot guarantee absolute security against unauthorized access, hacking, or data breaches that may arise due to factors beyond our reasonable control.

5. The Platform may contain links to external websites, which are subject to their own privacy and security policies. We do not control or assume responsibility for the data practices of such third-party websites. Users are encouraged to review and understand the privacy policies of these external sites before accessing them or consenting to providing any PII.

DATA ACCESS REQUESTS

Participants have the right to request a copy of their personal data maintained by Nox. Such requests must be submitted via email to the contact address provided in the “Contact Us” section of these Terms. Upon receipt of a valid request, Nox will process and provide the requested data in a structured, commonly used, and machine-readable format within a period of thirty (30) days, unless a longer period is required under applicable law or due to exceptional circumstances, in which case the user will be duly informed.

INVITATION TO NOX

Participants may invite others to join the Platform through available features such as phonebook synchronization, social media integration, or personalized invite links. By using these functionalities, you expressly represent and warrant that you have obtained the prior consent of each individual whose contact information you provide or upload for the purpose of sending an invitation. Nox disclaims any liability arising from the unauthorized use or sharing of third-party contact information. All invited users who sign up through such invitations shall be deemed to have accepted and agreed to be bound by these Terms and Conditions and Nox’s Privacy Policy and other Platform policies upon registration and use of the Platform.

MISCELLANEOUS

1. This Privacy Policy shall be read in conjunction with the Platform’s Terms and Conditions, , and other applicable policies, which collectively govern the collection and processing of your personal data.

2. In the event of any conflict between this Privacy Policy and any other policy of the Platform, the terms of this Privacy Policy shall prevail concerning matters related to personal data protection and privacy.

3. The governing law and jurisdiction applicable to this Privacy Policy shall be as set forth in the Platform’s Terms and Conditions. Any disputes arising from this Privacy Policy shall be subject to the exclusive jurisdiction of the courts as specified therein.

4. If any provision of this Privacy Policy is found to be invalid, unlawful, or unenforceable under applicable law, the remaining provisions shall continue to be valid and enforceable to the fullest extent permitted by law.