Privacy Summary
NYMM stores all training data encrypted with AES-256-GCM encryption. No personally identifiable information (PII) is stored beyond what is required for account access. Your training answers are never used to train NYMM's platform models or shared with other users. Your data is not sold to advertisers or third parties — NYMM's business model is creator revenue share, not data monetization.
When a creator trains their AI twin, they share something deeply personal: their opinions, their communication style, their values, their experiences. This data is more sensitive than a transaction history or a browsing record. It is a representation of who they are.
Most AI platforms are not built with this level of sensitivity in mind. Their business model depends on using that data — to improve their models, to target advertising, or to sell to data brokers. NYMM is built differently. This post explains exactly how, technically and practically.
In this article
Encryption: How Your Data Is Protected at Rest
All training data on NYMM is encrypted at rest using AES-256-GCM (Advanced Encryption Standard with a 256-bit key in Galois/Counter Mode). Here is what that means in practice:
256-bit key strength
AES-256 uses a 256-bit encryption key, which provides 2^256 possible keys. To put this in perspective: if every atom in the observable universe were a computer running a brute-force attack since the beginning of time, they would not have meaningfully reduced the key space. This is the same standard used by the U.S. government for top-secret classified data.
Galois/Counter Mode (GCM)
GCM mode provides authenticated encryption — meaning the encryption not only protects data confidentiality but also ensures data integrity. Any attempt to tamper with encrypted data is automatically detected. This prevents a class of attacks where an adversary modifies encrypted data without decrypting it.
Per-user encryption keys
NYMM uses per-user encryption keys, not a single platform-wide key. This means a breach of one user's encryption key does not compromise any other user's data. Each creator's training data is encrypted independently.
Encryption in transit
All data transmitted between your browser and NYMM's servers is encrypted using TLS 1.3 — the current transport security standard. This protects your data from interception during transmission.
No PII Storage: What This Means in Practice
NYMM does not store personally identifiable information (PII) in its AI training system. This is a deliberate architectural choice. Here is what it means concretely:
| Data Type | Stored? | Notes |
|---|---|---|
| Training answers (your personality) | Yes, encrypted | AES-256-GCM, per-user keys, never in plaintext |
| Email address | Yes, encrypted | Required for account access only |
| Real name | No | NYMM uses usernames, not real names in the AI system |
| Government ID / SSN | No | Never collected |
| Location / IP history | No | Not logged or stored |
| Payment info (credit card) | No | Handled entirely by Stripe — NYMM never sees card data |
| Conversation content (fan messages) | Yes, encrypted | Visible only to the fan; creator sees aggregate analytics only |
| Device fingerprint | No | Not collected |
The result: even if NYMM's infrastructure were somehow compromised, the attacker would find encrypted blobs with no plaintext personal information, no payment data, and no government identification. The architecture minimizes breach impact by minimizing what is stored.
Why Your Data Never Trains Our Models
Most AI platforms have a significant incentive to use user-generated data for model training: better training data makes better models, and better models attract more users. NYMM has deliberately opted out of this pattern, for two reasons:
- 1Creator trust is the product: Creators share deeply personal information with NYMM — their real opinions, their communication style, their values. If that data were used to train NYMM's platform models, it would be exploited without compensation. This would betray the trust that makes the product work. NYMM's long-term value depends on creators trusting it with their identity — which requires a no-training commitment.
- 2The architecture supports isolation: NYMM uses a retrieval-augmented generation (RAG) architecture, not fine-tuning. Your training data is stored as embeddings in an isolated vector database keyed to your account. When your AI twin generates a response, it retrieves from your database only — not a shared pool. There is no mechanism in the architecture for your data to bleed into another user's context.
- 3Legal and ethical commitment: NYMM's Terms of Service and Privacy Policy explicitly state that training data is never used for platform model improvement. This is a contractual commitment, not just a policy — creating legal accountability for the data handling promise.
Comparison With Other AI Platforms
To understand how NYMM's approach differs, here is a comparison of data practices across major AI platforms:
| Platform | Uses Convos for Training? | Sells Data? | Encryption at Rest |
|---|---|---|---|
| NYMM | No | No | AES-256-GCM, per-user keys |
| ChatGPT (default) | Yes (unless opted out) | No | Platform-level encryption |
| Character.ai | Yes | No (reported) | Platform-level encryption |
| Replika | Yes | No (reported) | Platform-level encryption |
| Delphi.ai | No (reported) | No | Platform-level encryption |
Note: Information for other platforms is based on their publicly available privacy policies as of Q1 2026. Policies may change. NYMM's no-training commitment is contractually binding in its Terms of Service.
Your Data Rights on NYMM
NYMM provides full data rights to all users, regardless of where they are located:
Right to access
You can export all your training data, conversation history, and account information at any time from your Account Settings → Data Export page. Data is provided in JSON format within 24 hours of request.
Right to correct
You can edit, update, or delete any individual training answer at any time through the Training interface. Changes take effect immediately and are reflected in subsequent AI twin conversations.
Right to delete
You can delete your account and all associated data at any time. Deletion is permanent and processed within 30 days. There are no retention periods for deleted accounts — your data is gone.
Right to portability
Your exported training data is in a standard JSON format that can be read by any developer. You own your data and can use it however you choose.
Right to opt out of any new data uses
If NYMM ever introduces any new data use case, existing users will be notified and have the right to opt out before the new use begins. No retroactive changes to data handling.
Frequently Asked Questions
Where is my data stored?
Your training data is stored in encrypted form on NYMM's secure infrastructure, hosted in SOC 2 Type II certified data centers. Training content — your answers to personality questions — is stored as encrypted vectors in an isolated vector database. The raw text is also stored encrypted using AES-256-GCM with per-user encryption keys. It is never stored in plaintext.
Can NYMM read my training answers?
NYMM's systems process your training data to generate embeddings and serve AI responses — this is technically necessary for the product to function. However, NYMM staff do not read individual training answers for any purpose other than investigating reported abuse. Your answers are not reviewed for marketing, product research, or any commercial purpose.
What happens if I delete my account?
When you delete your NYMM account, all your training data — answers, embeddings, conversation history, and profile information — is permanently deleted from NYMM's systems within 30 days. This deletion is irreversible. There are no backup archives that retain your data after account deletion.
Is my data used to train NYMM's AI models?
No. Your training answers are used exclusively to generate responses for your own AI twin. They are never incorporated into NYMM's platform-wide models, used to improve the base LLM, shared with other creators' AI twins, or used for any purpose beyond serving your individual twin's conversations.
Does NYMM sell my data to advertisers or third parties?
No. NYMM does not sell user data to any third parties, including advertisers, data brokers, or analytics companies. NYMM's business model is based on creator revenue share — when creators earn, NYMM earns. There is no advertising model, and therefore no incentive to sell user data.
What data do fans' conversations generate, and how is it handled?
Fan conversations with AI twins are processed in real time to generate responses. Conversation history is stored encrypted and is visible only to the fan (for their conversation history) and accessible to the creator in anonymized aggregate form (topic frequency, conversation counts). Individual fan messages are not reviewed by NYMM staff and are not used for model training.
What is AES-256-GCM encryption and why does it matter?
AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode) is a symmetric encryption algorithm widely considered the gold standard for data-at-rest encryption. The 256-bit key length provides 2^256 possible keys — making brute-force attacks computationally infeasible. GCM mode also provides authenticated encryption, meaning any tampering with the encrypted data is detectable.
The Bottom Line
Privacy is not a checkbox for NYMM — it is the foundation of the trust that makes the product work. Creators share their personality, opinions, and values with their AI twin. That data deserves the highest level of protection and the clearest possible commitment about how it will be used.
AES-256-GCM encryption, zero PII storage, no training on your data, and no data sales are not marketing claims — they are architectural and contractual commitments baked into how NYMM is built.
You can read our full Privacy Policy and Terms of Service for the complete legal detail. And when you are ready to create your AI twin, start on NYMM for free — knowing your data is protected.