Nelabs AI Policy

Last Updated: [28 March 2025]

This AI Policy outlines Nelabs’s commitment to the responsible development, deployment, and use of artificial intelligence (AI) technologies across our products and services. Our aim is to ensure that our AI-driven solutions, including the AI Customer Centre with Brain, are designed and operated in a manner that is ethical, transparent, and aligned with legal and regulatory requirements. This policy applies to all employees, contractors, and partners involved in the design, development, and use of our AI systems.
 
1. Purpose and Scope
1.1 Purpose
The purpose of this policy is to:

• Define the principles and standards for the ethical use of AI at Nelabs.

• Ensure that our AI systems provide accurate, reliable, and fair results.

• Protect user privacy and data security while fostering innovation.

• Establish accountability and transparency in the deployment of AI technologies.

1.2 Scope
This policy applies to:

• All AI-driven products and services developed, maintained, or offered by Nelabs.

• Internal and external use of AI tools and systems, including data collection, processing, and decision-making processes.

• Any third-party integrations or partnerships involving AI technology where Nelabs’s AI capabilities are utilized.

 
2. Ethical Principles
Nelabs commits to the following ethical principles in all AI-related activities:
2.1 Fairness and Non-Discrimination

• Ensure that AI systems are designed to avoid bias and do not perpetuate discrimination.

• Regularly test and monitor algorithms for fairness across diverse user groups.

2.2 Transparency and Explainability

• Provide clear and understandable information about how AI systems function and make decisions.

• Enable users to access explanations regarding the outputs and decisions made by our AI, where applicable.

2.3 Accountability

• Establish clear roles and responsibilities for the development and oversight of AI systems.

• Implement mechanisms for auditing AI processes and addressing potential issues or errors.

2.4 Privacy and Data Protection

• Adhere to strict data protection standards and ensure that AI systems comply with applicable privacy regulations.

• Anonymize or pseudonymize data where possible and use secure methods for data storage and transmission.

2.5 Safety and Reliability

• Ensure that AI systems are thoroughly tested for safety, robustness, and reliability before deployment.

• Continuously monitor performance and implement updates or fixes as needed to maintain system integrity.

 
3. Development and Deployment
3.1 Responsible Development

• Follow best practices in software engineering and data science to ensure the integrity and quality of AI systems.

• Document design decisions and the rationale behind AI model selections to ensure traceability.

3.2 Data Management

• Collect and use data ethically and only for purposes explicitly defined and consented to by users.

• Implement regular data quality checks and ensure datasets used for training are diverse, representative, and free from harmful bias.

3.3 Deployment and Monitoring

• Deploy AI systems in a controlled manner, ensuring that fallback or human-in-the-loop mechanisms are in place for high-stakes decisions.

• Continuously monitor AI system performance and user feedback to identify and mitigate any unintended outcomes or biases.

 
4. User Rights and Communication
4.1 User Information

• Inform users about the role of AI in our products and how it affects their interactions with Nelabs services.

• Provide clear channels for users to ask questions, request further information, or report concerns related to our AI systems.

4.2 Opt-Out and Control

• Where feasible, allow users to opt out of AI-driven data processing that is not essential to service functionality.

• Respect user preferences and provide alternative service options if available.

 
5. Compliance and Governance
5.1 Legal and Regulatory Compliance

• Ensure that all AI systems comply with applicable international, national, and local laws, including data protection regulations (e.g., GDPR, HIPAA) and industry-specific standards.

• Keep up-to-date with evolving legal requirements and adjust practices as necessary.

5.2 Internal Governance

• Establish an internal AI oversight committee responsible for reviewing AI projects, policies, and ethical considerations.

• Conduct regular audits and assessments to ensure adherence to this policy and to identify opportunities for improvement.

 
6. Training and Awareness

• Provide ongoing training for employees and contractors on responsible AI practices, ethical considerations, and data protection.

• Encourage a culture of accountability and continuous learning to keep pace with emerging AI trends and challenges.

 
7. Reporting and Continuous Improvement
7.1 Issue Reporting

• Implement and maintain clear processes for reporting and addressing concerns or incidents related to our AI systems.

• Investigate reported issues promptly and transparently, taking corrective actions as needed.

7.2 Policy Review and Updates

• Regularly review and update this AI Policy to reflect changes in technology, legal requirements, and ethical standards.

• Notify stakeholders of significant updates to the policy and provide access to the latest version on our website.

 
8. Contact Information
If you have any questions, concerns, or feedback regarding this AI Policy or the use of AI at Nelabs, please contact us at:

• Email: support@nelabs.io

• Address: B-207-09, Pushp Business Complex, Vastral, Ahmedabad - 382418, Gujarat, India

 
By using Nelabs’s products and services, you agree to the principles and guidelines set forth in this AI Policy. We are committed to ensuring that our AI systems are developed and used responsibly, ethically, and in a manner that enhances the user experience while safeguarding rights and privacy.

 
 
Nelabs Cyber Security Policy

Last Updated: [28 March 2025]

This Cyber Security Policy establishes the principles and requirements for protecting the confidentiality, integrity, and availability of Nelabs’s digital assets and information systems. It applies to all employees, contractors, partners, and third-party service providers with access to Nelabs’s systems, data, and network infrastructure.
 
1. Purpose
The purpose of this policy is to:

• Safeguard Nelabs’s digital assets and sensitive data from unauthorized access, disclosure, alteration, or destruction.

• Define roles and responsibilities related to cyber security within the organization.

• Provide guidelines and procedures for the secure operation of our information systems.

• Ensure compliance with applicable laws, regulations, and industry standards.

 
2. Scope
This policy applies to:

• All Nelabs employees, contractors, and third-party service providers.

• All hardware, software, networks, and systems owned or managed by Nelabs.

• All data processed, stored, or transmitted across Nelabs systems.

• Any remote or mobile access to Nelabs’s digital assets.

 
3. Roles and Responsibilities
3.1 Executive Management

• Ensure the allocation of sufficient resources for implementing and maintaining effective cyber security measures.

• Support the development and enforcement of this policy across the organization.

3.2 IT and Security Teams

• Implement and maintain technical security controls, monitoring systems, and incident response plans.

• Conduct regular risk assessments, vulnerability scans, and penetration tests.

• Manage security awareness and training programs for all employees.

3.3 Employees and Contractors

• Adhere to the policies, procedures, and guidelines outlined in this document.

• Report any suspicious activities, potential vulnerabilities, or security incidents to the IT security team immediately.

• Use Nelabs resources only for authorized business purposes.

 
4. Security Controls and Measures
4.1 Access Control

• Implement role-based access controls (RBAC) to ensure that individuals have access only to the systems and data necessary for their role.

• Enforce strong authentication mechanisms, including multi-factor authentication (MFA), where applicable.

• Regularly review and update access permissions to reflect changes in roles or employment status.

4.2 Data Protection

• Encrypt sensitive data both in transit and at rest using industry-standard encryption protocols.

• Implement data classification and handling procedures to ensure that sensitive information is properly protected.

• Regularly back up critical data and store backups in a secure, offsite location.

4.3 Network and System Security

• Maintain up-to-date firewall, intrusion detection, and prevention systems to monitor and protect network traffic.

• Ensure that all systems are regularly patched and updated to mitigate known vulnerabilities.

• Segregate networks where necessary to minimize the potential impact of a security breach.

4.4 Endpoint Security

• Install and maintain anti-malware and antivirus software on all endpoints.

• Enforce policies on secure configurations for desktops, laptops, mobile devices, and other endpoints.

• Implement endpoint monitoring and management solutions to detect and respond to potential threats.

 
5. Incident Response and Management
5.1 Incident Reporting

• All employees and contractors must immediately report any suspected or confirmed security incidents to the IT security team.

• Use established communication channels for incident reporting to ensure timely response.

5.2 Incident Response Plan

• The IT security team will maintain a documented Incident Response Plan that outlines procedures for identifying, containing, eradicating, and recovering from security incidents.

• Regularly review and test the Incident Response Plan to ensure its effectiveness and update it as necessary.

5.3 Post-Incident Analysis

• Conduct a thorough investigation after each incident to identify the root cause and implement corrective actions.

• Document lessons learned and update security controls, policies, and procedures to prevent recurrence.

 
6. Training and Awareness

• Provide regular cyber security training and awareness programs for all employees and contractors.

• Ensure that personnel understand their roles and responsibilities in protecting Nelabs’s digital assets.

• Promote a culture of security awareness and vigilance throughout the organization.

 
7. Compliance and Auditing

• Ensure compliance with all applicable laws, regulations, and industry standards related to cyber security.

• Conduct regular audits and assessments of our cyber security controls and practices.

• Address any deficiencies identified during audits promptly and effectively.

 
8. Policy Violations

• Non-compliance with this policy may result in disciplinary action, up to and including termination of employment or contractual agreements.

• Legal action may be taken if violations of this policy result in significant harm or breach of legal obligations.

 
9. Policy Review and Updates

• This policy will be reviewed at least annually and updated as needed to reflect evolving threats, regulatory changes, and improvements in security practices.

• All updates and changes will be communicated to employees and relevant stakeholders in a timely manner.

 
10. Contact Information
For any questions, concerns, or to report a security incident, please contact our IT Security Team:

• Email: support@nelabs.io

• Address: B-207-09, Pushp Business Complex, Vastral, Ahmedabad - 382418, Gujarat, India

 
By accessing or using Nelabs’s systems and digital resources, you agree to adhere to the guidelines set forth in this Cyber Security Policy. We are committed to protecting our digital environment and appreciate your cooperation in maintaining a secure and resilient organization.