← Back to NODUS
Privacy Policy
Last updated: January 7, 2026
TL;DR: NODUS is privacy-first by design. Your captured conversations stay on your device. We don't collect, store, or sell your data. The code is open source so you can verify this yourself.
1. Our Privacy Commitment
NODUS was built on a fundamental principle: your AI conversations are yours alone. We designed the extension to be local-first, meaning your data never leaves your device during normal operation.
2. Data We Do NOT Collect
We do not collect, store, or have access to:
- Your AI conversations or captured content
- Your prompts, responses, or any text you interact with
- Your browsing history or activity
- Personal identification information through the extension
- Your files, documents, or exports
3. Data Storage
All data captured by NODUS is stored locally using your browser's built-in storage (IndexedDB). This means:
- Data is stored only on your device
- Data is not synced to any external servers
- Data is not accessible to us or any third party
- You can export or delete your data at any time
- Uninstalling the extension removes all stored data
4. Optional Telemetry
NODUS includes an optional, opt-in telemetry system. If you choose to enable it:
- What we collect: Anonymous, aggregated usage statistics (e.g., which features are used most, error rates)
- What we DON'T collect: Any conversation content, personal data, or identifiable information
- Privacy protection: We use k-anonymity to ensure individual users cannot be identified
- Your control: Telemetry is disabled by default and can be toggled at any time in settings
Purpose: Telemetry helps us understand which features are valuable and identify bugs, improving NODUS for everyone.
5. Pro Subscription Data
If you subscribe to NODUS Pro:
- Payment processing is handled by Paddle (our Merchant of Record)
- We receive only: confirmation of active subscription, subscription tier, and billing period
- We do NOT receive: credit card numbers, bank details, or full billing addresses
- Paddle's privacy policy applies to payment data: paddle.com/legal/privacy
6. Third-Party Services
NODUS interacts with third-party AI platforms (ChatGPT, Claude, Gemini, etc.) only to capture conversations you initiate. We do not:
- Send additional requests to these platforms
- Share any data with these platforms beyond your normal usage
- Modify or intercept your communications with these platforms
7. Open Source Verification
Our core code is open source under AGPL-3.0. You can verify our privacy claims by:
- Reviewing the source code: github.com/mmcarvalhodev/nodus-core
- Inspecting network requests in your browser's developer tools
- Auditing the telemetry implementation in
src/telemetry/
8. Data Security
Your local data is protected by:
- Browser-level security for extension storage
- Optional encrypted backups (Pro feature) using AES-256 encryption
- No external transmission means no interception risk
9. Your Rights
You have complete control over your data:
- Access: View all captured data through the NODUS dashboard
- Export: Export your data in TXT, HTML, or DOCX formats
- Delete: Delete individual items or all data at any time
- Portability: Your exports are standard formats usable anywhere
10. Children's Privacy
NODUS is not intended for users under 13 years of age. We do not knowingly collect any information from children.
11. Changes to This Policy
We may update this Privacy Policy occasionally. Changes will be posted on this page with an updated revision date. Significant changes will be communicated through the extension.
12. Contact Us
For privacy-related questions or concerns:
Email: mmcarvalho.dev@gmail.com
GitHub: Open an issue
Our Promise: We built NODUS because we believe privacy matters. We will never sell your data, show you ads, or compromise on our local-first architecture. The code is open for you to verify.