← Back to NODUS

Privacy Policy

Last updated: January 7, 2026

            TL;DR: NODUS is privacy-first by design. Your captured conversations stay on your device. We don't collect, store, or sell your data. The code is open source so you can verify this yourself.
        

1. Our Privacy Commitment

NODUS was built on a fundamental principle: your AI conversations are yours alone. We designed the extension to be local-first, meaning your data never leaves your device during normal operation.

2. Data We Do NOT Collect

We do not collect, store, or have access to:

Your AI conversations or captured content
Your prompts, responses, or any text you interact with
Your browsing history or activity
Personal identification information through the extension
Your files, documents, or exports

3. Data Storage

All data captured by NODUS is stored locally using your browser's built-in storage (IndexedDB). This means:

Data is stored only on your device
Data is not synced to any external servers
Data is not accessible to us or any third party
You can export or delete your data at any time
Uninstalling the extension removes all stored data

4. Optional Telemetry

NODUS includes an optional, opt-in telemetry system. If you choose to enable it:

What we collect: Anonymous, aggregated usage statistics (e.g., which features are used most, error rates)
What we DON'T collect: Any conversation content, personal data, or identifiable information
Privacy protection: We use k-anonymity to ensure individual users cannot be identified
Your control: Telemetry is disabled by default and can be toggled at any time in settings

Purpose: Telemetry helps us understand which features are valuable and identify bugs, improving NODUS for everyone.

5. Pro Subscription Data

If you subscribe to NODUS Pro:

Payment processing is handled by Paddle (our Merchant of Record)
We receive only: confirmation of active subscription, subscription tier, and billing period
We do NOT receive: credit card numbers, bank details, or full billing addresses
Paddle's privacy policy applies to payment data: paddle.com/legal/privacy

6. Third-Party Services

NODUS interacts with third-party AI platforms (ChatGPT, Claude, Gemini, etc.) only to capture conversations you initiate. We do not:

Send additional requests to these platforms
Share any data with these platforms beyond your normal usage
Modify or intercept your communications with these platforms

7. Open Source Verification

Our core code is open source under AGPL-3.0. You can verify our privacy claims by:

Reviewing the source code: github.com/mmcarvalhodev/nodus-core
Inspecting network requests in your browser's developer tools
Auditing the telemetry implementation in src/telemetry/

8. Data Security

Your local data is protected by:

Browser-level security for extension storage
Optional encrypted backups (Pro feature) using AES-256 encryption
No external transmission means no interception risk

9. Your Rights

You have complete control over your data:

Access: View all captured data through the NODUS dashboard
Export: Export your data in TXT, HTML, or DOCX formats
Delete: Delete individual items or all data at any time
Portability: Your exports are standard formats usable anywhere

10. Children's Privacy

NODUS is not intended for users under 13 years of age. We do not knowingly collect any information from children.

11. Changes to This Policy

We may update this Privacy Policy occasionally. Changes will be posted on this page with an updated revision date. Significant changes will be communicated through the extension.

12. Contact Us

For privacy-related questions or concerns:

Email: mmcarvalho.dev@gmail.com

GitHub: Open an issue

            Our Promise: We built NODUS because we believe privacy matters. We will never sell your data, show you ads, or compromise on our local-first architecture. The code is open for you to verify.
        