Privacy Policy

🔍 1. Overview

NODUS is a local-first browser extension. Everything you capture — ideas, notes, highlights, tags, chains, and projects — is stored exclusively in your browser's local storage (chrome.storage.local) and never uploaded to any server.

NODUS makes two types of external connections, both clearly described in this document:

opt-in Anonymous telemetry

Disabled by default. If you choose to enable it, only aggregated usage statistics are sent — never your content.

PRO only License validation

Only for paid PRO subscribers. Sends a hashed device fingerprint and your email to verify the license. No conversation content is ever included.

💾 2. Data stored locally on your device

All of the following is stored in chrome.storage.local — meaning it lives only on your computer and is never sent anywhere unless you explicitly export it.

Captured ideas, notes, and highlights
Tags and queue assignments
Chains and chain templates
Projects and project metadata
Dashboard layout preferences
Language and animation settings
Telemetry event queue (if opted in)
Anonymous ID — a locally-generated SHA-256 hash with a random salt, never linked to your identity

NODUS does not have a user account system. There is no cloud sync, no server-side profile, and no way for us to identify you from the data stored locally.

🌐 3. External endpoints explained

NODUS connects to external URLs in three scenarios: telemetry (opt-in), license validation (PRO only), and reading files you have already uploaded to AI platforms. Here is every endpoint used and exactly what is sent.

3a. NODUS infrastructure

https://nodus-worker.mmcarvalho-dev.workers.dev/telemetry/batch opt-in only

Receives anonymous aggregated usage statistics. Only called if you have enabled telemetry in Settings. See Section 4 for full details.

Data sent: anonymous ID (SHA-256 hash) · event type counts · platform counts · no conversation content · no URLs · no text

https://nodus-worker.mmcarvalho-dev.workers.dev/auth/status PRO only

Validates your PRO license on startup. Only called if you have entered a license token. See Section 5 for full details.

Data sent: email address · hashed device fingerprint · no conversation content

3b. AI platform file access

These endpoints are accessed read-only when you trigger Full Chat Capture or file attachment features. NODUS reads the file content to display or save it locally. Nothing is uploaded to NODUS servers.

https://files.oaiusercontent.com/* · https://*.oaiusercontent.com/* · https://cdn.openai.com/* read-only

User-uploaded files and images in ChatGPT conversations (images, PDFs, attachments). NODUS reads these files locally to include them in Full Chat Capture.

https://*.anthropic.com/* read-only

User-uploaded files, artifacts, and attachments in Claude.ai conversations. Accessed locally to support Full Chat Capture.

https://storage.googleapis.com/* read-only

User-uploaded files in Gemini conversations. Accessed locally to support Full Chat Capture.

https://*.blob.core.windows.net/* read-only

User-uploaded files in Microsoft Copilot conversations. Accessed locally to support Full Chat Capture.

📊 4. Optional anonymous telemetry

Telemetry is disabled by default. You must explicitly enable it in Settings → Telemetry to activate it. You can disable it at any time and all locally queued data is cleared immediately.

What telemetry collects (when enabled)

Event type counts (e.g. "3 saves, 1 inject") — no content, no text
Platform counts (e.g. "used on ChatGPT 2 times") — no URLs
Anonymous ID — a locally-generated SHA-256 hash, not linked to your identity
Aggregated session counts per day (temporal binning)

What telemetry never collects

Conversation content, prompts, or AI responses
URLs visited or page titles
Your name, email, or any identifying information
IP address (not stored by our worker)
Device specifications or browser fingerprint

How data is processed before sending

Events are aggregated locally before transmission. Instead of sending raw events, NODUS sends aggregated counters (e.g. how many saves happened, by which platform) with privacy-preserving noise applied (±2 random offset per counter). Raw events never leave your device.

Data retention

Aggregated telemetry data is retained on our servers for a maximum of 12 months, after which it is deleted. Local event logs are retained for 90 days in your browser storage, then automatically cleaned up.

🔑 5. PRO license validation

If you purchase NODUS PRO, the extension validates your license with our server on startup. This is the minimum required to verify a paid subscription.

What is sent during license validation

Your email address (as entered when activating)
A hashed device fingerprint (browser-generated identifier, not your hardware serial)

What is never sent

Conversation content or anything you have captured
Your IP address (not stored, only used for routing by Cloudflare)
Any telemetry data (these are separate systems)

License data is stored in a Cloudflare D1 database (Brazil/South America region). It is used solely to validate whether your subscription is active. It is never sold or shared with third parties.

The FREE version of NODUS works entirely offline and never contacts our license server.

📎 6. File access on AI platforms

When you use Full Chat Capture or the file attachment features, NODUS may fetch files that you have already uploaded to an AI platform (ChatGPT, Claude, Gemini, Copilot) in order to include them in your local capture.

This access is read-only and local. NODUS reads the file content directly from the AI platform's CDN into your browser's memory and saves it to your local storage (chrome.storage.local). The file is never re-uploaded to any NODUS server.

The browser permissions required for this (*.oaiusercontent.com, *.anthropic.com, storage.googleapis.com, *.blob.core.windows.net) allow NODUS to read those files. They do not allow NODUS to write to, modify, or transmit your data on those platforms.

🚫 7. What we never do

Sell your data to any third party
Read, store, or transmit your conversation content
Track which websites you visit outside AI platforms
Use advertising SDKs or third-party analytics
Inject ads or affiliate links into AI platforms
Access your microphone, camera, or clipboard without action
Sync your captured data to any cloud without your explicit export

⚖️ 8. Your rights (LGPD / GDPR)

NODUS is compliant with the Brazilian Lei Geral de Proteção de Dados (LGPD) and the EU General Data Protection Regulation (GDPR), and compatible with CCPA.

Rights you have

Access — All data stored locally is visible and exportable from the NODUS dashboard at any time
Deletion — You can delete all local data from Settings → Clear All Data. Uninstalling the extension also removes all local data
Portability — Export all your ideas as JSON, Markdown, or DOCX at any time
Opt-out — Disable telemetry at any time in Settings → Telemetry
License data deletion — Contact us to request deletion of your email from our license database

Legal basis for processing

Telemetry is processed under consent (opt-in). License validation is processed under contract performance (verifying a paid subscription). No other processing occurs.

✉️ 9. Contact

For privacy-related questions, data deletion requests, or any concerns:

📧 Email

[email protected]

🌐 Project site

nodus-ai.app

🔍 Source code

github.com/mmcarvalhodev/nodus-core — The telemetry and license modules are fully auditable in the open source core.

This policy may be updated when new features are added. Material changes will be noted in the extension's release notes. Continued use of NODUS after a policy change constitutes acceptance of the updated policy.