Back to Dashboard
Noxly Legal
Privacy Policy

How we protect your data and intelligence.

EFFECTIVE DATE: MAY 6, 2026

1. Introduction

At Noxly, we build advanced AI tools designed to amplify your productivity, creativity, and reasoning. Because our systems handle your ideas, code, and documents, we believe absolute transparency regarding data collection, processing, and security is mandatory. This Comprehensive Privacy Policy explains our practices. By accessing or using Noxly, you acknowledge and agree to this Policy.

2. Information We Collect

We strictly limit data collection to what is necessary to operate, secure, and improve the Noxly application:

  • Authentication Data: When you register via Google, GitHub, or Email, we collect your email address, display name, and authentication tokens via Firebase Auth.
  • User Content: We store the text prompts you submit, the AI responses generated, and the conversation metadata (timestamps, titles) required to render your chat history.
  • Uploaded Files: Documents, images, and videos uploaded to the chat are stored securely to provide contextual awareness to the AI models.
  • Deep Context (AI Memory): Noxly features an intelligent memory system. We process your conversations to algorithmically extract behavioral patterns, goals, and traits to personalize future interactions.
  • Telemetry & Usage Data: We collect non-personally identifiable diagnostic data (e.g., error logs, latency metrics, feature usage) to ensure platform stability.

3. How Your Data is Processed (The AI Pipeline)

Noxly functions as an intelligent routing engine. We do not host the underlying foundational Large Language Models (LLMs) on our own hardware. To fulfill your requests, your data is securely transmitted to industry-leading third-party Subprocessors:

  • Compute Providers: Your prompts and contextual files are sent to secure API endpoints hosted by NVIDIA NIM and OpenRouter to generate responses.
  • Agentic Research: If a prompt requires live web data (Deep Search), search queries are transmitted to Tavily, and requested web pages are parsed via Jina AI.

Zero-Training Guarantee: Noxly does not use your private User Content to train, fine-tune, or improve our own foundational AI models. Furthermore, our API agreements with our Compute Providers (NVIDIA, OpenRouter) stipulate that data submitted via their enterprise APIs is not used to train their models.

4. Data Storage and Security

Your data is stored in secure, enterprise-grade cloud infrastructure provided by Google Cloud (Firebase Firestore and Firebase Storage).

  • Encryption: All data is encrypted in transit using industry-standard TLS (Transport Layer Security) and encrypted at rest using AES-256 encryption.
  • Access Controls: Strict Firestore security rules ensure that your conversation data and files can only be accessed by your authenticated user ID.

5. Your Control and Data Rights

Privacy is a product feature. You maintain granular control over your data directly within the Noxly interface:

  • Memory Management: You may view, edit, or completely wipe your "Deep Context" AI Memory at any time via the Settings panel.
  • Conversation Deletion: Deleting a chat thread permanently removes the text and associated file attachments from our active databases.
  • Local Device Wiping: You may use the "Clear Local Data" feature to immediately purge all cached app data from your browser.
  • Account Deletion: You may request a complete deletion of your account and all associated data by contacting our support team.

6. Third-Party Sharing and Disclosures

We do not sell, rent, or lease your personal data to data brokers, advertisers, or any third parties. Data is only shared under the following circumstances:

  • With the Subprocessors mentioned in Section 3, strictly for the purpose of executing your AI requests.
  • To comply with valid legal subpoenas, court orders, or applicable laws.
  • To investigate or prevent security breaches, fraud, or abuse of our systems.

7. Data Retention

We retain your Account Information and User Content for as long as your account remains active. When you delete specific content (chats, files) or request account deletion, we initiate a hard deletion process across our active databases. Note that residual copies may remain in encrypted, automated backup systems for up to 30 days before being fully overwritten.

8. Changes to This Policy

We may update this Privacy Policy as Noxly evolves, introduces new AI capabilities, or adapts to new regulatory requirements. If we make material changes, we will notify you by updating the "Effective Date" at the top of this page or by displaying a prominent notice within the application.

9. Contact Us

If you have questions about this Privacy Policy, your data rights, or how our AI pipeline operates, please contact us at:

Email: legal@noxly.ai
Subject: Privacy Inquiry