← Back to Home

Privacy Policy

Last Updated: January 2026

At Nodifai, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We are GDPR compliant and committed to protecting your personal data.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Password (encrypted)
  • Display name (optional)
  • Profile information (optional)

Usage Data

We automatically collect:

  • Conversation structure and metadata (for graph visualization)
  • Board settings and preferences
  • Usage patterns and feature interactions
  • Device information and browser type
  • IP address and general location

API Keys (BYOK Users Only)

For BYOK plan users who provide their own API keys, we store encrypted API keys securely. API requests are made directly to third-party providers using your keys.

2. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Service
  • Visualize your conversations as interactive graphs
  • Enable collaboration and sharing features
  • Process your API requests (Standard plan)
  • Manage your BYOK API keys securely (BYOK plan)
  • Improve, personalize, and expand the Service
  • Communicate with you about updates and support
  • Monitor usage and detect technical issues
  • Comply with legal obligations

3. Data Storage and Security

We take data security seriously:

  • All data is stored using Supabase with PostgreSQL
  • Row Level Security (RLS) ensures data isolation
  • Passwords are hashed using industry-standard algorithms
  • API keys are encrypted at rest
  • All connections use HTTPS/TLS encryption
  • Regular security audits and updates

4. Third-Party AI Services

We integrate with third-party AI providers:

  • Google (Gemini models)
  • OpenAI (GPT models, DALL-E)
  • Anthropic (Claude models)
  • xAI (Grok)
  • GetImg.ai (FLUX image generation)

Standard Plan: We process your requests through our API accounts.
BYOK Plan: Requests go directly to providers using your API keys. We do not store conversation content for BYOK users—only the graph structure and metadata.

5. Cookies and Tracking

We use cookies and similar tracking technologies:

  • Essential Cookies: Required for authentication and core functionality
  • Analytics Cookies: Help us understand how you use the Service
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings, but disabling essential cookies may affect functionality.

6. Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data (\"right to be forgotten\")
  • Portability: Export your data in a machine-readable format
  • Restriction: Limit how we process your data
  • Objection: Object to certain types of processing
  • Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, contact us at privacy@nodifai.com

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

8. Children's Privacy

The Service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with GDPR requirements.

10. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Last Updated” date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@nodifai.com
Data Protection Officer: dpo@nodifai.com