Privacy Policy

Last updated: April 2, 2026

What we collect

When you create an account, we collect your email address and display name. When you use Nexus, we store your conversation messages to provide continuity across sessions. If you pay for credits or a subscription, PayPal processes the payment — we store the transaction ID and credit amount, not your payment details.

How we use your data

  • Conversations: Your messages are sent to AI services (Anthropic Claude, local models) to generate responses. We store conversation history so Nexus can remember your story across sessions.
  • Memories: Key facts about you are extracted from conversations and stored to personalize your experience. You can request deletion at any time.
  • Email: Used for account authentication and transactional messages (receipts, critical updates). We never send marketing email without your consent.
  • Analytics: We use Langfuse for observability to improve response quality. Conversation data is used in aggregate — never sold or shared with advertisers.

Third-party services

  • Anthropic (Claude API) — processes your messages to generate AI responses
  • PayPal — processes payments (we never see your card details)
  • Cloudflare — hosting, DNS, email routing, DDoS protection
  • Telegram — if you use the Telegram bot, Telegram processes message delivery

Data storage and security

Your data is stored in a PostgreSQL database on our servers. Passwords are hashed with PBKDF2-SHA256 (260,000 iterations). Sessions use cryptographically random tokens stored in Redis. All traffic is encrypted via HTTPS (TLS 1.2+).

Your rights

  • Access: Request a copy of all data we hold about you
  • Deletion: Request deletion of your account and all associated data
  • Correction: Update your display name or email at any time
  • Export: Request an export of your conversation history

To exercise any of these rights, email [email protected].

Crisis data

If our system detects a crisis situation (self-harm, suicide), we provide helpline resources. We do not report crisis conversations to authorities or third parties. Your conversations remain private.

Children

Nexus is designed for users aged 12 and older. We do not knowingly collect data from children under 12. If you believe a child under 12 has created an account, contact us and we will delete it.

Changes

We may update this policy. Significant changes will be communicated via email or an in-app notice. Continued use after changes constitutes acceptance.

Contact

Questions about privacy? Email [email protected].