Privacy policy

Working draft. This page describes our intended privacy posture; the legally-binding version will be finalised with counsel before V1 general availability. Material differences will be flagged in a release note. For the operational detail behind these statements, see /security.

Last updated: June 2026

1. Who we are

NitroxBrain is operated by NitroxConsulting, a French company (SIRET on request). Our registered contact for data-protection matters is security@nitroxconsulting.com. For general questions, hello@nitroxconsulting.com.

2. What data we collect, and why

We collect only what is necessary to operate Brain on your behalf.

  • Account data: your email address, the integrations you have connected, your Stripe subscription status. Source: you, when you sign up.
  • OAuth tokens: encrypted credentials for the third-party services (Gmail, Drive, Slack, …) you connect. Source: the vendor’s OAuth flow.
  • Conversation data: the messages you send to Brain and the replies it returns. Source: your Slack / Google Chat workspace.
  • Vault content: the files, notes, and memory Brain creates while serving you. Source: derived from your conversations.
  • Operational logs: timestamps, error traces, deploy events. Source: our infrastructure. Message content is redacted from these logs.

We do not collect: location data, device fingerprints, advertising identifiers, or third-party tracking cookies. The website uses no analytics by default.

3. Where it lives

  • Conversation, vault, and OAuth tokens: Google Cloud (europe-west1 β€” Belgium).
  • Subscription and routing metadata: PostgreSQL on AWS Lightsail (Paris).
  • Public website: AWS Lightsail (Paris), served via Caddy with Let’s Encrypt TLS.

No data is transferred outside the EU unless you explicitly connect a US-only third-party service.

4. Who can access it

  • You β€” always, via chat and via vault export.
  • The third-party services you connect β€” under the OAuth grant you authorised; revocable from the vendor at any time.
  • The LLM providers Brain uses β€” Anthropic, Google, OpenAI, Mistral, each under no-training data-handling agreements. Conversations are sent to them as they happen; they retain no data per their published policy for the tier we use.
  • NitroxConsulting operators β€” only when you ask for support, or under court order. Operator access to your vault is logged with timestamp, actor, target, and reason; the log is available on request.

We do not sell or trade your data. Period.

5. Your rights (GDPR)

  • Access β€” ask via security@nitroxconsulting.com; we ship a copy of your data within 30 days.
  • Rectification β€” tell Brain in chat, or open a ticket for hard-to-edit fields.
  • Erasure β€” cancel from Stripe, then ask us to delete. We confirm by email within 30 days.
  • Portability β€” vault export is plain Markdown + JSON in a tar.gz. Nothing is locked in.
  • Restriction / objection β€” write to us with the specific processing you wish to limit; we will respond within 30 days.
  • Complaint β€” you can lodge a complaint with the CNIL (French DPA) at any time.

6. Retention

  • Active subscription: data kept as long as you remain subscribed.
  • After cancellation: vault, OAuth tokens, conversation history, and routing rows are deleted within 30 days. We send a confirmation email.
  • Operational logs: 30 days, then automatic deletion.
  • Stripe transaction records: kept as long as required by French / EU tax law (typically 10 years), separately from your Brain data.

7. Security incidents

If a breach affects your data, we will notify you and the CNIL within 72 hours of confirmation, naming what was accessed, when, what we are doing about it, and what you can do.

8. Changes to this policy

Material changes are flagged in a release note. The current version is always at brain.nitroxconsulting.com/privacy. Past versions are kept in our public Git history.

9. Contact