Privacy Policy

Last updated: January 8, 2025

1. Introduction

Nodox.ai ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website and services at nodox.ai.

2. Information We Collect

Account Information

When you create an account, we collect your email address and display name. If you subscribe to Pro, we also process payment information through our payment processor (Stripe).

Usage Data

We collect information about how you use our platform, including:

  • Challenge attempts and completion status
  • Quiz scores and progress
  • Learning track progress
  • Session duration and page views
  • Feature usage patterns

Technical Data

We automatically collect certain technical information:

  • Browser type and version
  • Device type (desktop, mobile, tablet)
  • Operating system
  • IP address (for security and rate limiting)
  • Referral source and UTM parameters

3. Cookies and Tracking

We use cookies and similar technologies only with your consent. You can manage your cookie preferences at any time.

Essential Storage

We use browser localStorage for authentication sessions and sessionStorage for temporary session data. These are necessary for the site to function and do not require consent.

Analytics Cookies (with consent)

If you accept cookies, we use:

  • Vercel Analytics - for website performance and usage analytics
  • Google Analytics - for understanding user behavior and improving our service

4. How We Use Your Information

We use collected information to:

  • Provide and maintain our services
  • Track your learning progress and achievements
  • Process payments and manage subscriptions
  • Send important service notifications
  • Improve our platform and develop new features
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

5. Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Supabase (database), Stripe (payments), Vercel (hosting)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Data Security

We implement appropriate security measures to protect your data, including:

  • Encryption in transit (HTTPS/TLS)
  • Secure database with row-level security policies
  • Regular security audits and updates
  • Limited access to personal data

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data
  • Withdraw consent for optional data processing
  • Object to certain data processing

To exercise these rights, contact us at hi@nodox.ai

8. Data Retention

We retain your data for as long as your account is active or as needed to provide services. If you delete your account, we will delete your personal data within 30 days, except where we need to retain it for legal or legitimate business purposes.

9. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

hi@nodox.ai