Privacy Policy

Last updated: April 18, 2026

TL;DR

We run inference on our own hardware. Your data doesn't go to OpenAI, Anthropic, or any third-party LLM vendor. We store only what we need to make the product work.

What we collect

• Account data: email, username, password hash (bcrypt), credit balance.
• Usage data: message previews (first 100 chars), timestamps, credit deductions, IP address (hashed for rate limiting).
• Conversation memory: to provide the persistent-memory feature, we store summaries of your prior conversations keyed to your account (or anonymously to a hashed IP for free-tier use).
• Payment data: handled entirely by Stripe. We never see card numbers.

What we don't do

• We do not sell your data.
• We do not train public models on your conversations.
• We do not send your messages to third-party LLM APIs. All inference runs on Norax AI hardware.
• We do not use advertising trackers.

Cookies

We use a single authentication cookie (JWT, HttpOnly, Secure, SameSite=Lax) for logged-in sessions. No analytics cookies.

Retention

• Conversation memory: kept until you request deletion, or up to 50 most recent exchanges per account.
• Usage logs: 90 days, then anonymized.
• Account data: until you delete your account.

Your rights

Email [email protected] to:

• Export your data
• Delete your account and all associated memory
• Correct inaccurate information

We respond within 30 days.

Children

Norax AI is not directed to children under 13. We do not knowingly collect data from children.

Changes

If we update this policy materially, we'll post a notice on the site and update the date above.

Contact

Norax AI · [email protected]