Privacy Policy

When you hold the configured hotkey, Nino takes a snapshot of your active screen. This screenshot exists in memory on your local machine for the duration of the request. If your question requires visual context, the screenshot is transmitted over an encrypted HTTPS connection through our Cloudflare worker proxy to the relevant AI provider. Once the AI provider returns a response, the screenshot is not retained by us and is not written to any persistent storage.

For visual questions, screenshots are routed to OpenAI GPT. For text-only questions, screenshots are not sent at all and only the transcribed text is used. In Agent mode, Nino may take additional intermediate screenshots during task execution to verify progress. The same rules apply: these snapshots are used only for that single check and are discarded immediately after.

Nino does not monitor your screen continuously. It does not record screen activity, capture background windows, or access screen content except at the moment of an explicit user-initiated request. You are always the one who initiates the capture by pressing the hotkey.

AI providers may retain request data in accordance with their own retention policies. OpenAI retains API inputs for up to 30 days for safety monitoring purposes, after which they are deleted. DeepSeek retains data according to their own privacy policy, available at deepseek.com. We recommend reviewing those policies if you regularly share sensitive screen content.

When you speak after pressing the hotkey, your audio is streamed over an encrypted WebSocket connection directly from your device to AssemblyAI. Nino first requests a one-time authentication token from our Cloudflare worker. This token is valid only for the duration of the current transcription session and expires automatically when the session ends.

We do not have access to the raw audio stream. The audio does not pass through any Nino server; it travels directly between your device and AssemblyAI. Once AssemblyAI returns the transcribed text, the connection is closed. We do not store audio recordings.

AssemblyAI processes and retains audio and transcript data according to their own privacy policy, available at assemblyai.com/privacy. If you have concerns about third-party handling of voice data, you can use the text input interface in Nino rather than voice.

Nino stores the following data locally on your Windows machine: conversation history and tutor turn logs in %APPDATA%\nino\; agent task results, summaries, and action logs in %LOCALAPPDATA%\nino\; application configuration including your worker URL, hotkey, and model preferences in %APPDATA%\nino\config.toml; and application runtime logs in %LOCALAPPDATA%\nino\Logs\.

Screenshots are never written to disk by Nino. They exist only in process memory for the duration of a single request. Knowledge base documents that you manually place in %APPDATA%\nino\knowledge\ are read locally to provide application-specific context and are never uploaded to our servers.

All locally stored data is yours. You may inspect, edit, or delete any of these files at any time. Uninstalling Nino does not automatically remove these directories. If you wish to remove all local data, you can delete the %APPDATA%\nino\ and %LOCALAPPDATA%\nino\ directories manually after uninstalling.

Authentication is provided through Better Auth with Google Sign-In. When you create an account, we store your name, email address, a hashed session token, and your account creation timestamp in a Neon Postgres database hosted in the United States. We do not store your Google password. Access to your account is managed through OAuth tokens provided by Google.

If you link your desktop application to an account through the desktop link approval page, session metadata may be synchronised from your device to your account. This metadata includes the name of the active application, the task type (tutor or agent), request timing, and task completion status. It does not include screenshot images, audio recordings, file contents, or the text content of AI responses.

Billing is managed by Polar. We pass your email address to Polar when you initiate a subscription. We do not store credit card numbers or payment instrument details. All payment processing is handled directly by Polar in accordance with their privacy policy.

You may request deletion of your account and all server-side data by emailing support@nino.app. We will process the deletion within 30 days. Deletion removes your account record, session metadata, and billing linkage. It does not remove locally stored data from your machine.

AssemblyAI (assemblyai.com): receives your voice audio for real-time transcription. Audio streams directly from your device. We do not pass any other personal data to AssemblyAI. Their privacy policy is at assemblyai.com/privacy.

OpenAI (openai.com): receives your question text and, for visual questions, a screenshot of your screen. OpenAI processes this data through their API under their data usage policies for API customers. Their privacy policy is at openai.com/policies/privacy-policy. OpenAI retains API inputs for up to 30 days.

DeepSeek (deepseek.com): receives your question text only. Screenshots are not sent to DeepSeek. DeepSeek processes this data under their own privacy policy at deepseek.com.

All three providers are accessed exclusively through our Cloudflare worker proxy. The proxy adds authentication and routing but does not log the content of requests. Cloudflare's data handling practices apply to the proxy infrastructure; see cloudflare.com/privacypolicy.

The desktop application may send anonymised usage events to PostHog if a PostHog token is configured in your environment. Events include: application start and quit, hotkey activation, task type (tutor or agent), task completion or failure status, and error codes. No screenshot data, file names, directory paths, transcripts, or AI response content is included in any analytics event.

The Nino website sends standard page view, session, and authentication events to PostHog using the browser SDK. These events include the page URL, referrer, browser type, and whether you are signed in.

PostHog stores event data on infrastructure governed by their privacy policy at posthog.com/privacy. If you object to analytics collection in the desktop application, you can remove the PostHog token from your environment configuration or uninstall Nino.

When you sign in to the Nino website, a session cookie is set in your browser. This cookie contains an encrypted session identifier that allows the server to authenticate subsequent requests. It is a first-party, HttpOnly, Secure cookie and is not accessible to JavaScript. It expires when your browser session ends or after 30 days of inactivity, whichever is sooner.

We do not set advertising cookies, tracking pixels, or third-party cookies on the Nino website. PostHog may set a first-party analytics cookie to maintain session continuity across page views, if analytics are enabled.

We retain your account record, session tokens, and subscription status for as long as your account remains active. If you delete your account, we will remove this data within 30 days, except where we are required to retain it for longer to comply with applicable law (for example, billing records for tax purposes).

Anonymised analytics event data may be retained by PostHog for up to 12 months. AI provider retention periods are governed by their own policies as noted in Section 5.

Locally stored data on your machine, including conversation history, task logs, and configuration, is retained indefinitely unless you delete it manually. Nino does not automatically purge local data.

Right to access: you may request a copy of all personal data we hold about you by emailing support@nino.app. We will respond within 30 days.

Right to correction: if any personal data we hold is inaccurate, you may request that we correct it.

Right to deletion: you may request deletion of your account and all associated server-side personal data at any time. We will process the request within 30 days.

Right to data portability: you may request an export of your account data in a machine-readable format.

Right to object: you may object to certain processing activities, including analytics. Contact us and we will accommodate your request where technically feasible.

If you are in the European Economic Area or the United Kingdom, you have additional rights under GDPR and the UK GDPR, including the right to lodge a complaint with your local supervisory authority. Contact us at support@nino.app to exercise any of these rights.

The Service is intended for users who are at least 18 years of age. We do not knowingly collect personal data from anyone under 18. If we become aware that we have collected personal data from a person under 18 without verifiable parental consent, we will take steps to delete that information promptly. If you believe we may have collected data from a minor, please contact us at support@nino.app.

We may update this Privacy Policy from time to time to reflect changes in the product, legal requirements, or our data practices. For material changes, particularly any changes to how we handle screenshot data, voice data, or the AI providers we use, we will provide at least 14 days prior notice through the desktop application or by email to the address associated with your account.

The date at the top of this page reflects the most recent revision. Your continued use of the Service after the effective date of a revision constitutes your acceptance of the updated policy.

Email: support@nino.app. We respond to all privacy-related enquiries within two business days.

If you are not satisfied with our response, you have the right to escalate your concern to the relevant data protection authority in your jurisdiction.