Privacy Policy
How Nilon collects, uses, and protects your data.
Last updated · May 23, 2026
01 Overview
The short version: Nilon saves AI outputs you choose to capture, processes them with AI to add tags, and stores them in your private vault. We don't sell your data, we don't train on your content, and you can export or delete everything at any time.
This Privacy Policy explains what information Nilon collects when you use our web application and Chrome extension, how we use that information, and what choices you have. By using Nilon you agree to the practices described here.
Nilon is operated by Lincoln Laylor ("we", "us", "our"). If you have questions, email us at support@nilon.io.
02 Data we collect
Account data
When you create an account we collect:
- Email address (required — used for authentication and optional digest emails)
- Name (optional — used only for display)
- OAuth provider tokens if you sign in with Google or GitHub (stored by Supabase Auth)
Website content and user-generated content
When you save an AI output via the extension or web app, we collect the following website content and user-generated content:
- The text content you chose to save
- The source platform (e.g. ChatGPT, Claude, Gemini, Perplexity)
- The source URL of the page where the save was made
- Timestamp of the save
- Save mode — whether you saved a whole conversation or clipped a single response
- Auto-generated metadata: title, content type, and tags — produced by Claude Haiku (see Third parties)
User activity data
We collect basic user activity telemetry to operate the service:
- Number of saves created
- Actions executed (e.g. opened Google Docs, added to Calendar)
- Plan tier (free or pro)
- Feature interactions in the web application (e.g. search queries, filter usage)
We do not collect device fingerprints, keystrokes, web browsing history, or navigation activity on any site. We do not collect any data from web pages you visit other than the specific AI conversation content you explicitly choose to save.
Payment data
Payment information (card number, billing address) is collected directly by Stripe and never passes through our servers. We store only your Stripe Customer ID to manage your subscription.
03 How we use it
| Data | Purpose | Basis |
|---|---|---|
| Email address | Authentication, account security, optional digest emails | Contract performance |
| Saved content (website content) | Storing and displaying your vault; auto-tagging via Haiku | Contract performance |
| Source URL & platform | Displaying provenance on save cards; selector health monitoring | Legitimate interest |
| User activity counters | Enforcing free tier limits (50 saves); billing; product improvement | Contract performance / Legitimate interest |
| Stripe Customer ID | Subscription management, upgrading plan on successful payment | Contract performance |
We never use your saved content to train AI models, build advertising profiles, or share it with third parties for their own commercial purposes.
04 Storage & security
Your data is stored in Supabase, a managed Postgres database hosted on AWS infrastructure in the US East (N. Virginia) region. All data is encrypted at rest (AES-256) and in transit (TLS 1.2+).
Row-level security (RLS) policies are enforced at the database level — it is architecturally impossible for one user's vault to be read by another user, even if there were a bug in the application layer.
Supabase Auth manages session tokens. The Chrome extension reads your session cookie from nilon.io — it never copies tokens to extension storage. For details, see Chrome extension.
Human access to user data: Nilon staff do not read the content of your saved outputs. Human access to vault content is only permitted in the event of a security investigation, a legal obligation, or with your explicit written consent.
05 Third-party data sharing
We share your data with the following service providers solely to operate Nilon. We do not sell your personal data, share it for advertising purposes, or disclose it to any party not listed below.
| Service | Data shared | Purpose |
|---|---|---|
| Supabase | Email, saves, tags, auth tokens | Database, authentication, and storage |
| Anthropic | Save content (text only) | Auto-tagging and title generation |
| Stripe | Email, Stripe Customer ID | Payment processing and subscription management |
| Vercel | IP address, user agent, request path | Web app hosting and delivery |
| Sentry | User ID, email (on error only) | Error monitoring and crash reporting |
| PostHog | Pseudonymous user ID, page views, UI events | Product analytics (usage patterns, feature adoption) |
We do not sell your personal data. We do not share your data with advertisers, data brokers, or any third party for their own commercial or marketing purposes.
Supabase
Database, authentication, and file storage provider. Your saves, account, and auth tokens are stored on Supabase infrastructure. Supabase is SOC 2 Type II certified. Supabase Privacy Policy →
Anthropic
When you save a piece of AI output, the text content is sent to Anthropic's API (Claude Haiku model) to generate tags, a title, and a content type classification. Anthropic does not use data submitted via its API for model training. API usage data is not used to improve Anthropic's models. Anthropic's data handling is governed by their Privacy Policy.
Stripe
Payment processing for Pro subscriptions. Stripe collects payment card data directly via Stripe Checkout — it never passes through our servers. We receive only a customer ID and subscription status. Stripe is PCI DSS Level 1 certified. Stripe Privacy Policy →
Vercel
Our web application is deployed on Vercel. Vercel may log request metadata (IP address, user agent, response status) for operational purposes. Vercel Privacy Policy →
Sentry
We use Sentry for error monitoring in the web application and Chrome extension. When an error occurs, Sentry may receive your user ID and email address alongside the error report to help us diagnose account-specific issues. Error reports are not used for advertising and are not shared with third parties. Data is retained by Sentry for 90 days. Sentry Privacy Policy →
PostHog
We use PostHog for product analytics in the web application. PostHog collects pseudonymous event data — page views, feature interactions, and general usage patterns — associated with a randomly generated user identifier. If you are logged in, that identifier may be linked to your account for the purpose of understanding feature adoption. PostHog does not receive your saved content, email address (unless you are logged in and we have explicitly identified your session), or payment information. You can opt out of analytics by enabling the "Do Not Track" setting in your browser. PostHog Privacy Policy →
06 Limited use
The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.
Data collected via Chrome extension permissions is used solely to provide the core functionality of Nilon — saving, organising, and retrieving your AI outputs. We do not use this data for any secondary purpose.
Specifically, data accessed via extension permissions is:
- Not used for personalised advertising. We do not use your data to serve, target, or facilitate advertising of any kind.
- Not sold or transferred to data brokers or resellers. Your data is never sold to or shared with third parties for their independent commercial purposes.
- Not used for creditworthiness or lending decisions.
- Not used to build profiles for purposes outside Nilon. Usage data and saved content are used only to operate and improve the Nilon product.
Human access restriction: Nilon staff do not read the content of your saved outputs. The only circumstances under which a human may access your data are: (1) a security investigation into a suspected breach or abuse, (2) a legal obligation under applicable law, or (3) your explicit written request or consent.
These restrictions apply to raw data, aggregated or anonymised derivatives, and any content accessed via extension host permissions.
07 Chrome extension
What data is collected and when
The extension operates in two modes. In both cases, data is only collected when you explicitly perform a save action — the extension does not collect data passively or in the background.
On a save action (whole-chat or clip)
When you click the extension icon to save a full conversation, or highlight text and click the clip button, the following data is transmitted to Nilon's servers over HTTPS:
- Conversation content — the full text of the conversation thread, including both your prompts and the AI's responses, formatted as markdown. For text-selection clips, only the highlighted text is sent. On Perplexity, cited source URLs displayed on the page are also appended to the saved content.
- Source URL — the full URL of the AI chat session (e.g.
https://chatgpt.com/c/abc123). This lets you return to the original conversation from your vault. - Source platform — the name of the AI platform where the save was triggered (e.g. "chatgpt", "claude", "gemini", "perplexity").
- Save mode — a flag indicating whether you saved a full conversation ("whole_chat") or a highlighted clip ("clip").
Save content is processed by Anthropic's Claude Haiku model to generate tags and a title. See Third-party data sharing for details.
While the extension popup is open
When you open the extension popup, the background service worker makes the following network requests to Nilon's servers:
- Authentication check — reads your session cookie to determine whether you are logged in and retrieves your account plan (free or pro).
- Recent saves — fetches up to five of your most recent saves (title, tags, content type, platform, and timestamp) to display in the popup. No save content is transmitted.
While the popup is open, if a save is still being processed (tags not yet generated), the popup polls the recent saves endpoint approximately every four seconds until processing completes or three minutes elapses.
What is stored locally on your device
The extension stores the following data in chrome.storage.local on your device. This data never leaves your browser unless explicitly noted.
- DOM selector cache — a copy of the remote CSS selector configuration used to locate conversation content on each AI platform. Cached for up to one hour to avoid redundant network requests.
- Extension settings — your preferences for which UI elements are visible (the "Save Chat" button and the text highlight clip button). These are stored locally and never transmitted.
- Button position — the screen position of the floating "Save Chat" button, stored per AI platform so it remembers where you placed it. Never transmitted.
Authentication tokens (your Supabase session) are stored exclusively in first-party cookies on nilon.io. They are never copied to chrome.storage.
Error monitoring in the extension
The extension's background service worker uses Sentry for error monitoring. If the extension encounters a technical error (such as a failed save or a network issue), Sentry may receive:
- Your user ID and email address (to allow us to investigate account-specific issues)
- The type of error and which operation failed (e.g. selector fetch or save)
- The name of the AI platform in use at the time of the error
Error reports are not used for advertising and are not shared with third parties beyond Sentry's infrastructure. Data is retained by Sentry for 90 days. The extension does not use any other third-party analytics SDK.
Permissions
The Nilon Chrome extension requests the following permissions. Each is described below with the specific reason it is required.
| Permission | Why it's needed |
|---|---|
| activeTab | Grants access to the URL and content of the currently active tab at the moment you click the extension icon — used to detect which AI platform you are on and to trigger a whole-chat save. |
| scripting | Used to inject content scripts into supported AI platform pages when you trigger a save. The injected scripts read conversation text from the page DOM and transmit it to Nilon's servers over HTTPS. Scripts are only executed at the moment you initiate a save action — they are not active in the background and do not monitor page activity passively. |
| storage | Stores the DOM selector cache, your UI preferences (which buttons are shown), and the saved position of the floating save button — all in chrome.storage.local. No vault content or authentication tokens are stored here. |
| cookies | Reads and refreshes your Supabase authentication session cookie on nilon.io so the extension can make authenticated API calls without requiring a separate login. When Supabase issues a new access token, the extension writes the updated token back to the cookie on your behalf. Only nilon.io cookies are accessed — no cookies from ChatGPT, Claude, Gemini, Perplexity, or any other site are read. |
Host permissionhttps://nilon.io/* | Required to read and refresh the session cookie and to call Nilon's backend APIs (save content, fetch recent saves, check your plan). |
Host permissionschatgpt.com, claude.ai, gemini.google.com, perplexity.ai | Required to inject the content scripts that read conversation text when you trigger a save, and to display the floating save button and clip button on these pages. The extension only reads page content at the moment you explicitly trigger a save action — it does not passively monitor, log, or transmit your activity on these platforms. Your web browsing activity, navigation history, and any content you do not explicitly save is never accessed, collected, or transmitted. |
What the extension does not do
- Read any page content on sites other than the four listed AI platforms
- Collect, monitor, or transmit your web browsing history or navigation activity — on any site, including the supported AI platforms
- Access or read content on AI platform pages unless you explicitly trigger a save
- Store any saved conversation content locally — all saves go directly to your Nilon vault via HTTPS
- Copy or cache your authentication tokens in extension storage
- Use your data for advertising or share it with advertising networks
- Collect data from the AI platform accounts you are logged into (only the conversation text you choose to save is accessed)
- Run background scripts or monitor page activity when the extension popup is closed and no save is in progress
08 Retention & deletion
Your data is retained for as long as your account is active. You may delete individual saves at any time from the vault. You may export your full vault as a JSON file from the Settings page.
To delete your account and all associated data, go to Settings → Danger zone → Delete account. This permanently deletes your saves, tags, action history, and auth credentials within 24 hours. Stripe subscription data is retained by Stripe per their retention policy.
Backups may retain your data for up to 30 days after deletion before being overwritten. During this window the data is inaccessible and will not be restored unless you request it by emailing support@nilon.io.
09 Your rights
Regardless of your location, we honour the following rights:
- Access — you can view all your saved data in the vault at any time
- Portability — export your full vault as JSON from Settings
- Deletion — delete individual saves or your entire account from Settings
- Correction — edit tags and titles on any saved item
- Objection to processing — you may request we stop processing your content for auto-tagging by emailing support@nilon.io. Note: disabling auto-tagging means new saves will not receive tags or titles automatically.
If you are in the European Economic Area (EEA), United Kingdom, or California, you have additional rights under GDPR, UK GDPR, and CCPA respectively. Contact us to exercise them.
10 Contact
Questions about this policy or your data? Email support@nilon.io.
We will respond within 5 business days. For account deletion or data export requests, we encourage you to use the self-service tools in Settings — they are immediate. Email requests are processed within 30 days.
This policy may be updated from time to time. Material changes will be communicated via email to registered users at least 14 days before taking effect.