Join waitlistRequest early access
← Back to home
Legal · Privacy Policy

Privacy Policy

How Nupick collects, uses, and protects information across the app, website, and beta.

Effective June 9, 2026 · Last updated June 9, 2026

Prefer the short version? Read the plain-language privacy summary.

This Privacy Policy explains how Nupick AI Private Limited, a private limited company with registered office at 505 Lake View, Madinaguda, Hyderabad, India - 500049 (“Nupick,” “Company,” “we,” “us,” or “our”), processes information in connection with Nupick, a local-first desktop AI application for Windows, macOS, and Linux.

Nupick is designed to keep chats, files, documents, local memory, indexes, embeddings, connector data, API keys, and user content on your device by default. Some optional or beta features may transmit limited information outside your device, as described in this Privacy Policy.

1. Scope

1.1 This Privacy Policy applies to:

  • (a) the Nupick desktop application;
  • (b) the website at nupick.ai;
  • (c) beta access, waitlist, and sign-up forms;
  • (d) software update services, including downloads from downloads.nupick.ai;
  • (e) optional cloud AI model usage;
  • (f) optional connectors;
  • (g) beta telemetry and diagnostics;
  • (h) support, feedback, and bug reports;
  • (i) future account, licensing, and paid features.

1.2 This Privacy Policy does not apply to third-party services that you choose to use with Nupick, including third-party AI model providers, cloud storage providers, SaaS tools, databases, websites, identity providers, or connector services. Those services are governed by their own terms and privacy policies.

2. Local-First Design

2.1 Nupick is designed as a local-first desktop application.

2.2 By default, the following information is intended to remain on your device:

  • (a) chats;
  • (b) prompts;
  • (c) AI outputs;
  • (d) files and documents;
  • (e) images and PDFs;
  • (f) embeddings and vector indexes;
  • (g) local memory;
  • (h) local settings;
  • (i) connector metadata;
  • (j) browser automation state if such feature is introduced later;
  • (k) API keys and credentials;
  • (l) local databases and local file storage.

2.3 Nupick currently uses local storage technologies that may include SQLite, ChromaDB, Qdrant, and local file storage.

2.4 Files may be copied into Nupick-managed local storage or indexed from their original location, depending on user settings and workflow.

2.5 Because this data is stored locally by default, Nupick AI Private Limited generally cannot access it unless you choose to transmit it through a cloud model, telemetry, support request, connector, account feature, or another feature that clearly sends data outside your device.

3. Information Stored Locally

3.1 Nupick may store the following locally:

  • (a) chats;
  • (b) prompts;
  • (c) outputs;
  • (d) files;
  • (e) documents;
  • (f) images;
  • (g) PDFs;
  • (h) embeddings;
  • (i) vector indexes;
  • (j) local memory;
  • (k) settings;
  • (l) API keys;
  • (m) connector metadata;
  • (n) local search indexes;
  • (o) local app state.

3.2 API keys and connector credentials are stored locally using the operating system keychain where supported.

3.3 Other local data, including files, databases, embeddings, and indexes, is not guaranteed to be app-level encrypted. Its protection may depend on your device security, operating system account security, and disk encryption settings.

3.4 You are responsible for securing your device, operating system, user account, disk encryption, backups, local files, and credentials.

4. Cloud AI Providers During Beta

4.1 During beta, Nupick does not operate a cloud AI relay by default.

4.2 If you choose to use a cloud AI model during beta, requests may be sent directly from your device to the third-party AI provider you select, using the API key or account configuration you provide.

4.3 Supported or planned providers may include OpenAI, Anthropic, Google Gemini, Groq, xAI, OpenRouter, Ollama-compatible providers, Hugging Face-related services, and other compatible providers that Nupick makes available.

4.4 When you use a cloud AI model, the content included in that request may be sent to the selected provider. This may include prompts, selected conversation context, selected document excerpts, selected image or PDF content, selected connector-derived context, metadata, and provider-specific request data.

4.5 Nupick will show a warning before sending data outside your device for cloud model use.

4.6 Third-party AI providers process your requests under their own terms, privacy policies, data practices, retention rules, abuse-monitoring systems, safety policies, and account rules.

4.7 Nupick AI Private Limited does not control third-party AI providers and is not responsible for their availability, model behavior, output, retention practices, training practices, pricing, safety review, account actions, or policy changes.

4.8 You should not send confidential, sensitive, regulated, personal, or third-party data to a cloud AI provider unless you have the legal right to do so and accept that provider’s terms.

5. API Keys and Credentials

5.1 During beta, users bring their own third-party AI provider API keys.

5.2 User-supplied API keys are stored locally using the operating system keychain.

5.3 Nupick AI Private Limited does not intentionally collect or store your third-party AI API keys during beta.

5.4 You are responsible for obtaining, securing, rotating, revoking, and monitoring your own API keys and credentials.

5.5 You are responsible for all charges, usage, rate limits, suspensions, account restrictions, data processing, and provider-side consequences associated with third-party API keys or accounts you connect to Nupick.

6. Model Training

6.1 Nupick AI Private Limited does not use your chats, files, documents, prompts, outputs, connector data, telemetry, local memory, or local content to train AI models.

6.2 Third-party AI providers may have their own data-use and model-training practices. Those practices depend on the provider, account type, product type, region, settings, and applicable terms.

6.3 You are responsible for reviewing third-party AI provider terms before using cloud models.

7. Connectors

7.1 Nupick may support optional connectors, including:

  • (a) Local files;
  • (b) Google Drive;
  • (c) OneDrive;
  • (d) Dropbox;
  • (e) Notion;
  • (f) Slack;
  • (g) Gmail;
  • (h) Outlook;
  • (i) GitHub;
  • (j) Jira;
  • (k) Confluence;
  • (l) HubSpot;
  • (m) Postgres;
  • (n) MySQL;
  • (o) MongoDB;
  • (p) SQLite;
  • (q) Microsoft Teams;
  • (r) Calendar services.

7.2 Connector capabilities depend on the connector. Some connectors may be read-only. Some may support write, update, or action-based functionality where explicitly enabled and authorized by you.

7.3 Connector credentials are stored locally using the operating system keychain.

7.4 Connector sync is manual and user-triggered by default. Sync behavior may vary by connector and user configuration.

7.5 Nupick may store connector metadata locally. Depending on the connector and your configuration, Nupick may also copy, cache, index, or store selected connector content locally.

7.6 Connector data is not sent to cloud AI models by default.

7.7 Connector-derived data may be sent to a cloud AI model only after warning and user approval.

7.8 You are responsible for ensuring that you have the legal right and authority to connect, access, index, analyze, summarize, or process data from each connected source.

7.9 You are responsible for complying with third-party connector terms, workplace policies, confidentiality obligations, and applicable data-protection laws.

8. Telemetry and Diagnostics During Beta

8.1 Telemetry is available during beta.

8.2 Telemetry may be enabled by default in beta builds.

8.3 You can enable or disable telemetry from Nupick settings.

8.4 Telemetry may include:

  • (a) app version;
  • (b) operating system and device information;
  • (c) crash logs;
  • (d) backend logs;
  • (e) frontend logs;
  • (f) performance metrics;
  • (g) feature usage events;
  • (h) session-flow events;
  • (i) model loading errors;
  • (j) connector sync errors;
  • (k) automation errors, if applicable in future builds;
  • (l) update success or failure information;
  • (m) IP address and request metadata in server logs.

8.5 Telemetry is used to identify bugs, diagnose crashes, improve beta stability, understand product quality, and support QA.

8.6 Telemetry is not intended to collect chats, files, prompts, AI outputs, documents, connector content, API keys, passwords, or secrets.

8.7 Diagnostic logs may accidentally include sensitive fragments, such as file names, file paths, URLs, error payloads, snippets, prompts, outputs, connector names, or other diagnostic context depending on the issue.

8.8 Telemetry and logs are stored on Nupick-owned servers.

8.9 Telemetry and logs are retained until the relevant issue is resolved or for a maximum of 15 days, whichever is earlier, unless longer retention is required for security, legal, abuse-prevention, or dispute reasons.

8.10 You should avoid using beta builds with sensitive, regulated, confidential, or production data.

9. Website Analytics

9.1 Nupick may use Cloudflare Analytics on nupick.ai.

9.2 Cloudflare Analytics may process technical information such as request metadata, browser/device information, page performance, approximate location information, IP-derived data, and traffic statistics.

9.3 We do not currently use third-party advertising cookies unless separately disclosed.

10. Software Updates

10.1 Nupick may check for, download, verify, and install updates from downloads.nupick.ai or successor update domains.

10.2 Installers are signed.

10.3 Updates are signed and/or verified where implemented.

10.4 You may disable auto-updates.

10.5 Update checks and downloads may process app version, operating system, device architecture, update channel, build identifier, IP address, timestamp, and request metadata.

11. Voice Mode

11.1 Voice mode is not available during the current beta.

11.2 Nupick may introduce optional voice features in future versions.

11.3 If voice features are introduced, they may require microphone permissions and additional disclosures regarding audio processing, storage, transcription, consent, and deletion.

11.4 Future voice features may require updated terms or notices.

12. Automate Mode

12.1 Automate mode is not available during the current beta.

12.2 Nupick may introduce optional browser automation features in future versions.

12.3 If introduced, Automate mode may control a browser to perform tasks on websites selected by the user and may require additional terms, warnings, permissions, and user approvals.

12.4 Future automation features may require updated terms or notices.

13. Images, PDFs, Documents, and Code Repositories

13.1 Nupick can process images, PDFs, and documents.

13.2 Code repository processing is planned and may be introduced in future versions.

13.3 You are responsible for ensuring that you have the right to process, analyze, summarize, index, or transmit any content you provide to Nupick.

14. Data Deletion and Local Wipe

14.1 Users can delete chats, workspaces, files, and memory from inside the app.

14.2 Users can fully wipe local Nupick data.

14.3 User data export is planned.

14.4 Nupick does not currently create backups. Backup features for user settings and choices may be added later.

14.5 If you uninstall Nupick, local data deletion may depend on your operating system, installer behavior, user profile settings, and manual deletion choices.

14.6 Deleting data inside Nupick may not delete copies that exist outside Nupick, including original files, third-party services, operating system backups, disk snapshots, cloud drives, provider logs, or data already sent to third-party AI providers.

15. Support and Feedback

15.1 If you contact us, we may process your name, email address, issue description, screenshots, logs, diagnostics, device information, or attachments you provide.

15.2 You should avoid sending sensitive, regulated, confidential, or production data through support unless necessary.

15.3 Feedback and bug reports may be used by Nupick AI Private Limited to improve, develop, commercialize, and support Nupick without compensation.

16. Legal Bases and Regional Rights

16.1 Where applicable privacy laws apply, our legal bases may include consent, contract performance, legitimate interests, and legal obligations.

16.2 Depending on your jurisdiction, you may have rights to access, correct, delete, export, restrict, or object to processing of personal data we control.

16.3 Because Nupick is local-first, much of your data may be stored only on your device and may not be accessible to us.

16.4 To exercise privacy rights for data we control, contact hello@nupick.ai.

17. Sensitive and Regulated Data

17.1 Beta users should avoid using Nupick with sensitive, regulated, confidential, or production data.

17.2 Nupick is not currently intended for healthcare diagnosis, legal advice, financial trading, employment screening, insurance eligibility, credit decisions, biometric identification, children’s profiling, weapons-related use, surveillance, or other high-risk use.

17.3 Nupick must not be used as the sole or final basis for decisions involving legal rights, health, finance, employment, credit, insurance, safety, children, biometric identification, surveillance, or other high-impact areas.

18. Security

18.1 Nupick is designed with a local-first architecture to reduce unnecessary data transmission.

18.2 Nupick uses encryption in transit for server communications.

18.3 API keys and connector credentials are protected through the operating system keychain where supported.

18.4 Installers are signed, and updates are signed and/or verified where implemented.

18.5 No software, device, network, server, cloud provider, AI provider, connector, or transmission method is fully secure.

18.6 You are responsible for securing your device, operating system, disk encryption, backups, accounts, API keys, credentials, browser sessions, and connected services.

19. Open Source and Model Licenses

19.1 Nupick includes open-source components.

19.2 Open-source notices and license information are planned to be made available in the app and/or website.

19.3 Nupick does not bundle local AI models by default during beta. Users download models separately.

19.4 Models may be downloaded from Ollama, Hugging Face, or other model sources.

19.5 Model license display is planned.

19.6 You are responsible for reviewing and complying with applicable model licenses, provider terms, and usage restrictions.

20. International Transfers

20.1 If you use features that transmit data to us, third-party AI providers, connector providers, identity providers, or other services, your information may be processed in countries outside your location.

20.2 These countries may have data-protection laws different from your jurisdiction.

21. Compliance Claims

21.1 Nupick is designed with a privacy-conscious, local-first architecture.

21.2 Unless expressly stated in a signed agreement, Nupick AI Private Limited does not represent that Nupick is certified under or fully compliant with GDPR, HIPAA, SOC 2, ISO 27001, DPDP Act, or any other specific regulatory framework.

22. Changes to this Privacy Policy

22.1 We may update this Privacy Policy from time to time.

22.2 If we make material changes, we will provide reasonable notice through the app, website, release notes, email, or other appropriate means.

23. Contact

For privacy questions, contact:

Nupick AI Private Limited 505 Lake View, Madinaguda, Hyderabad, India - 500049 Email: hello@nupick.ai Website: nupick.ai

← All legal documents

Early access

Start building your
private AI workspace.

Local-first, privacy-first, and built for people who want powerful AI without handing over everything.

Request early access Contact the team