​

Privacy Policy

Last updated: December 2024

​

1. Introduction

Nordlys (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI model infrastructure platform (“Service”). Please read this privacy policy carefully.

​

2. Information We Collect

​

2.1 Information You Provide

• Account Information: Name, email address, organization details
• Authentication Data: Login credentials, API keys for Nordlys
• Chat Content: Your prompts, messages, conversations, and AI responses
• Payment Information: Billing details processed securely through Stripe
• Support Communications: Messages sent through our support channels

​

2.2 Automatically Collected Information

• Usage Analytics: API request counts, token usage, response times, error rates
• Technical Data: IP addresses, browser information, device identifiers
• Performance Metrics: System performance, latency measurements, model statistics
• Log Data: Server logs, error reports, security events
• Cookies: Authentication tokens, preferences, session data

​

2.3 Third-Party Model Partner Data

• Partner Responses: AI-generated content from external model partners
• Partner Metadata: Model information, usage statistics, cost calculations
• Partner Configurations: Your custom configuration settings (when applicable)

​

3. How We Use Your Information

We use your information to:

• Provide the Service: Process requests, manage conversations, generate responses
• Account Management: Create accounts, authenticate users, manage subscriptions
• Analytics: Generate usage reports, cost analysis, performance metrics
• Optimization: Improve service performance, Nordlys model, Nordlys model efficiency
• Support: Respond to inquiries, troubleshoot issues, provide assistance
• Security: Monitor for abuse, prevent fraud, maintain system security
• Compliance: Meet legal obligations and industry standards
• Communications: Send service notifications, updates, billing information

​

4. Third-Party Partner Data Sharing

​

4.1 Partners We Work With

Nordlys works with a set of external model partners. Contact support for the current list.

​

4.2 Data Shared with Partners

• Your prompts and conversation messages
• Model configuration parameters
• Request metadata (timestamp, Nordlys model)

​

4.3 Partner Data Policies

Each partner has their own data handling practices. We recommend reviewing their privacy policies:

• Some partners may use your data to improve their models unless you opt out
• Data retention periods vary by partner
• Some partners offer enterprise agreements with enhanced privacy protections
• Geographic data processing locations may differ

​

5. Data Storage and Security

​

5.1 Data Storage

​

5.2 Security Measures

​

5.3 Data Retention

• Chat History: Stored until you delete or account termination
• Usage Analytics: Retained for 2 years for billing and compliance
• Account Data: Retained while account is active
• Support Data: Retained for 3 years after resolution
• Log Data: Automatically deleted after 90 days

​

6. Data Subject Rights

You have the following rights regarding your personal data:

​

7. Cookies and Tracking

We use cookies and similar technologies for:

• Essential Cookies: Authentication, security, basic functionality
• Analytics Cookies: Usage statistics and performance monitoring
• Preference Cookies: User settings and interface preferences

You can control cookies through your browser settings, but this may affect service functionality.

​

8. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. When we transfer data internationally, we use appropriate safeguards such as:

• Standard contractual clauses
• Adequacy decisions by relevant authorities
• Certification schemes
• Provider-specific privacy frameworks

​

9. Children’s Privacy

Our service is not intended for children under 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

​

10. Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity. We will provide notice before your data is transferred and becomes subject to different privacy practices.

​

11. Legal Disclosure

We may disclose your information when required by law or to:

• Comply with legal process or government requests
• Protect our rights, property, or safety
• Protect users or the public from harm
• Investigate fraud or security issues
• Enforce our terms of service

​

12. Privacy Policy Updates

We may update this Privacy Policy periodically. Material changes will be communicated via:

• Email notification to registered users
• Platform notifications
• Updated “Last modified” date on this page

Continued use of the service after changes constitutes acceptance of the updated policy.

​

13. Third-Party Links

Our service may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

​

14. Contact Information

For privacy-related questions, concerns, or requests, please contact us through:

• Our support channels available on the platform
• The contact information provided in your account dashboard
• Email support with “Privacy” in the subject line

We are committed to addressing your privacy concerns promptly and transparently.