nilGPT - Privacy Policy

Effective: 12th November 2025

nilGPT is a dApp that allows you to interact with various large language models (LLMs) stored in a trusted execution environment (“TEE”) through a unified interface. This Privacy Policy explains how we collect, use, and when we may disclose your personal data when you use our website, applications, and other places where Nillion Labs Limited acts as a data controller. If you have any questions, you can contact us at [email protected].

1. Collection of Personal Data

We may collect the following categories of personal data depending on how you use our Services:

1.1. Personal data you provide to us directly

Account Information: When you use our Services, nilGPT collects identifiers, including your name, wallet address and email address, and may also collect or generate identifiers (e.g., User123).
Payment Information: We (via our third-party partners, such as Stripe) collect your payment information if you purchase our Services.
Communication Information: If you communicate with us or interact with our social media pages, we collect information, including your contact information and the contents of your messages or posts. We also collect your feedback on our Services.

1.2. Personal data we receive from your use of our Services

When you use our Services, we also receive certain technical information, including:

Device Information. Depending on your device or browser permissions, your device or browser automatically sends us information about when and how you access or use our Services, such as your device type, operating system information, browser information, internet service provider (ISP), and IP address.
Usage Information. We collect information about your use of our Services, such as the dates and times of access, pages you view, and about how you use our Services.
Log Information. We collect information about how our Services are performing when you use them, including log files and information about any error.
Cookies.
- Essential Cookies. We use strictly necessary authentication cookies to enable secure access to our application through Privy, our wallet authentication provider. These cookies are essential for ensuring the proper functioning of the login and security features of the service and expire automatically once your session ends. Because these cookies are technically necessary to provide the service (i.e., secure login), they cannot be disabled. Its use is based on our legitimate interest in ensuring the security and functionality of the application, in line with Article 6(1)(f) GDPR. For more information on how Privy handles these cookies see their privacy policy here.
- Optional Cookies and Pixels. With your consent, we may also use optional cookies and tracking technologies (such as pixels) from third parties, such as Reddit and X (formerly Twitter). These technologies help us understand the effectiveness of our marketing campaigns, measure engagement, and deliver relevant ads to you on external platforms. These cookies are only activated if you opt in to non-essential cookies. The processing of data through these technologies is based on your consent, in line with Article 6(1)(a) GDPR. You can withdraw your consent at any time through your cookie settings.

1.3. Personal data we may receive through the iOS app

You may choose to access or create an account on our Platform using your Apple ID through the “Sign in with Apple” feature provided by Apple Inc. (“Apple”). By selecting this option, you authorize us to receive from Apple certain account information, including your name and email address (or an anonymized relay email address if you select the “Hide My Email” option). We offer “Sign in with Apple” as a convenient way to register or log in. When you choose this option, we receive from Apple:

A secure authentication token;
Your name (if provided); and
Your email address or a unique, anonymous relay email address if you select “Hide My Email.”

We use this information exclusively to authenticate your identity, create your account, and communicate with you when necessary (e.g., password recovery or account notices).