Privacy Policy

1. Introduction

Nodian Directory ("Nodian," "we," "us," or "our") operates the website at nodian.directory (the "Service"). This Privacy Policy describes what personal data we collect, how we use it, and your rights regarding that data. By using the Service you accept the practices described here. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Account Data (via OAuth)

When you sign in with Discord or Google, we receive and store your email address, display name, and avatar URL from the OAuth provider. We do not receive or store your passwords.

2.2 Usage Data

We collect information about how you interact with the Service, including pages visited, items viewed, search queries, filter selections, and feature usage. This data helps us improve recommendations and the overall experience.

2.3 Browser Storage

We use browser localStorage to store your browsing history, tag affinities, and personalization preferences locally on your device. This data powers the personalized feed and does not leave your browser unless you are signed in and sync is enabled.

2.4 Technical Data

We automatically collect browser type, device information, IP address, and approximate geolocation (country/region level) for security, analytics, and service improvement.

2.5 Hardware Profile

If you use the "My Setup" feature, you may voluntarily provide your GPU model, VRAM amount, and installed ComfyUI nodes. This data is used solely for hardware compatibility matching.

3. How We Use Your Data

• Provide, operate, and maintain the Service
• Personalize your experience and content recommendations
• Analyze usage patterns to improve features and performance
• Train and improve our recommendation algorithms and AI systems using anonymized and aggregated data
• Communicate service updates and announcements
• Prevent abuse, fraud, and ensure security
• Comply with legal obligations

4. Data Sharing — We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for monetary consideration. We have not sold personal information in the preceding 12 months and do not intend to do so.

We may share limited information with the following categories of service providers who help us operate the Service, under strict data processing agreements:

• Authentication providers: Discord (Privacy Policy) and Google (Privacy Policy)
• Database and hosting: Supabase (PostgreSQL)
• Payment processing: Polar.sh (Privacy Policy) and Stripe (Privacy Policy). We do not store your payment card details.

We may also share anonymized, aggregated data that cannot identify you for analytics and research purposes.

5. Internal Use of Data

We reserve the right to use data collected through the Service for internal purposes, including:

• Improving content recommendations and personalization algorithms
• Analyzing service performance and user behavior patterns
• Training machine learning models and AI systems on anonymized data
• Conducting internal research and analytics

When personal data is used for these purposes, we apply privacy protections including data minimization, anonymization, access controls, and retention limits.

6. Cookies & Local Storage

We use essential cookies for authentication and session management. We use browser localStorage to store personalization preferences and browsing history locally on your device. We do not use third-party tracking cookies. You can clear localStorage and cookies through your browser settings at any time.

7. Third-Party Content

The directory links to third-party platforms including GitHub, HuggingFace, CivitAI, Reddit, and YouTube. We are not responsible for their privacy practices. We encourage you to review their respective policies.

8. Data Retention

• Account data: Retained while your account is active and for 12 months after account deletion
• Usage data: Anonymized after 90 days
• Browser localStorage: Stored on your device until you clear it

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access — Obtain a copy of the personal data we hold about you
• Rectification — Correct inaccurate or incomplete data
• Erasure — Request deletion of your personal data
• Portability — Receive your data in a machine-readable format
• Object — Object to processing based on legitimate interests
• Withdraw Consent — Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, contact us at contact@nodian.directory. We will respond within 30 days.

10. California Residents (CCPA)

If you are a California resident, you have the right to know what personal information we collect, request its deletion, and opt out of any sale or sharing of personal information. As stated above, we do not sell your personal information. To submit a request, contact us at contact@nodian.directory.

11. Security

We implement industry-standard security measures including encryption in transit (TLS), secure authentication via Supabase Auth, role-based access controls, and regular security reviews. No method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

12. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification. Your continued use of the Service after changes constitutes acceptance of the updated policy.

14. Contact

For privacy inquiries or to exercise your rights, contact us at contact@nodian.directory