Privacy Policy

Last updated: April 24, 2026

Overview

Node Proxy provides infrastructure that lets you run services on your own hardware. Our design prioritizes keeping your data on your machine. This policy explains what data we collect, why, and how we handle it.

What stays on your hardware

Email messages, photos, files, and any data processed by services running on your device remain on your hardware. Node Proxy's edge proxy routes traffic to your device but does not persistently store the content of that traffic.

Exception: when you use the AI copilot or hosted inference API, your prompts — and any context you include with them — are processed on compute we operate on Microsoft Azure. See "Copilot and hosted inference" below.

What we collect

We collect information necessary to operate the service:

• Account information: email address, name, and authentication credentials when you sign up.
• Device information: device name, operating system, and connection status for devices you register.
• Usage data: aggregate metrics such as email volume, bandwidth usage, and device counts for billing and service operation.
• Logs: connection logs, error logs, and security events for troubleshooting and abuse prevention. These may include IP addresses and timestamps.
• Payment information: if you subscribe to a paid plan, payment processing is handled by Stripe. We do not store credit card numbers.
• Copilot prompts and responses: when you use the AI copilot or hosted inference API, the prompts you send and the responses the model generates pass through our infrastructure. See "Copilot and hosted inference" below for how body logging and retention are handled.

Email routing

When email is sent to your managed address, it passes through our edge proxy for authentication and spam monitoring and scoring before being delivered to your device. Outbound email from your device is relayed through our infrastructure for deliverability.

If your device is unreachable (powered off, disconnected, or otherwise unavailable), inbound emails are temporarily held on our servers to ensure deliverability. Held emails are delivered to your device once it reconnects and are removed from our servers after successful delivery. If your device remains unreachable beyond the hold period for your plan (Free: 3 days, Pro/Scale: 30 days), undelivered emails may be bounced back to the sender.

Copilot and hosted inference

The AI copilot and hosted inference API run the open-source Qwen 3.6 35B A3B model on GPU compute we operate on Microsoft Azure.

• Where prompts go: prompts and responses are processed on our Azure infrastructure. We do not send your prompts to any third-party model provider.
• Retention: by default, we do not log prompt, response, or tool-result bodies on the hosted inference lane. We retain operational metadata such as request IDs, account IDs, model names, status codes, token counts, latency, and high-level tool-use counters for billing, abuse prevention, and service operation.
• Training: we do not use your prompts or responses to train or fine-tune models without your explicit opt-in consent.

Third-party services

We use third-party services to operate Node Proxy, including cloud hosting and GPU compute providers (Microsoft Azure, including for the hosted inference API), email delivery services, and payment processors. These services may process data as necessary to provide their functionality. We select providers with appropriate security practices, but we encourage you to review their privacy policies as well.

Data retention

Account and billing data is retained while your account is active. Logs are retained for a reasonable period for operational and security purposes. You can request deletion of your account and associated data by contacting us.

Service improvement and model training

To improve Node Proxy, we may collect and analyze anonymized, aggregate interaction data such as:

• Agent API interaction patterns: sequences of API calls, response codes, and flow outcomes (e.g., install success/failure rates). This does not include the content of your emails, files, or personal data.
• Email classification metadata: spam scores, authentication results (SPF/DKIM/DMARC pass/fail), and classification decisions. We do not use the content of your emails for model training unless you explicitly opt in.
• Copilot interaction metadata: aggregate metrics such as prompt categories, response latency, and tool-use success/failure rates — not the prompt content. Prompt and response content is never used to train models without your explicit opt-in.
• Service health metrics: device connectivity patterns, tunnel health, and error diagnostics.

This data may be used to train or fine-tune machine learning models that improve service quality, such as better spam detection, smarter email routing, or more reliable agent orchestration.

Opt-in for content-level data: We will never use the content of your emails, photos, files, or other personal data for model training without your explicit, informed consent. If we offer an opt-in program for content-level data sharing, it will be clearly presented, fully optional, and revocable at any time.

Anonymization: All data used for model training is anonymized — personally identifiable information (names, email addresses, IP addresses) is stripped before any aggregation or analysis.

On-device option: Where feasible, we may offer on-device model improvements that do not require sending any data to our servers.

Security

All traffic between your device and our edge is encrypted using WireGuard. We implement reasonable security measures to protect account data and infrastructure.

Changes

We may update this policy from time to time. Significant changes will be communicated through the service or by email. Continued use of Node Proxy after changes constitutes acceptance.

Contact

For privacy-related questions, reach out to us at privacy@nodeproxy.ai.