Privacy Policy
Effective Date: April 20, 2025 · Last Updated: April 20, 2025
Your privacy is foundational to Nuru. We are built on the principle of self-sovereignty — you own your identity and your data. This policy explains exactly what we collect, why we collect it, and what we will never touch. We keep it short because we have little to say: we don't collect what we don't need.
01Who We Are
Nuru ("we," "us," "our") operates the Nuru AI guide platform, the Nuru Wallet application, and the nuruai.org website (collectively, "the Services"). We are committed to protecting your personal information and your right to privacy.
If you have questions about this policy, please contact us at privacy@nuruai.org.
02What We Never Collect
Nuru never collects, stores, transmits, or has access to your private keys, seed phrases, master keys, wallet passwords, or any cryptographic secrets. These exist only on your device. We are architecturally unable to access them.
We also do not collect:
- Your wallet's private key or seed phrase — ever, under any circumstance.
- The contents of transactions you have not explicitly shared with us.
- Your on-chain asset balances beyond what is publicly visible on the blockchain.
- Biometric data stored on your device (Face ID, fingerprint — these are handled by your OS, not us).
- Sensitive personal data such as government ID numbers, social security numbers, or financial account credentials beyond what is required for optional AIN identity verification (see Section 4).
03What We Do Collect
We collect the minimum data necessary to provide, improve, and secure the Services.
| Data Type | What It Is | Why We Collect It |
|---|---|---|
| Account information | Email address (if you register), display name | Account creation and communication |
| Wallet address | Your public blockchain address (not your private key) | To associate your on-chain identity with app features |
| AI conversation data | Messages you send to the Nuru AI guide | To generate responses and improve AI quality |
| Device & app data | Device type, OS version, app version, crash reports | Bug fixing and performance optimization |
| Usage data | Feature interactions, session duration (anonymized) | To understand how the app is used and improve it |
| Network/IP data | IP address, general location (country/region) | Security, fraud prevention, legal compliance |
What We Do Not Sell
We do not sell, rent, or trade your personal information to any third party for advertising or commercial purposes. Full stop.
04Identity Verification (AIN)
If you choose to obtain an Alkebuleum Identity Number (AIN) or a physical Nuru Identity Card, you may be required to provide identity verification information such as your legal name, date of birth, or government-issued ID documents. This is an optional feature.
This information is:
- Collected solely for the purpose of issuing and verifying your on-chain digital identity credential.
- Processed in accordance with applicable KYC/AML regulations.
- Retained only as long as required by law or necessary to maintain your identity credential.
- Not shared with third parties except as required by law or as necessary to provide the verification service (e.g., identity verification partners).
The resulting AIN credential is stored on-chain as a cryptographic proof — it does not expose your raw personal data to the public blockchain.
05AI Conversations
When you interact with the Nuru AI guide, your messages are processed to generate responses. Please be aware of the following:
- Do not share private keys, seed phrases, passwords, or sensitive financial credentials in any AI conversation.
- AI conversations may be reviewed by Nuru staff to improve model quality and safety, subject to strict internal access controls.
- Conversation history may be stored to enable continuity across sessions. You can delete your conversation history at any time from within the app.
- Nuru does not use your conversations to serve third-party advertisements.
Reminder: Nuru will never ask you for your private key, seed phrase, or wallet password — in the AI chat or anywhere else. If something or someone claiming to be Nuru asks for these, it is a scam. Do not comply.
06Blockchain and On-Chain Data
The Alkebuleum blockchain is a public, permissionless ledger. Certain actions you take — such as deploying your smart account, executing transactions, or registering a .alke name — are recorded on-chain and are permanently and publicly visible to anyone.
Nuru has no ability to delete, modify, or conceal on-chain records. Blockchain transactions are irreversible by design. You should be aware that:
- Your wallet address and transaction history are public on the blockchain.
- On-chain credentials (such as your AIN or .alke name) are publicly associated with your wallet address.
- Nuru does not control the blockchain and cannot remove information from it.
07Cookies and Tracking
The nuruai.org website may use cookies and similar technologies for the following purposes:
- Essential cookies: Required for the website to function correctly (e.g., session management).
- Analytics cookies: To understand aggregate usage patterns and improve the site. We use privacy-respecting analytics tools and do not use Google Analytics by default.
We do not use advertising cookies, behavioral tracking pixels, or cross-site tracking technologies. You can control cookie settings through your browser preferences.
08Third-Party Services
The Services may interact with or link to third-party services, including:
- Blockchain RPC providers (to broadcast transactions to the Alkebuleum network).
- Identity verification providers (for optional AIN issuance).
- Cloud infrastructure providers (for app hosting and backend services).
Each third-party provider is subject to its own privacy policy. We select providers that meet our privacy standards, but we are not responsible for their data practices. We do not share your personal data with third parties except as described in this policy or as required by law.
09Data Retention
We retain your personal data only as long as necessary to provide the Services or as required by applicable law:
- Account data is retained while your account is active and for a reasonable period after deletion as required by law.
- AI conversation data is retained until you delete it or close your account, subject to legal hold requirements.
- Identity verification data is retained as required by KYC/AML regulations (typically 5–7 years depending on jurisdiction).
- Anonymized, aggregated analytics data may be retained indefinitely as it cannot be linked back to you.
10Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request that inaccurate personal data be corrected.
- Deletion: Request deletion of your personal data, subject to legal retention requirements. See our Account Deletion page for instructions.
- Portability: Request your data in a structured, commonly used, machine-readable format.
- Objection: Object to certain types of data processing.
- Withdrawal of consent: Withdraw consent for processing where consent is the legal basis.
To exercise any of these rights, contact us at privacy@nuruai.org. We will respond within 30 days. Note that some rights may be limited by applicable law or legal obligations.
Important: We cannot exercise rights over on-chain data on your behalf. Blockchain records are immutable and beyond any party's ability to delete or alter.
11Children's Privacy
The Services are not directed at children under the age of 18 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal data from minors. If you believe a minor has provided personal data to us, please contact us immediately at privacy@nuruai.org and we will take steps to delete that information.
12Security
We implement industry-standard technical and organizational security measures to protect the personal data we hold, including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews.
However, no system is completely secure. We cannot guarantee that our security measures will prevent all unauthorized access. In the event of a data breach that affects your rights, we will notify you in accordance with applicable law.
Remember: The most sensitive data — your private keys and seed phrase — never reach our servers. They are protected only by you and your device security. The safest information is the information we never see.
13Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page. For significant changes, we will provide notice through the app or via email. Continued use of the Services after changes are posted constitutes acceptance of the updated policy.
14Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy, please reach out:
Nuru — Privacy Team
Email: privacy@nuruai.org
Website: nuruai.org