Privacy Policy

Effective Date: July 25, 2025

TL;DR:

Hyperlink keeps your messages, chats, and documents completely local—nothing leaves your device by default.

Here’s exactly when Hyperlink interacts externally:

  • Downloading AI models: Only sends requests when you're actively downloading or searching for models.
  • Checking for updates: Only connects briefly to see if updates are available, to keep your app up-to-date.

Overview

Nexa AI Inc. (“we,” “our,” “us”) is committed to privacy. Hyperlink is an offline‑first desktop application that indexes and queries files locally on your device. This policy explains what limited information we collect, how we use it, and when data may leave your device.

1. Scope

Applies to the Hyperlink desktop software, its automatic update service, and any user‑initiated support requests (collectively, “Services”). It does not cover external websites or services you may access via links.

2. Data Processed

We do not collect or transmit your indexed files, file names, or queries. Crash logs are sent only if you manually attach them in a support email.

A. Indexed file content (your files)
  • Collected: No transmission.
  • Where it resides: stored and processed locally only.
  • Purpose: provide search and answer functionality.

B. Device metadata (OS, CPU/GPU, type)
  • Collected: Yes.
  • Where it resides: local config file.
  • Purpose: Choose optimal on-device model.

C. Update checks (app version)
  • Collected: Yes (minimal)
  • Where it resides: HTTPS request to AWS server.
  • Purpose: verify update eligibility and deliver patches.

3. Legal Basis for Processing (GDPR)

  • Contractual necessity – operating the app you installed.
  • Legitimate interests – protecting security, delivering updates.
  • Consent – any logs you choose to share in support emails.

    • 4. How We Use Information

  • Operate, maintain, and improve the Services.
  • Deliver updates and security patches.
  • Respond to support inquiries.
  • Enforce our Terms of Service.

    • 5.  Data Retention

  • Local data stays on‑device until you uninstall Hyperlink or delete its data folder.
  • Update‑check logs (device hash, version) are stored for 30 days on AWS for audit, then deleted.
  • Support emails are kept for the life of the ticket + 12 months.

    • 6. Security Measures

  • All network traffic to AWS update servers uses TLS 1.2+.
  • Update files are code‑signed; the app verifies signatures before install.
  • Access to support mailboxes is limited to authorised Nexa AI staff.

    • 7. Your Rights

    Where applicable, you have rights to access, rectify, erase, or export personal data, and to object or restrict certain processing. Email octopus@nexa.ai; we respond within 30 days.

    8. Children

    Hyperlink is not directed to children under 13 (or equivalent minimum age). We do not knowingly collect personal data from children.

    9. Changes to This Policy

    We may update this policy occasionally. When we do, we'll post the new version on this page with a reasonable amount of time before the changes take effect.

    10. List of Third-Party Service Providers

    We rely only on Amazon Web Services (US) to host update files and receive minimal update‑check requests. No other third‑party processors are involved.

    11. Google API Services Disclosure

    If our application accesses your data through Google APIs (such as Gmail, Drive, or Calendar), we adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

    • We only use access to read, write, or modify your Google data to provide or improve user-facing features of our application that you explicitly request.
    • We do not transfer this data to others unless it is necessary to provide or improve user-facing features, complies with applicable laws, or forms part of a merger, acquisition, or sale.
    • We do not use your Google data for advertising or any purpose other than providing or improving features directly visible to you.
    • We do not allow humans to read your data unless:
      • We have your affirmative agreement,
      • It is necessary for security purposes (such as investigating abuse),
      • To comply with applicable law, or
      • Our use is limited to internal operations and the data (including derivations) have been aggregated and anonymized.
    • Data obtained through Google Workspace APIs is used solely to provide user-facing features within the Hyperlink OS product. We do not use such data to develop, improve, or train generalized AI and/or machine learning models, including non-personalized models.

    For more information, see Google API Services User Data Policy.

    12. Contact Us

    If you have questions about this Policy, please contact us at: octopus@nexa.ai.

    Nexa AI, Inc.