Privacy Policy

Nightcap is built to be anonymous. You do not need an account. We do not collect your name, email, or any personal information to use the core product.

• IP addresses (hashed): We store a SHA-256 hash of your IP address, used only for ban enforcement. We never store your actual IP address.
• Session tokens: A random token stored in your browser's localStorage. Never transmitted to our database unless you purchase a Boost.
• Reports: When you report a user, we store hashed IPs and the report reason. No conversation content is stored.
• Moderation flags: If our AI moderation system flags a session, we log the category and confidence score. We do not store video frames.
• Boost purchases: If you buy a Boost, Stripe processes your payment. We store the Stripe Payment Intent ID and your session token (not personal data).

• Video or audio content from your sessions
• Your real name or email address
• Conversation transcripts or message content
• Device fingerprints or persistent tracking identifiers
• Location beyond what your browser voluntarily provides (which we don't request)

• Stripe: Processes Boost payments. Subject to Stripe's privacy policy.
• AWS Rekognition: Analyzes sampled video frames for content moderation. Frames are not stored.
• OpenAI: Moderates text chat messages. Message text is sent to OpenAI's moderation API and not stored by us.
• Cloudflare: Provides DDoS protection and CDN. Cloudflare may log request metadata per their privacy policy.

• Hashed IP bans: deleted when the ban expires (max 30 days for temporary bans)
• Session reports: retained for 90 days then deleted
• Moderation flags: retained for 30 days
• Boost purchase records: retained for 3 years for accounting purposes

Under GDPR and CCPA, you have rights to access and delete data associated with you. Since we don't collect personal data, there is typically nothing to access or delete. For any data concerns, email privacy@nightcap.chat.

Questions? Email support@nightcap.chat