npmuzei.org
Privacy

Privacy Policy

Last updated: 2026-05-25

This Privacy Policy explains what data npmuzei ("we") collects when you use npmuzei.org, how we use it, and the rights you have over that data. By using the site you agree to this policy.

Summary in plain English

  • We do not require you to create an account.
  • We do not store your chat conversations on our servers — chats live only inside your browser tab.
  • We do not run third-party analytics, ad networks, or tracking pixels.
  • We do set a signed cookie to track your daily token quota.
  • We do log your IP address and request timing to operate the service.
  • We do send your prompt to a chosen AI model provider (one of several frontier open-model platforms we route to) to generate the response. Each provider has its own privacy policy.

1. Data we collect

Quota cookie (npmuzei_vid)

On your first visit we set a signed, httpOnly cookie containing a random ID (no PII). It lasts 365 days and lets us enforce the 1M token daily quota even if your IP changes (mobile networks, VPNs).

IP address and network metadata

Every HTTP request includes your IP. We extract the IP and a coarse subnet (a /24 IPv4 or /48 IPv6 prefix) and store a per-day token counter against each. This is necessary to prevent a single visitor from exhausting the shared free quota.

Prompts sent to AI models

When you generate a response, your prompt and any prior chat turns in this session are forwarded to a third-party AI model provider that runs the model you selected. That provider's own privacy policy applies to that processing. We do not name our providers publicly because the routing set may change at any time.

We do not store your prompts after the response finishes. We only record the token counts for billing-style quota enforcement.

Operational logs

Apache and our Node app log request method, path, status, response size, user agent, and referrer. These are kept for at most 30 days for security and debugging, then deleted.

2. What we don't collect

  • No email addresses, names, phone numbers, or any sign-up data — we don't have accounts.
  • No payment information — the site is free.
  • No browser fingerprinting, no canvas / audio fingerprints.
  • No third-party analytics (Google Analytics, Facebook Pixel, etc.).
  • No advertising cookies.

3. Cloudflare

npmuzei.org is fronted by Cloudflare for DDoS protection and CDN caching. Cloudflare receives every request and may set its own operational cookies (e.g. __cf_bm). See Cloudflare's privacy policy at cloudflare.com/privacypolicy.

4. Your rights (GDPR / CCPA)

Because we don't collect personal data tied to an identity, there is very little to access, correct, or delete. If you want us to clear the token usage row associated with your IP / cookie ID, email [email protected] with the approximate time you visited and we'll remove the row.

5. Data retention

  • Token usage rows: kept for 7 days, then auto-pruned.
  • Server logs: kept up to 30 days.
  • Quota cookie: 365 days client-side; you can clear it any time in your browser.

6. Children

npmuzei is not directed at children under 13. We don't knowingly collect data from children. If you believe a child has used the service in a way that exposed personal data, contact us and we'll delete the relevant row.

7. Changes

If we change this policy we'll update the "last updated" date at the top. Material changes will be highlighted on the homepage for at least 14 days.

8. Contact

Questions about this policy: [email protected]. See also Terms of Service and Disclaimer.