What's actually private, and what isn't.
Most apps say "we respect your privacy" and stop there. Here is the whole picture: what leaves your device, who receives it, what we keep, and where the honest limits are. No marketing words you can't check.
What leaves your device, per action.
An AI that runs in your browser still has to send some things to answer you. Here is exactly what, and to whom, for each thing NOLO can do.
If you never turn on sync and never use a tool, the only thing that ever leaves your device is the message you send to get an answer.
What NOLO's own servers store.
We do keep a little, and we'd rather tell you exactly what than pretend it's zero. It's pseudonymous: tied to your anonymous ID, never to a name, email or raw IP, and never the content of your chats.
Per-message usage record
For each message we store a small row: your anonymous ID, the message type, which model answered, the token count, and your plan. This is how daily limits and billing work. We never store the text of your messages or the answers.
Your IP is only ever used as a salted, one-way hash to stop abuse, and that bucket is deleted within a week. It can't be turned back into your address.
Where the limits actually are.
Anyone can claim "fully private". These are the places where NOLO is not, stated plainly so you can decide for yourself.
Your history is on your device, but it is not encrypted at rest
Chats are stored in your browser's local storage in plain form. That keeps them off our servers, but it also means anyone with access to your unlocked device could open them. If that matters to you, use a device passcode and clear NOLO when you're done.
Drive sync is encrypted, but it is not true end-to-end
When you turn on sync, your chats are encrypted before they reach your Google Drive. But the key is derived from your Google account identifier, not from a password only you know, so it's strong obfuscation rather than zero-knowledge encryption. Treat it as "much better than plain", not "mathematically impossible for anyone".
Image generation uses a third-party, proprietary model
The chat models are open-weights and we name them. Image generation is the exception: it runs on a third-party provider's proprietary model. The prompt still goes through our server without your identity, but it's fair to know that one capability isn't open-weights.
Check it yourself in two minutes.
You don't have to take our word for any of this. The browser already gives you the tools to watch what NOLO does.
Open the network panel
In NOLO, press F12 and open the Network tab, then send a message. You'll see requests go to NOLO's own API and nowhere else, no ad networks, no analytics trackers, no third-party profilers.
Clear the storage
In the same panel, open Application → Storage and clear it. Your chats vanish, because that's the only place they live. There's no server copy to delete.
Check what was sent
Click any request to /api/chat and read the payload. There's no email, no name, no login token, just your anonymous ID and the message you chose to send.
Name the model
Ask NOLO which model is answering. It will tell you, the chat models are open-weights, so you can look up exactly what's running and judge it for yourself. See the comparison.
Straight answers.
Not exactly, and we won't claim it. We keep pseudonymous usage rows (your anonymous ID, token counts, the model used) for up to 90 days so limits and billing work. We never log the content of your messages and never store your IP in the clear. "No content logs, no identity" is accurate; "zero logs" would not be.
No. Sync stores an encrypted blob in your own Google Drive app folder. We don't hold the data and don't have a copy. The honest caveat is that the encryption key is derived from your Google identifier rather than a private password, so it's strong protection but not zero-knowledge end-to-end.
No. Your message reaches the provider, gets answered, and is discarded under their zero-data-retention terms. Because there's no account, there's also nothing for them to tie a message back to.
To enforce daily limits, process payments and stop abuse, the bare minimum to run a service without an account. It's pseudonymous and short-lived, and you can see precisely what it is above.
Private by design. Honest about the rest.
Open it, watch the network, read the payload. Then decide.