Privacy policy

Last updated: 2026-04-17 · Placeholder — replace with final counsel-reviewed text before launch.

What we collect

When you use Nausika via an authenticated MCP client we log request metadata (endpoint, timestamp, response status, duration), and the body of each tool invocation in our request_logs table. This lets us debug the beta, reproduce issues, and count calls for fair-use caps.

What we store

Account identifiers from GitHub or Google OAuth (email, username), API keys you create, boat profiles and favorites you save, and proposals you file for the community atlas. Images you attach to proposals are stored in an S3-compatible bucket.

Retention

Request logs: 30 days. Account + profile data: until you delete the account. Proposal history: retained indefinitely as audit trail but anonymised on account deletion.

Your rights (GDPR)

Access, rectification, erasure, portability. Email privacy@nausika.app with your account email and the specific request.

Cookies

We use a single HTTP-only session cookie (better-auth.session_token) to keep you signed in after OAuth. No third-party trackers.

Contact

Email privacy@nausika.app.