Privacy Policy

Last updated: March 2026 · Version 1.0

ZERO TELEMETRY ZERO TRACKING ZERO DATA COLLECTION

Nexxus does not collect, transmit, store, sell, or share any personal data. Ever. This policy exists to make that legally explicit.

1. Information We Collect

None. Nexxus is a locally-executed native application. It does not:

Phone home to any Nexxus server
Send crash reports, usage analytics, or telemetry of any kind
Track websites you visit, searches you perform, or files you open
Collect your IP address, device fingerprint, or hardware identifiers
Store any information in a cloud database associated with your identity

2. Local Data Storage

Nexxus stores configuration, history, and encrypted vault data only on your device, in the following local paths:

Linux: ~/.local/share/nexxus/
macOS: ~/Library/Application Support/nexxus/
Windows: %APPDATA%\nexxus\

You have full ownership and control of these files. Deleting the folder removes all Nexxus data from your device entirely.

3. Network Connections

Nexxus may initiate network connections only in the following circumstances, and only when explicitly configured or triggered by you:

Web browsing: Connections to sites you navigate to, routed through the Nexxus NxRoute encrypted relay network
Offline P2P mesh (SilicoNet): Direct device-to-device communication over local network or mesh radio — no internet required, no central server
Release updates: Only if you manually click "Check for Updates" — no automatic background checks
NxRoute network: Traffic routes through the Nexxus NxRoute multi-hop encrypted relay network with post-quantum cryptography; Nexxus does not depend on or route through Tor

4. Third-Party Services

Nexxus itself embeds no third-party analytics, advertising, or tracking SDKs. When you browse the web with Nexxus, third-party websites may attempt to track you; Nexxus provides built-in ad blocking and fingerprint protection to resist this.

The Nexxus website (this site) is hosted on GitHub Pages (owned by GitHub/Microsoft). GitHub may log access metadata as per their own privacy policy.

5. PDF Vault & Encryption

Files encrypted with the Nexxus PDF Vault are protected with three-layer AES-256-GCM + ChaCha20-Poly1305 + Argon2id encryption and stored exclusively on your device. Encryption keys are derived from your passphrase and never leave your machine.

6. Account System

Nexxus accounts are local-only in the current release. Your username and credentials exist only in your device's encrypted local store. There is no Nexxus authentication server, password reset service, or account recovery system in the cloud. If you lose your passphrase, recovery is not possible — this is by design.

7. Children's Privacy

Because Nexxus collects no data, no special provisions for children's data are required. Nexxus is suitable for users of all ages from a data-privacy standpoint.

8. Independent Verification

All privacy claims in this policy can be verified through independent network traffic analysis. Nexxus is built in Rust and makes zero outbound network calls for telemetry or data collection. You can confirm this with any packet inspector or firewall monitor.

9. Changes to This Policy

If this policy is ever updated, the new version will be posted at this URL with an updated "Last updated" date. Given that Nexxus collects no data, changes are expected to be minimal.

10. Contact

Questions about this privacy policy can be directed to the project maintainer via .