Home
Docs/Support

How I Handle Your Data

When you're a one-person operation, privacy is a balancing act.

The more I guarantee, the more fragile my servers become—there's no security team on call, no SRE on rotation, no legal team tracking compliance updates in real time. What I can do is keep the principles simple and clear: everything you can verify, I lay bare; everything you can't verify, I commit to on principle. Restraint is more responsible than empty promises—for you, and for me.

This document makes three things clear: which data never leaves your computer, which data leaves only when you actively trigger it, and how I handle it once it's gone.

Three Hard Commitments

Before getting into the details, let me state the three most important things plainly. These three won't change because of a vendor switch, a contract revision, or my own momentary convenience.

提示

I do not use your data to train any AI model.

Nephele doesn't train models—I don't have the tech stack for it, and I have no intention of doing so. I use paid-tier AI inference services, the kind that contractually guarantee they won't use paying customers' data for model training.

提示

I do not sell your data to any third party.

Data monetization isn't part of my business model. Nephele survives on license fees and cloud-credit top-ups, not on data.

提示

I do not proactively share your data with any third party (unless legally compelled—for example, upon receiving a valid request for judicial assistance).

"Third party" means any entity outside Nephele: advertisers, analytics companies, research institutions, training datasets.

1. Where Your Artwork Data Goes

This is the part illustrators care about most. I'll break it into four layers by "whether it leaves your computer."

Layer 1: Fully Local, Never Leaves

The following features run without any network; your images and the related data live only on your hard drive from start to finish:

  • Local quick commands: Instructions like "open Photoshop" or "open the Downloads folder" are executed directly by the local rule engine—no AI, no network, and your input never leaves your computer
  • Invisible watermark embedding and extraction: Built on the open-source blind_watermark library (DWT-DCT-SVD frequency-domain algorithm), entirely local and offline. Source: tools/packer/watermark_protection.py
  • Local image tag recognition: Uses public image-tagging models (PixAI Tagger v0.9 by default, falling back to WD SwinV2 Tagger v3 if not downloaded), inferred locally via ONNX Runtime. Source: tools/eagle_tagger/tagger.py
  • Local similar-image search: Reuses the 1024-dimensional EVA02 vectors produced as a byproduct of tagging, doing cosine-similarity matching locally; text-to-image search and style classification use a separate local CLIP model—all running on your computer
  • Perceptual hashing (pHash / dHash / aHash): Computed locally using the public imagehash library
  • AI-credential detection: Purely local parsing of an image's metadata and credential fields (no pixel-level ML inference). Source: tools/validator/logic.py
  • Eagle library integration: Reads your local .library directory directly, without going through any HTTP interface
  • File operations, image cropping and format conversion, Python scripts, browser automation, Pipeline batch processing, local backup Git: all local

The source code for these modules is right there in your desktop install directory. You, an independent security researcher, even a lawyer working against you—all of you can open the code and verify this.

Layer 2: Only the Hash Is Sent, Never the Original

Digital timestamping is the hardest-edged part of Nephele's security promise. The process is open-source and auditable (source: tools/rights/tsa_client.py):

  1. Your artwork is hashed locally with SHA-256 (256 bits)
  2. Only those 256 bits of hash are sent to a third-party Timestamping Authority (TSA); the original artwork never leaves your hard drive
  3. The TSA (for example, FreeTSA, independently operated in Austria, while DigiCert and IdenTrust are public CA institutions in the US) follows the RFC 3161 international standard, using its own private key to sign "(hash + current time)" and returns a Timestamp Token (TST)
  4. You store the TST locally; to verify, you use the public libraries rfc3161ng + asn1crypto, without ever relying on Nephele's servers

技巧

The result: The TSA never sees your original image (it only receives 256 bits of hash). Any judicial authority, notary office, or third-party technical expert can independently verify your evidence using the public timestamping protocol + CA certificate chain. Even if Nephele disappears tomorrow, every timestamp you've issued in the past remains valid.

Layer 3: Compressed and Stripped of Metadata Before Upload

Some features have to send images to the cloud (for instance, letting cloud AI look at an image, or running a reverse search to find stolen copies). In these cases, the image goes through one round of local preprocessing before it leaves your computer:

  • Scaled down to 1536 pixels (on the long edge); visual matching doesn't need the original resolution
  • Re-encoded as JPEG at quality 85, typically shrinking from 10–30 MB to 100–300 KB
  • Explicitly stripping EXIF / XMP / ICC metadata—meaning the GPS coordinates, camera serial number, capture time, author field, and Photoshop edit history your original might carry will not be uploaded along with the image

This step is a deliberate security design, not a side effect. Source: core/agent_loop.py::_encode_image_for_vision, tools/rights/image_search.py::_prepare_image_for_upload.

Layer 4: Outbound Transfers You Actively Trigger

Reverse image search (checking where stolen copies of your work are circulating, inside the rights-protection tool) is a feature you'll only trigger knowingly:

  • After the image goes through Layer 3's compression + EXIF stripping, it's uploaded to my temporary storage
  • Automatically deleted within 24 hours (enforced by storage-side lifecycle rules, not relying on code to clean up afterward)
  • A few public reverse-search engines well known in illustrator circles are called (SauceNAO, IqDB, Baidu Image Search, and a general-purpose image-recognition service)
  • These engines fetch your image from the temporary URL to do visual matching—this is inherent to how reverse search works, and you should know it even if I don't spell out each name
  • Their retention of the image is governed by their own terms of service, and I can't make promises on their behalf
  • The same reverse search also includes two engines that do not transmit the image externally: library comparison runs entirely on your local machine, offline; image-host exact matching only sends the image's 32-bit hash, so the original never leaves your hard drive

注意

If you're working on an NDA project, an unreleased commission, or any work sensitive to leaks, please don't use the reverse-search feature. The very nature of reverse search is to let public third-party engines take a look at your image—no matter how clean I make the process, that step can't be removed.

2. Where Your Conversations With the AI Go

Cloud AI conversation is Nephele's core paid feature, and also the scenario where the most data leaves your computer. Let me be honest about it.

Without Cloud AI, the Vast Majority of Features Work as Usual

Nephele has multiple local AI models built in—image tagging (PixAI Tagger by default, falling back to WD Tagger), CLIP style recognition and text-to-image search, EVA02-vector image-to-image search, multilingual semantic search (gte-multilingual)—all running on your computer via ONNX. Tagging, indexing, image-to-image search, semantic search, watermarking, timestamping, rights protection, AI-credential detection, file operations, Pipeline—none of these need the cloud; they work offline. Explicit quick commands (opening apps/paths) are also executed directly by the local rule engine—no AI, no network.

What genuinely needs the cloud is natural-language conversation with Nephele—having it plan tasks, call tools, search the web, and other Agent capabilities (the early local offline conversation model Ollama was removed in mid-2026 because almost no one used it; local mode now only runs the rule engine to handle explicit commands like opening apps/paths). In other words: you can absolutely complete the vast majority of your work using local features alone; only when you ask Nephele to "understand, analyze, and act" does the message go to the cloud—and even then, the boundaries below provide a backstop.

Cloud AI Conversation

When you make a request to Nephele that requires AI processing:

  • Your message (text + images processed through Layer 3) is forwarded through my server to the AI inference service I currently use
  • I use a paid-tier API; per the contract terms, your data is not used for model training
  • I may switch AI vendors in the future to get better results or more compliant terms
  • Whichever I use, the principles don't change: no training, no selling, no sharing with third parties

Why I Temporarily Retain Conversation Content

I temporarily retain your cloud conversation content, limited to two purposes:

  1. Bug diagnosis: When the cloud AI errors out, without the actual conversation context I'd just be fixing blind
  2. Product iteration: Observing real usage scenarios to improve Agent behavior and prompts

Access: only I (CreatorAris, a one-person operation) can access it. No team, no third-party analytics platform, no dataset export.

The retention scale is something I manage; it does not constitute a long-term conversation database.

提示

If your conversation involves an NDA project or unreleased IP: organizing, tagging, indexing, image-to-image search, watermarking, and timestamping can all be done offline with the local built-in models, never touching the network—use them with confidence. Content only goes to the cloud when you need the cloud Agent to analyze/plan for you—and cloud content is bound by the three hard commitments above (no training, no selling, no sharing). The server access logs also don't contain image content.

3. Identity, Device, and Payment

Registration Only Collects an Email

A Nephele account only needs an email—no phone number, no real-name verification, no ID card, no address, no real name.

The email is used to: receive login magic links / verification codes, send license-expiry reminders, and process account-deletion or refund requests.

The Device Fingerprint Is a Hash, Not a Raw Identifier

Nephele uses a device fingerprint for device binding (limiting simultaneous logins to 2 devices, detecting account theft). This fingerprint is a UUID derived through one-way hashing of several stable fields on your system—not your hardware's real ID.

Nephele does not collect your MAC address, CPU ID, disk serial number, BIOS serial number, IMEI, or any hardware identifier that could track you long-term. What we store long-term on the server is only the derived hash, never the raw fields used to derive it.

Your Card Number Never Passes Through Nephele

WeChat Pay and Alipay handle transactions directly; your bank card number, CVV, and payment password never pass through any Nephele server. I only receive a payment-success notification + order number + the payer's anonymous identifier (WeChat openid / Alipay buyer_id), used for refund review and fraud prevention.

Refund-Related Data Is Retained Permanently

Once you initiate a refund, the following data is retained permanently:

  • The refund record (order number, amount, time, refund reason)
  • The device fingerprint hash used at refund time
  • The payer's anonymous identifier at refund time

The reason is anti-refund-fraud—each account, each device, and each payer is limited to one refund for life. This is standard industry practice. Data for ordinary, non-refunded orders is also retained for the period required by financial and tax compliance.

4. Telemetry and Usage Statistics

Nephele uses an independent anonymous usage-statistics service to understand feature usage. I only collect event-level data:

Event TypeWhat's CollectedWhat's Not Collected
app_launchedApp version, OS versionAny personal information
chat_message_sentConversation mode, success/failure, durationMessage content, image content, input text
local_tool_usedTool name, success/failure, durationTool input parameters, file paths
pipeline_startedPipeline type, input countFile content, file names
api_usedEndpoint name, response codeRequest body, response body

The only field that might carry a little context: the error field on error events captures the first 200 characters for crash diagnosis. This field may include partial file paths or error descriptions from the exception stack. I don't consider this a privacy risk, but you should know about it.

Can be turned off with one click: Settings → Appearance & Behavior → turn off "Anonymous Statistics." Once off, the statistics client doesn't initialize at all, sends no events, and reports nothing.

5. Server Access Logs

Like every internet service, my server records basic metadata for API access:

  • Your IP address (from the CDN's incoming header)
  • Your account ID (after authentication)
  • Which endpoint was called, and when
  • How much data was returned, and whether it succeeded

Does not include: message content, image content, request body.

Purpose: monitoring service health, preventing abuse (quota farming, brute-forcing, crawlers), billing reconciliation, and security-incident tracing.

Retention period is something I manage. IPs placed on the ban list are retained permanently (anti-abuse).

6. What You Can Control

This isn't a for-show checklist. Every item corresponds to a button you can actually click in the desktop app.

Turn off telemetry: Settings → Appearance & Behavior → turn off "Anonymous Statistics"

Use local features only: Tagging, indexing, image-to-image search, semantic search, watermarking, timestamping, file operations, and more all run on local built-in models, entirely offline; the vast majority of work doesn't need cloud AI

Delete local conversation history: Conversation history is stored entirely in a local SQLite database on your machine:

text
~\.nephele_workshop\chat_history.db

Manually deleting this file clears all history. The next launch automatically rebuilds an empty database.

Clear the memory system: Nephele's memory system is stored at:

text
~\.nephele_workshop\memory\MEMORY.md
~\.nephele_workshop\memory\logs\

Deleting these files clears the memory. Or just say "forget this" in conversation, and the Agent will call the memory_delete tool to remove the corresponding memory.

Delete your account: Send an email to [email protected]; the email must come from your registered address and state your intent to delete. After manual review within 7 business days, your account data is purged (retaining refund audit records + content required for financial compliance for the necessary period).

提示

Why no one-click delete button?

In a one-person operation, deletion is irreversible. I'd rather spend the extra 7 business days on manual review than have an illustrator permanently lose their license and timestamps because of a phishing email, account theft, or a misclick. The email process gives me a chance to verify the request's authenticity, and gives you a cooling-off period to change your mind. This isn't a sacrifice of convenience—it's a preservation of safety.

7. If Nephele Shuts Down

This is a question you must ask, and I must answer.

Your digital timestamps remain valid: RFC 3161 timestamps are issued by independent third-party TSAs (FreeTSA / DigiCert / IdenTrust and the like are all independent institutions that existed before Nephele and will exist after it). Verification needs only the public TSA protocol + CA certificate chain, and any judicial authority, notary office, or technical expert can do it independently.

The rights-evidence package (.nep file) is independently verifiable: The package self-contains screenshots, source-code snippets, certificate chains, and network logs. Opening it reconstructs the full chain of evidence, with no dependency on Nephele's servers. The independent verifier is deployed at verify.arisfusion.com—pure in-browser local computation, a single-file frontend app (right-click "View Page Source" in your browser to audit the full implementation), MIT-licensed. Save this HTML file locally, and even if the domain goes offline someday, you can keep using it to verify evidence.

Invisible watermarks remain extractable: The extraction algorithm is pure local math (DWT-DCT-SVD frequency-domain transform). As long as you've saved the original seed and watermark configuration, you can keep extracting the watermark from any circulating copy of the image.

Local tools remain usable: Per the promise in Pricing & Payment, local features are a one-time purchase, free forever. Even if the Nephele company disappears, the desktop app you've already installed won't be remotely disabled (this one I wrote into the license-system code—it's not a verbal promise).

Closing

This document won't stay fixed. As Nephele grows, as my understanding updates, and as industry norms evolve, I'll keep revising it. Each revision will be noted in the version changelog.

If you find anything ambiguous, contradictory, or handled in a way you think it shouldn't be, just email [email protected] directly. The upside of a one-person operation is: your feedback will actually be read.

—— CreatorAris

提示

Related Documents

Last updated Jun 21, 2026·Applies to v0.5.2-beta