Privacy Policy
Last updated: April 2026
Neoly is currently operated under the name Neoly AI.
Neoly is built to minimize data collection. We do not sell personal data and we do not use your prompts, screenshots, or audio content to train public AI models.
1. Scope
This Privacy Policy applies to the Neoly desktop app, website, and related services that link to this policy (collectively, the "Services").
This policy does not apply to third-party services that you access through Neoly, such as AI model providers, payment providers, and external websites. Those services have their own privacy policies.
2. Data We Collect
We only collect data needed to run and secure the service.
2.1 Information you provide
| Category | Examples | Purpose |
|---|---|---|
| Account details | Email, authentication credentials | Account creation, login, support |
| Billing details | Transaction IDs, plan, invoice references | Subscriptions, payments, refunds, fraud prevention |
| Support data | Messages and attachments sent to support | Troubleshooting and account assistance |
2.2 Information collected automatically
| Category | Examples | Purpose |
|---|---|---|
| Device and technical data | OS version, app version, coarse region, error diagnostics | Reliability, debugging, security |
| Usage and metering data | Credit usage, subscription status, feature usage events | Billing accuracy and abuse prevention |
2.3 Content routed through Neoly
Prompts, screenshots, and audio that you submit are routed to the model provider you selected so the service can return a response.
- We do not store full conversation content on our servers by default.
- We do not sell this content.
- We do not use this content to train public models.
3. Sources of Data
We may receive data from:
- sign-in providers (if you use social login)
- payment providers
- service providers that help with infrastructure, support, and security
4. How We Use Data
We use personal data to:
- provide and maintain the Services
- authenticate users and secure accounts
- process subscriptions, credits, cancellations, and refunds
- detect abuse, fraud, and security incidents
- diagnose errors and improve reliability
- comply with legal obligations
- communicate about account, service, legal, and security updates
5. Legal Bases (EEA/UK/Switzerland)
If GDPR or UK GDPR applies, we process personal data under one or more of these legal bases:
- Contract: to provide the Services you requested
- Legitimate interests: to secure and improve the Services
- Consent: where required (for example, optional communications or non-essential tracking)
- Legal obligation: where required by applicable law
6. How We Share Data
We may share data with:
- AI providers you select to process your requests
- payment and billing providers
- infrastructure, security, analytics, and support vendors acting on our instructions
- legal or regulatory authorities when required
- a successor entity in a merger, acquisition, or asset transfer
We do not sell personal data for money.
7. International Data Transfers
Neoly may process data in multiple countries, including outside your country of residence.
For users in the EEA, UK, or Switzerland, where required we use transfer safeguards such as:
- adequacy decisions
- Standard Contractual Clauses (SCCs)
- other lawful transfer mechanisms
8. Data Retention
We retain personal data only for as long as needed for the purposes in this policy, including legal, accounting, dispute, and security obligations.
Retention periods vary by data type. Examples:
- account and billing records: retained for compliance and bookkeeping periods
- support data: retained for support continuity and dispute handling
- technical logs: retained for limited periods needed for security and debugging
9. Security
We use reasonable technical and organizational safeguards, including encryption in transit, access controls, and monitoring. No method of transmission or storage is fully risk-free.
10. Your Rights and Choices
Depending on your location and applicable law, you may have rights to:
- access your personal data
- request correction or deletion
- request restriction of processing
- object to certain processing
- request data portability
- withdraw consent where processing relies on consent
To exercise rights, contact support@neoly.ai.
10.1 EEA/UK/Switzerland
You may also have the right to lodge a complaint with your local data protection authority.
10.2 California and other US states
Subject to applicable law, you may have rights to know, delete, and correct personal information. Neoly does not sell personal information.
10.3 Nevada
Nevada residents may request to opt out of certain data sales under Nevada law. Neoly does not currently sell personal data as defined by that law.
11. Cookies and Similar Technologies
We use cookies and similar technologies for essential functionality and security. If we use non-essential cookies, we provide disclosures and consent controls where required by law.
See Cookie Policy.
12. Children
The Services are not directed to children under 16. If we learn we collected personal data from a child under 16 without appropriate authorization, we will delete it.
13. Automated Decision-Making
We do not make solely automated decisions that produce legal or similarly significant effects about users.
14. Changes to This Policy
We may update this policy from time to time. We will post the updated version here with a revised "Last updated" date. Material changes may also be communicated by email or in-product notice.
15. Contact
For privacy questions or rights requests, contact support@neoly.ai.