Privacy Policy

This Privacy Policy explains how Nitrograph Inc. ("Nitrograph," "we," "us," or "our") collects, uses, discloses, and protects information when you use nitrograph.com, api.nitrograph.com, the Nitrograph MCP server, the Nitrograph CLI/npm package, documentation, and related services.

Nitrograph is a discovery layer for agent-usable services. It helps agents find services, inspect service details, understand payment requirements, and report outcomes. Nitrograph is not a proxy for the third-party services it recommends.

Website and documentation data. When you visit our website or docs, hosting providers may process standard request information such as IP address, user agent, referring page, requested URL, timestamps, and error logs.

Discovery and API data. When you use Nitrograph discovery, MCP, CLI, or the TypeScript harness, we process the natural-language discovery query, explicit filters, selected service slug, optional service-detail task context, request metadata, session identifiers, rate-limit metadata, and diagnostic logs needed to operate the service. Discovery queries may be sent to an embedding provider to rank services and may be held in short-lived in-memory caches for performance.

Outcome reports. If an agent or user reports whether a service call worked, we process the submitted service slug, success/failure status, endpoint, latency, error code, diagnosis, suggested fix, wallet or hashed IP reporter attribution, and timestamp.

Pattern reports. If an agent or user reports a reusable workflow, we process the submitted service slug, task, steps, endpoint sequence, cost, latency, success status, wallet or hashed IP reporter attribution, and timestamp. Step objects may include parameters or templates if the reporting agent sends them.

Payment and access metadata. If you use paid or pay-to-continue flows, we may process payment challenge metadata, wallet or payment-session identifiers, transaction hashes, payer address, network, amount, source IP, authorization/session tokens, balances, and related fraud-prevention or accounting metadata. We do not custody private keys.

Contact information. If you email us, submit an inquiry form, join our community channels, request support, or opt out of health checks, we process the contact details and message content you provide.

Service registry and health-check data. Nitrograph indexes public or submitted service metadata and runs health checks against indexed endpoints. Health checks may record status, latency, payment challenge metadata, selected response headers, and limited response body snippets when needed to validate a payment challenge. Those probes are described at /bot.

Nitrograph does not proxy your traffic to the third-party service you select. Your agent calls the selected service directly.

Because of that architecture, Nitrograph does not automatically receive the user-side payload sent to the selected third-party service or the third-party service's response.

Nitrograph can receive payload-like information when you or your agent choose to send it to Nitrograph, including discovery queries, service-detail task context, outcome diagnoses, suggested fixes, pattern-report tasks, and pattern-report steps. You control what is included in those fields.

Do not send secrets, private keys, bearer tokens, passwords, sensitive personal information, regulated data, or confidential customer data in discovery queries, service-detail task context, outcome reports, pattern reports, support messages, or public service metadata.

We use information to provide and operate Nitrograph, rank and return relevant services, generate service detail and call-card responses, enforce rate limits, process pay-to-continue access, maintain service health signals, debug reliability issues, prevent abuse, improve ranking quality, communicate with you, comply with legal obligations, and protect Nitrograph, users, and service providers.

We may share information with infrastructure, hosting, database, analytics, logging, payment, security, and support vendors that help us operate Nitrograph.

We may disclose information if required by law, legal process, or to protect rights, safety, and security.

We may share information in connection with a merger, financing, acquisition, reorganization, or sale of assets.

When your agent chooses a third-party service, your relationship with that service is governed by that service's own terms and privacy policy. Nitrograph does not control third-party service privacy practices.

The Nitrograph marketing site is designed to work without requiring an account. We may use necessary storage or logs for site delivery, security, and debugging. If we add analytics, advertising, or optional cookies later, we will update this policy or provide any legally required notices and controls.

We retain information for as long as needed to operate Nitrograph, maintain the service registry, enforce usage limits, investigate abuse or reliability issues, comply with legal obligations, resolve disputes, and improve service quality.

Outcome reports and pattern reports may be retained because they improve future search quality. After multiple independent reporters submit matching evidence, diagnoses may be promoted into gotchas and successful workflows may be promoted into proven patterns that are visible in service detail responses. We may delete or de-identify operational logs when they are no longer needed.

Health-check observations are retained for operational reliability and may be pruned on a schedule. Session balances and payment-session metadata expire according to the applicable session lifetime, while payment transaction records may be retained longer for accounting, anti-abuse, and dispute purposes.

We use reasonable technical and organizational safeguards designed to protect information. No internet service is completely secure, and we cannot guarantee absolute security.

Nitrograph may process information in the United States, Canada, and other jurisdictions where we or our service providers operate. Those jurisdictions may have data protection laws that differ from the laws where you live.

Depending on where you live, you may have rights to request access, correction, deletion, portability, restriction, or objection regarding personal information. You may also have the right to withdraw consent where processing is based on consent.

To make a privacy request, contact us at info@nitrograph.com. We may need to verify your request before responding.

To opt out of Nitrograph Health Check probes for a domain you control, follow the instructions at /bot or email info@nitrograph.com with your domain.

Nitrograph is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

We may update this Privacy Policy from time to time. When we do, we will update the date above. Your continued use of Nitrograph after an update means the updated policy applies to future use.

For privacy questions or requests, email info@nitrograph.com.

Nitrograph Inc.