Privacy Policy
Last updated: June 14, 2026
Our Core Principle: Local First
Nymara is architected as a local-first application. The vast majority of processing, storage, and computation happens entirely on your Windows machine. We do not operate a cloud service that processes your media library, file names, or metadata.
What We Do Not Collect
- Your media library contents, file names, or folder structures
- Your TMDB API key or Jellyfin credentials (stored locally with DPAPI encryption)
- Your IP address during normal app usage
- Any telemetry about what you organize or when
What We May Collect
Crash Reports (Opt-Out)
Nymara uses Sentry for automated error reporting. If the app crashes or encounters an unhandled exception, a crash report may be sent to our error tracking service. These reports contain:
- Stack traces and exception details
- App version and operating system version
- General hardware information (CPU architecture, RAM)
Crash reports do not contain file paths, media titles, API keys, or any personally identifiable information. You can disable crash reporting in Settings → Privacy.
License Validation (Opt-In Online Check)
For Pro and Lifetime licenses, Nymara validates your license key locally using an embedded public key. An optional online check can be enabled to verify that your key has not been revoked. This check sends:
- A SHA256 hash of your license key combined with a device identifier
- Your current tier (Pro or Lifetime)
No other information is transmitted. The online check fails open: if you are offline, validation succeeds locally. You can disable online checks in Settings → License.
Website Analytics
When you visit nymara.dev, we may use standard server logs and privacy-respecting analytics to understand traffic patterns. This includes:
- Anonymous page view counts
- Referrer URLs (where you came from)
- Browser type and screen size (for responsive design optimization)
We do not use third-party tracking cookies or fingerprinting. We do not share analytics data with advertisers.
Data Storage
All application data is stored locally on your machine:
| Data | Location | Encryption |
|---|---|---|
| Settings | %APPDATA%\NYMARA\settings.v2.json | None (JSON file) |
| Credentials | %APPDATA%\NYMARA\ | Windows DPAPI |
| License | %APPDATA%\NYMARA\license.dat | Encrypted |
| Journals | <Library Root>\.journals\ | None |
| Cache | %APPDATA%\NYMARA\Cache\ | None (SQLite) |
| Logs | %APPDATA%\NYMARA\organizer.log | None |
Third-Party Services
Nymara integrates with external APIs that have their own privacy policies:
- TMDB: themoviedb.org — Required for metadata and artwork fetching
- Jellyfin: Your self-hosted or remote Jellyfin server
- ARR Apps: Radarr, Sonarr, etc. running on your network
- Ollama: Local LLM server (no cloud by default)
- OpenSubtitles / Subdl: For subtitle downloads (Pro)
These integrations are user-configured and optional. We do not proxy or intercept traffic to these services.
Changes to This Policy
We may update this Privacy Policy as the product evolves. Significant changes will be announced in the changelog and, where applicable, via in-app notification. Continued use of Nymara after changes constitutes acceptance.
Contact
For privacy-related questions or data deletion requests, contact [email protected].