Nuri Studio

Privacy Policy

Last updated: April 6, 2026

Your art is encrypted end-to-end. Nuri is professional infrastructure for artists. It is a privacy-first administrative utility. We believe that your creative data and professional history are yours alone. Our technology is designed to protect your information at every layer.

1. Our Privacy Philosophy

We built Nuri on four core promises to protect your practice:

  • Local by Default: Your artwork, images, and financial history are kept private to you. We use industry-standard encryption to ensure your sensitive data is protected at rest and only accessible by you.
  • Locked to You: Sensitive fields in your profile, including your artist statement, are encrypted before they are stored. Your data is isolated from other users at the database level, so no one else can access your records.
  • No AI Training: Your data is never used to train or improve AI models. When we use AI services to power features like opportunity matching, your data is processed under strict terms that prohibit the provider from using it for model training.
  • Sovereign Identity: Your account is securely tied to your authenticated session. We use modern cryptographic authentication to protect your identity and prevent unauthorized access.

2. Nuri Intelligence

Nuri is powered by a proprietary intelligence layer that helps match you with the right grants, residencies, and exhibitions. We handle this with a strict privacy standard:

  • Private by Design: Our recommendation engine analyzes your career stage, medium, and preferences to rank opportunities by relevance. Your sensitive data is encrypted at rest and decrypted only when needed to serve you.
  • No Third-Party Training: When AI processing is required, your data is sent in a minimal, redacted form. Personal identifiers like emails and phone numbers are stripped before any external processing. No third party retains or trains on your data.
  • You Control the Experience: You can manage your AI and tracking preferences from your Settings at any time. Changes take effect immediately.

3. Information We Handle

A. Information You Provide

Account Basics: We store your email address and basic login details securely to manage your access. Passwords are never stored by Nuri directly.

Private Studio Data: When you use our inventory, project, and archival tools, your artwork records, exhibition history, contacts, and documents are stored securely. Sensitive text fields are encrypted before storage and are not indexed for search or made public.

B. Discovery Features

To help find the right grants, residencies, and shows for you, we track interactions (which opportunities you save, like, or dismiss) and preferences (career stage, artistic mediums, and geographic interests). This data powers your personalized recommendations.

C. Technical Logs and Anonymous Analytics

We collect anonymous performance metrics (page load times, browser type) and error reports to improve the application. Our error monitoring is configured to never collect personally identifiable information such as your email, IP address, or profile data. Analytics are aggregated so we can understand trends without ever being able to identify you or see your specific actions.

4. How We Use Partners

We share information only with a limited number of processors who help us run the infrastructure. These partners are strictly prohibited from using your data for any other purpose:

  • Infrastructure and Storage: We use secure, encrypted cloud hosting and databases to keep your data available. Row-level security policies ensure complete isolation between users.
  • AI Processing: When AI features require external processing, data is sent in a minimal, redacted form under contractual terms that prohibit retention or training.
  • External Data Sources: When you browse the Discovery feed, we display public opportunity data sourced from arts organizations. Your interaction with linked third-party sites is subject to their own privacy policies.

5. Your Rights and Control

  • Access and Portability: You can request a copy of your stored data or export your records to CSV or PDF at any time.
  • Preferences: AI and tracking features can be managed from your Settings page. Changes take effect immediately.
  • Deletion: If you choose to leave Nuri, you can delete your account and wipe your data from our systems instantly, including encrypted fields, interaction history, and uploaded files.
  • Communication: We only send essential service updates. You can opt out of any non-critical notifications.

6. Security Standards

  • Encryption: All data moving between the application and our servers is encrypted in transit (TLS). Sensitive profile fields are encrypted at rest before database storage.
  • Privacy by Design: Your data is kept in its own secure silo and is completely separate from other users through row-level security policies.
  • Access Protection: Authentication endpoints are rate-limited and all state-changing requests are protected against cross-site request forgery.

7. Encryption Tiers

By default, we keep a recovery key for you — wrapped by your password, used only when you ask us to recover your account or export plaintext. Turn on Advanced Privacy to hold the only key yourself. Either way, third-party providers never see your images or text in plaintext.

Activity timing and storage usage patterns are visible to us and our backup providers, but your content is never readable by them.

  • Standard tier: Recovery key held in escrow, wrapped by your password. Plaintext export available. Account recovery via password or passkey.
  • Advanced tier: You hold the only key. No recovery if passkey is lost. Plaintext export from your device only. Irreversible without re-enrollment.

8. Contact Us

If you have questions about this policy or our privacy practices, please contact us:

Nuri Infrastructure Team Email: balla@low-concept.com