Your data and privacy
What data Nolorem stores, where it is hosted, how AI providers handle your content, and how organization data is isolated.
Updated Jun 15, 2026
This article explains what data Nolorem stores, where it lives, and how third-party services interact with your content.
What data is stored
- Account data: display name, email, profile photo, password hash, notification preferences, and UI language.
- Organization data: workspace name, team members, roles, and invitations.
- Blog content: posts, drafts, outlines, topics, SEO keywords, generated text, images, and videos.
- Social content: composed and scheduled posts, channel connections, and analytics data.
- Settings: blog settings, Voice DNA profiles, Content Advisor memory, CMS credentials, brand identity, and media style preferences.
- Billing data: subscription status, plan tier, and Stripe customer references. Credit card numbers are stored by Stripe, not by Nolorem.
Where your data is hosted
Nolorem's database and application are self-hosted on a virtual private server in Frankfurt, Germany (EU), using a self-hosted Supabase instance (PostgreSQL). File storage for images, avatars, and media also uses Supabase Storage on the same EU server. Your data does not leave the EU except when sent to third-party AI providers for content generation.
AI provider data handling
When you generate content or use the Content Advisor, the minimum required input is sent to these providers:
| Provider | Purpose | Data sent |
|---|---|---|
| Anthropic (Claude) | Primary text generation, voice analysis, content advice | Topic, outline, writing samples, company profile, Voice DNA settings |
| OpenAI (GPT-4o) | Fallback text generation and humanization | Same as above, only when the primary provider is unavailable |
| Fal.ai | AI image generation | Image prompt text derived from your topic and style |
| Perplexity | Primary research | Search queries derived from your topic |
| Tavily | Fallback research | Search queries derived from your topic |
These providers process your data according to their own privacy policies and terms.
Who can access your data
- Your team, based on each member's role.
- Nolorem platform administrators at Bonalogic, for support and maintenance.
- No third party beyond the AI providers above, and only for content generation. Your data is not sold or shared.
Data isolation
All data is scoped to your organization. Row-level security policies in the database ensure one organization cannot access another's data, even on shared infrastructure.
Data deletion
You can delete your account and all associated data at any time, with the process and timeline described on the account page.