Transparency Report

Version: 1.0 Last Updated: January 2025 Applies to: NotPixel SDK v1.0.1+

This document provides complete transparency about how NotPixel handles user data, our privacy architecture, and the technical guarantees we provide.

Executive Summary

Aspect	Our Commitment
Text Storage	Zero — we never store user text
User Profiling	None — no user profiles are created
Cross-Site Tracking	None — no tracking cookies or identifiers
Data Sales	Never — we don’t sell any data
PII Transmission	Blocked — sanitized before leaving device

Our Core Principle: Contextual advertising doesn’t require personal data. We match ads to content, not to people.

Contextual Integrity & Independence

The “Church and State” Separation

A critical aspect of our transparency is the absolute separation between Organic AI Responses and Sponsored Content.

No Influence: Advertisers have zero ability to influence the generation of AI tokens.
No Bias: The AI model is strictly blind to the ads being shown. It does not “recommend” a product unless it is part of its training data and relevant to the query organically.
Visual Distinction: Ads are rendered in separate UI containers, clearly labeled as Ad, Sponsored, or Promoted, ensuring users never confuse an ad for AI advice.

Privacy Architecture

Data Flow Overview


┌─────────────────────────────────────────────────────────────────────────┐
│                           USER'S DEVICE                                  │
├─────────────────────────────────────────────────────────────────────────┤
│                                                                          │
│  User Input: "Help me with my SQL query, email me at john@company.com"  │
│                                    │                                     │
│                    ┌───────────────┴───────────────┐                    │
│                    │                               │                    │
│              privacy: true                   privacy: false             │
│                    │                               │                    │
│                    ▼                               ▼                    │
│         ┌──────────────────┐           ┌──────────────────┐            │
│         │ Local Embedding  │           │  PII Sanitizer   │            │
│         │ (Transformers.js)│           │                  │            │
│         └────────┬─────────┘           └────────┬─────────┘            │
│                  │                              │                       │
│                  ▼                              ▼                       │
│         [0.12, 0.34, ...]          "Help me with my SQL query,         │
│         (384 numbers)               email me at [email]"               │
│                                                                          │
└──────────────────────────────┬──────────────────────────────────────────┘
                               │
                               │ HTTPS (TLS 1.3)
                               ▼
┌─────────────────────────────────────────────────────────────────────────┐
│                         NOTPIXEL API                                     │
├─────────────────────────────────────────────────────────────────────────┤
│                                                                          │
│  1. Receive embedding vector OR sanitized text                          │
│  2. Match against ad embeddings (cosine similarity)                     │
│  3. Return relevant ad                                                  │
│  4. Discard input immediately (not stored)                              │
│                                                                          │
└─────────────────────────────────────────────────────────────────────────┘

Data Categories

What We Receive

Data Type	With `privacy: true`	With `privacy: false`
User’s original text	Never	Never
Embedding vector	Yes (384 numbers)	No
Sanitized text	No	Yes (PII removed)
Publisher ID	Yes	Yes
Timestamp	Yes	Yes

What We Never Receive

Email addresses (replaced with [email])
Phone numbers (replaced with [phone])
Names or personal identifiers
IP addresses (not logged)
Device fingerprints
Location data
Browsing history

Technical Guarantees

1. Embedding Irreversibility

When using privacy: true, text is converted to a 384-dimensional embedding vector locally on the user’s device. This transformation is mathematically irreversible.

Why embeddings cannot be reversed:

Property	Explanation
Information Loss	384 numbers cannot encode the full vocabulary of human language
Many-to-One Mapping	Infinite possible texts map to similar vectors
No Lookup Table	The model doesn’t store word↔number mappings
Continuous Space	Small text changes create small vector changes, but reverse is impossible

Mathematical basis:

Embedding dimension: 384 (bge-small) or 768 (bge-base)
Input space: Infinite (all possible text strings)
Compression ratio: Infinite → 384 (extreme information loss)


Example:
"How to optimize PostgreSQL?" → [0.123, -0.456, 0.789, ...]
"PostgreSQL optimization tips" → [0.125, -0.452, 0.791, ...]  (similar vector)
"Best pizza recipes"           → [-0.892, 0.234, -0.567, ...] (different vector)

The vector [0.123, -0.456, 0.789, ...] could have come from
millions of different sentences. Reversal is impossible.

2. PII Sanitization

All text is sanitized client-side before transmission:

Pattern	Replacement	Regex
Email addresses	`[email]`	`/[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g`
Phone numbers	`[phone]`	`/(\+?[\d\s\-\(\)]{10,})/g`

Additional protections:

Text truncated to 256 characters maximum
Sanitization happens in SDK (client-side), not server
Original text never leaves the device

3. Zero Data Retention

Data	Retention Period
User text	0 seconds — never stored
Embedding vectors	0 seconds — used for matching only
Request logs	30 days — anonymized, no content
Impression/click events	90 days — for billing only

We physically cannot show you your users’ data because we don’t have it. There’s nothing to delete because nothing is stored.

Comparison: NotPixel vs Traditional Advertising

Aspect	Traditional Ads	NotPixel
User profiles	Yes	No
Cross-site tracking	Yes	No
Cookie syncing	Yes	No
Behavioral targeting	Yes	No
Data brokers	Often	Never
Retargeting	Yes	No
Data stored	Years	Zero

How We’re Different

Traditional Advertising:

Track user across websites
Build behavioral profile over months
Sell/share data with partners
Target based on personal history

NotPixel:

Analyze current context only
Match ad to content (not person)
Forget everything immediately
No profile, no history, no tracking

User Choice & Control

We believe users must have agency over their ad experience.

Opt-Out: Users can choose to use the privacy: true mode (if supported by the publisher integration) to prevent any semantic matching.
Feedback Loop: We are building mechanisms for users to “Hide” or “Report” specific ads, directly influencing the relevance feedback loop.
Data Clearing: Since we store zero user history, “clearing data” is effectively instantaneous and automatic after every session.

Privacy Modes Explained

Mode 1: `privacy: true` (Maximum Privacy)


const ads = new Ads({
  publisherId: 'pub_xxx',
  privacy: true,
});

Data flow:

Text is embedded locally using @huggingface/transformers
Only the embedding vector (384 numbers) is sent
Original text never leaves the device
Server matches vector against ad embeddings

Best for: Healthcare, legal, financial, any sensitive context

Mode 2: `privacy: false` (Standard)


const ads = new Ads({
  publisherId: 'pub_xxx',
  // privacy: false is default
});

Data flow:

PII (emails, phones) is removed client-side
Sanitized text is sent (max 256 chars)
Server generates embedding and matches
Text is discarded after matching

Best for: General use where content isn’t sensitive

Regulatory Compliance

Article	Requirement	NotPixel Compliance
Art. 5(1)(c)	Data minimization	Only semantic context used
Art. 5(1)(e)	Storage limitation	Zero storage of user data
Art. 6	Lawful basis	Legitimate interest (contextual ads)
Art. 17	Right to erasure	Nothing to erase
Art. 25	Privacy by design	Privacy is architectural, not policy

LGPD (Brazil Lei Geral de Proteção de Dados)

Article	Requirement	NotPixel Compliance
Art. 6	Purpose limitation	Only ad matching
Art. 6	Necessity	Minimal data collection
Art. 16	Data deletion	Immediate (no storage)

CCPA (California Consumer Privacy Act)

Requirement	NotPixel Compliance
Right to know	This transparency report
Right to delete	Nothing stored to delete
Right to opt-out	`privacy: true` mode
No sale of data	We never sell data

Security Measures

Transport Security

Measure	Implementation
Encryption	TLS 1.3 (HTTPS only)
Certificate	Let’s Encrypt, auto-renewed
HSTS	Enabled, 1 year max-age
API Authentication	Publisher ID + optional API key

Infrastructure Security

Measure	Implementation
Hosting	Vercel Edge Network
DDoS Protection	Cloudflare
Database	Neon PostgreSQL (encrypted at rest)
Secrets	Environment variables (never in code)

Verification

How to Verify Our Claims

Network Inspection: Use browser DevTools to see exactly what’s transmitted → See Network Inspector Guide
Open Source SDK: Review our client-side code → Sanitization: src/sanitize.ts → Embedding: src/embedding/local.ts
Request Your Data: Contact us to request any data we have about your publisher account → We can only provide billing/impression data (no user data exists)

Independent Audit

We welcome security researchers to audit our systems. Contact: security@notpixel.ai

Incident Response

If a Breach Occurred

Even in a hypothetical breach scenario:

Data Type	Risk
User text	None — not stored
User profiles	None — don’t exist
Embeddings	Low — irreversible, no PII
Publisher accounts	Medium — email, billing info

Breach Notification

We will notify affected publishers within 72 hours of discovering any breach, as required by GDPR.

Contact

Privacy Questions: privacy@notpixel.ai Security Issues: security@notpixel.ai General Inquiries: hello@notpixel.ai

Changelog

Version	Date	Changes
1.0	January 2025	Initial release

This transparency report is updated with each major SDK release. We believe privacy should be verifiable, not just promised.