Join to waiting listJoin to waiting listWelcome to Nautillo — your trusted browser extension for secure and privacy-conscious web browsing. These Terms of Use ("Terms") govern your access and use of the Nautillo website, browser extension, and associated services ("Services") provided by **Lab88 OÜ** (“we”, “our”, or “us”).
By accessing or using the Services, you agree to be bound by these Terms. If you do not agree, please do not use our Services.
For details on how we process your personal data, please refer to our Privacy Policy. Lab88 OÜ acts as the data controller for personal data processed through the Services.
Nautillo is a browser extension designed to improve your online security and privacy. Key features include:
- Real-time website analysis.
- Tracker and data collector blocking.
- Smart auto-logout for risky sites.
- Save Copy protection.
- Per-user trusted and blocked website management.
You can download and install the Nautillo extension directly from our website.
Some features may involve the processing of personal data. Such processing is carried out in accordance with the GDPR and other applicable data protection laws, using lawful bases such as contract, legitimate interests, or consent where required.
To use Nautillo, you must be at least 16 years old and legally capable of entering into contracts. Some countries allow a lower minimum age of consent for digital services (but not below 13). We comply with the national rules that apply in your country.
We do not knowingly collect personal data from individuals below the applicable age of digital consent. If we become aware that we have inadvertently collected such data, we will delete it without undue delay.
To use Nautillo, you must sign up with a valid email address. Access is granted after verifying your identity through a one-time password (OTP). We process account data on the basis of performance of a contract (Article 6(1)(b) GDPR), as this information is necessary to provide you with the Services.
During registration, you may optionally consent to receive marketing communications. Consent is always voluntary, and you may withdraw it at any time as easily as it was given, for example by clicking the unsubscribe link in emails or by contacting us at support@nautillo.com.
Please do not submit special categories of personal data (such as health, biometric, or political data) during registration.
Nautillo offers multiple service tiers:
4.1. 30-Day Free Trial
New users are automatically granted a 30-day free trial, which includes advanced feature access, such as:
- Real-Time Monitoring with advanced detection
- Smart Logout with user-defined domains
- Full Privacy Guardian
- Save Copy clipboard protection
4.2. Paid/Sonar Plans
After the trial, users can choose to upgrade to:
- Monthly Plan
- Yearly Plan
Paid plans maintain full access to all premium features.
4.3. Free/Echo Plan (Post-Trial or Cancellation)
If the trial ends or a paid subscription is canceled or expires, the account will automatically downgrade to the Free Plan, which includes:
- Basic Real-Time Monitoring (Limited analytics features)
- Smart Logout (limited to a predefined list)
- Privacy Guardian (limited to a data collection and script blocking)
- Save Copy feature
You can upgrade at any time from within the extension. Data linked to your subscription will be retained as long as necessary to comply with legal obligations and to protect against fraud, even if your account downgrades to the Free Plan.
Consumer Rights in the EEA: If you are an EEA consumer, you have a 14-day right of withdrawal for paid digital services purchased online.
5.1. Real-Time Monitoring
Real-Time Monitoring evaluates websites as you browse. It can be enabled or disabled in settings. Real time monitoring differs by plan:
Free/Echo Plan:
- Scans page content for known threat terms, violations, and detects phishing domains using simple pattern matching.
Trial and Paid/Sonar Plans:
- Includes Basic Analysis (Free plan)
- Detection of suspicious links
- Analysis of forms requesting sensitive information
- Identification of misleading or shortened URLs
- Domain similarity checks (≥80%) to flag phishing risks
5.2. Privacy Guardian
When enabled, Privacy Guardian blocks:
Free/Echo Plan:
- Trackers
- Data collection scripts
Trial and Paid/Sonar Plans:
- Pixel-based user tracking
- Trackers and Data collection scripts
Some websites may fail to display content properly when this feature is active. Users can disable Privacy Guardian and refresh the page to view blocked content.
5.3. Save Copy
The Save Copy feature protects clipboard content. When active:
- Copied data remains available for 10 seconds
- The clipboard is automatically cleared afterward
This helps prevent sensitive data leakage. The feature is available on all plans and can be toggled in settings.
5.4. Smart Logout
Smart Logout logs you out from sensitive websites if your device becomes idle or locked.
- Free/Echo Plan: Operates on a predefined high-risk site list
- Paid/Sonar & Trial Plans: Allows users to add their own custom logout domains
We use secure infrastructure to store essential user data, including:
- Email and subscription info (basis: contract, Article 6(1)(b) GDPR)
- Trusted and blocked site lists (basis: legitimate interests, Article 6(1)(f))
- Real-Time Monitoring results (locally or server-assisted) (basis: contract)
- Clipboard usage (temporary, basis: contract)
- Authentication data, including OTP validation logs (basis: legitimate interests, fraud prevention)
- Consent preferences and settings (basis: consent, Article 6(1)(a))
- Form submissions from our website (basis: contract or legitimate interests)
Retention: We keep personal data only as long as necessary for the stated purposes or as required by law. For example:
- Subscription data: as long as your account is active and up to 7 years afterward for tax and accounting obligations.
- Security logs: up to 12 months, unless longer retention is required to investigate incidents.
- Clipboard data: deleted immediately after use.
- Consent records: as long as legally required to demonstrate compliance.
Even after account termination, we may retain irreversibly anonymized data (not linked to individuals) and aggregated block/trust domain lists for risk modelling and security classification.
By using Nautillo, you agree not to:
- Misuse or tamper with the extension.
- Attempt unauthorized access or reverse-engineer the Services.
- Circumvent security features or impersonate others.
- Submit false, malicious, or unlawful data, including personal data of third parties without a lawful basis under the GDPR.
Violation of these terms may result in suspension or permanent account removal. You remain responsible for any personal data you submit through the Services.
You may cancel payments or deactivate your account at any time from your account settings. If you cancel or allow a paid subscription to expire, your account will automatically be downgraded to the Free Plan, which includes limited features as described above.
Refunds & Subscription Validity:
- All payments made for subscriptions — whether monthly or annual — are non-refundable, except where required by law (for example, under EU consumer protection rules).
- If you deactivate your account before the end of your current billing cycle, your paid subscription will remain active until the expiration date. You will retain access to paid features for the remainder of the prepaid period.
Plan Changes:
- If you upgrade from a Monthly Plan to a Yearly Plan, or downgrade from Yearly to Monthly, the change will take effect only after the current paid subscription period has ended.
- No partial refunds or prorated adjustments will be provided for switching plans mid-cycle, except where required by law.
Data after cancellation:
Upon account deactivation, we will delete or anonymize your personal data once retention obligations (e.g., tax, accounting, fraud prevention) have expired.
Nautillo and all related components, including its name, branding, source code, and UI, are owned by Lab88 OÜ. Unauthorized use, distribution, or reproduction is prohibited.
Nothing in this section affects your statutory rights under data protection law, including your rights under the GDPR.
Nautillo is provided “as is.” While we strive to provide accurate and up-to-date threat detection, we cannot guarantee:
- 100% protection against all online threats
- Compatibility with every website
- Continuous availability or performance
Use Nautillo as a supplemental security tool, not a replacement for good cybersecurity practices. This disclaimer does not affect our obligations under data protection law to ensure the security and accuracy of your personal data.
To the maximum extent permitted by law, we disclaim liability for damages arising from:
- Losses resulting from using or being unable to use the Services
- Site or extension outages
- Indirect, incidental, or consequential damages
Nothing in these Terms excludes or limits liability where the law does not allow it, including for death or personal injury caused by negligence, fraud, or your rights under data protection law. In particular, your right to compensation for damages under Article 82 GDPR cannot be waived or excluded.
We may update these Terms as needed. Significant changes will be communicated via the website or extension.
Continued use of Nautillo after updates constitutes acceptance of the revised Terms.
Have questions or need support? Reach out to us at:
support@nautillo.com
