We collect only what is necessary (email + encrypted API keys)
Chats stay private with optional Supabase sync
We never sell or rent personal data
You can export or delete your account anytime
Open-source codebase for full transparency
Full policy
1. Information we collect
Account information such as email and password hash to authenticate you securely.
API keys you provide (OpenAI, Google, Groq, etc.) are encrypted with Fernet before storage.
Chat history is encrypted and syncing is optional — local-only mode never leaves your device.
Anonymous usage analytics are opt-in only and stripped of personal data.
2. How we use information
To deliver the core PocketLLM experience across devices.
To sync chats, settings, and models you explicitly enable.
To improve reliability, security, and product usability.
To prevent fraud and keep your account safe.
3. Data storage
Supabase (PostgreSQL) stores account data with row-level security policies.
Encryption at rest via Fernet and managed keys.
Regular encrypted backups with strict access controls.
4. Data sharing
We do not sell personal data, ever.
Third parties are limited to AI providers you configure (OpenAI, Google, Groq, Ollama).
We only disclose information when legally required.
5. Your rights
Access or export your data anytime from Settings.
Delete your account via DELETE /users/profile in the API or inside the app.
Opt out of analytics and marketing emails.
6. Cookies
Essential cookies keep you signed in.
No advertising or tracking pixels.
7. Children's privacy
PocketLLM is not intended for children under 13. Parental consent is required in applicable regions.
8. Changes to this policy
We will notify you via email and changelog updates. Continued use after an update counts as acceptance.
9. Contact
Questions? Email privacy@pocketllm.com
Compliance
PocketLLM aligns with GDPR and CCPA requirements, supports data access requests, and offers an open-source audit trail. For privacy questions or data requests, contact privacy@pocketllm.com.