What we store and what we don't.
GnamiAI runs your conversations, memories, skills, subagents, and scheduled tasks. This page documents exactly what that means for your data. If anything here is unclear, delete your workspace or don't sign up.
What we collect when you sign up
- Email — used to identify your account and let you sign back in.
- Password — never stored in plaintext. Hashed with
scrypt(N=217, r=8, p=1) and a per-account random salt.
What we collect while you use it
- Provider API keys (OpenAI, Anthropic, OpenRouter, Ollama, Mem0) — stored encrypted at rest using AES-256-GCM with a server-held key encryption key.
- Skills (SKILL.md files) you create or install — stored as plain text, per-account.
- Subagents — name, description, system prompt, optional model preference.
- Schedules — name, interval, prompt, last output, last action results.
- Budget usage ledger — per-turn token counts, provider, model, and estimated USD cost so you can see your own spend.
- Session records — a UUID, a SHA-256 hash of your session token, issuance and last-seen timestamps. We never store the raw cookie value.
Chat history stays on your device
Your chat transcripts are persisted in your browser's localStorage,
scoped by your account id. We do not store your chat messages on the
server beyond the moment they are processed by your chosen AI provider.
Clearing your browser data wipes them.
Attachments you upload (images, text files, PDFs) are sent to your AI provider as part of the turn. We do not persist attachment bytes on our side; only the filename and MIME type get stored in the local transcript for display purposes.
Third parties
When you connect a provider, prompts, attachments, and memory context are sent directly to that provider's API under your account and key. Their privacy policy applies to what they do with it:
- OpenAI — openai.com/policies/privacy-policy
- Anthropic — anthropic.com/legal/privacy
- OpenRouter — openrouter.ai/privacy
- Mem0 — mem0.ai/privacy
If you install a skill from a URL, the content is fetched server-side and stored as your skill. The source URL and canonicalised fetch URL are recorded in your skill row.
Cookies
One cookie only: gnamiai_session. It's HttpOnly,
Secure, SameSite=Lax, and HMAC-signed so a
tampered cookie is rejected at the edge. No tracking cookies, no
analytics, no third-party scripts in the app shell.
What we don't collect
- No analytics beacons. No Google Analytics, no Mixpanel, no Segment.
- No fingerprinting. No device ids, no advertising ids.
- No IP logging beyond what Vercel's infrastructure keeps by default.
- No chat-content training data. We don't retain prompts or responses for model training of any kind.
Your controls
- Disconnect any provider or memory integration — Settings → the provider card → Disconnect. Your key is deleted from the database immediately.
- Delete any skill, subagent, or schedule — on each respective page.
- Delete your whole workspace — Settings → Delete workspace. Cascading foreign keys erase every row tied to your account in one transaction. There is no soft-delete.
- Clear your local chat — the
/clearslash command empties your browser's copy.
Administrative access
The operator of this GnamiAI deployment has access to aggregate metrics (total tenants, recent activity, daily spend) and per-tenant billing fields (email, plan, status, 30-day spend). The operator cannot impersonate you, read your prompts, decrypt your provider keys, or see your chat messages. Those code paths do not exist; they would require a code change and a redeploy.
Changes
This page gets updated when the behavior changes. Material changes will be surfaced in the UI before they take effect. Minor wording fixes won't.