Your data never leaves your machine.
Who we are
Gnosys and gnosys.ai are operated by:
JAMAEDGE Group LLC (doing business as Proticom)
16835 Algonquin St, Suite 205
Huntington Beach, CA 92649, United States
Privacy contact: privacy@gnosys.ai
EU/UK Representative (Art. 27 GDPR / UK GDPR): not currently required — the open-source product involves no processing of personal data by us and our hosted enterprise offering is not offered in the EU/UK. A representative will be appointed before any EU/UK enterprise availability.
The one-paragraph version
Gnosys is local-first, open-source software. When you install and run it, your memories live in a SQLite database on your own computer (~/.gnosys/gnosys.db). We operate no server that receives them. We cannot read, access, or delete your data — we never have it. This website sets no cookies and runs no analytics. The rest of this policy exists mostly to explain that in the detail the law asks for.
1. The gnosys.ai website
| What | Details |
|---|---|
| Accounts, forms, tracking | None. The site is static documentation. |
| Cookies | None (see the Cookie Policy). |
| Server logs | The site is hosted by GitHub Pages (GitHub, Inc., USA). GitHub processes visitor IP addresses in its infrastructure logs as our hosting provider, per GitHub's privacy statement. We do not receive or use these logs. |
Legal basis (where GDPR-type laws apply): legitimate interest in serving a website (Art. 6(1)(f)); the residual processing is GitHub's infrastructure logging.
2. The Gnosys open-source software (what happens on your machine)
When you run Gnosys, you are the data controller of everything you store in it. We are not a controller or processor for that data — it never reaches us.
Data the software stores locally, under your control:
| Category | Where | Retention |
|---|---|---|
| Memories you write (free text — may include any personal data you choose to record) | ~/.gnosys/gnosys.db on your device | Until you archive/delete them or remove the database. Fully user-controlled; in-product delete/archive/cleanup tooling provided. |
| Tags, project names, file paths | Local database | Same |
| Attachments (images/small files ≤10 MB) | Local database | Same |
| Search embeddings | Computed on-device; stored locally | Same |
| Audit log of tool operations | Local database | Same |
| Hostname / machine ID (for your own multi-machine sync) | Local database + local config | Same |
Network connections the software makes — the complete list:
- Optional AI providers you configure. If you add your own API key (Anthropic, OpenAI, Groq, Voyage) — or choose fully local engines (Ollama, LM Studio) — memory or document text is sent to that provider under your own account and their terms, only for the features you invoke. Without a key, Gnosys runs in no-LLM modes.
- One-time embedding-model download (~80 MB of model weights from the Hugging Face CDN). No user content is uploaded; the model then runs offline on your device.
- Package installation/updates via the npm registry (standard npm behavior).
There is no telemetry, analytics, crash reporting, or any other "phone home" in the software.
Web Knowledge Base: if you use gnosys web to index a website, the software crawls the site you point it at and writes static files into your project. You are responsible for the content of sites you crawl.
3. Sub-processors and international transfers
For the open-source product and this website we engage no processors for user content, because we hold no user content. Parties that incidentally process data:
| Party | Role | Personal data | Safeguard |
|---|---|---|---|
| GitHub, Inc. (US) | Website hosting, code distribution | Visitor IPs in its own logs | GitHub's own GDPR program; no transfer by us |
| Hugging Face (US/EU CDN) | Model-weight downloads | Requesting IP, transiently | None needed — no content processed for us |
| AI providers (Anthropic, OpenAI, Groq, Voyage) | Only under your key and contract | Text you route to them | Your agreement with the provider |
A separately contracted Gnosys Enterprise hosted offering exists for organizations; it is governed by its own agreement and data-processing addendum (with SCCs Module 2 and transfer assessments where applicable), not by this policy. Status: DPA/SCC/TIA documentation in progress; completed before enterprise onboarding of EU/UK customers.
4. Geographic note (EU/UK)
Our hosted enterprise offering is not currently offered to customers in the EU or UK. This website and the open-source software involve no collection of personal data by us, wherever you are; the code is open source and available worldwide.
5. Your rights
For website visitors in jurisdictions with data-subject rights (GDPR, UK GDPR, CCPA/CPRA): because we collect essentially nothing, most rights requests will have nothing to act on — but you can always contact privacy@gnosys.ai and we will respond within the statutory period. California residents: we do not sell or share personal information, and we collect no personal information beyond what GitHub's hosting incidentally logs; there is nothing to opt out of. For data inside your local Gnosys install, exercise your rights with your own keyboard — it's your database.
6. AI transparency (EU AI Act)
Gnosys is a memory/retrieval developer tool, not an AI model. It invokes AI models only when you configure one, and its documentation identifies every feature that does so, each with a no-LLM alternative. We classify the product as minimal-risk under the EU AI Act; no Annex III high-risk use is intended or supported.
7. Children
Gnosys is a developer tool and this site is developer documentation; neither is directed at children. We collect no data from anyone, children included.
8. Changes
We will post changes here with a new version number and effective date. Material changes will be highlighted in the repository changelog.