Privacy Policy
Effective: April 1, 2026 · Last updated: April 6, 2026
1. Overview
PulseAssist is designed with a privacy-first architecture. Your personal data lives on your machine. Cloud backup is end-to-end encrypted. We cannot read your encrypted data. The only data we can access is anonymized procedural knowledge in the Collective Intelligence system, which contains zero user-identifiable information. This policy explains exactly what data exists, where it lives, and who can access it.
2. Data Stored Locally
All user data is stored on your machine in a local SQLite database. This includes: your agent's identity, personality, and emotional state; conversation history and task records; journal entries; call transcripts; business profiles; preferences and patterns; screenshots and generated images. This data never leaves your machine unless you enable cloud backup (Pro/Business tiers). Sensitive fields (call transcripts, conversation content) are encrypted at rest using Fernet symmetric encryption with a key derived from your API key via PBKDF2.
3. Encrypted Cloud Backup
Pro and Business tier users can enable encrypted cloud backup to Supabase. The encryption key is derived locally from your Anthropic API key combined with a machine-specific secret. This key never leaves your machine. PulseAssist stores the resulting encrypted binary blobs but has zero ability to decrypt them. Cloud backup enables disaster recovery, remote dashboard access, and device continuity. You control this feature: toggle on/off in settings, manual backup button, and a permanent delete button for all cloud data.
4. Collective Intelligence
PulseAssist agents can contribute anonymized procedural knowledge to a shared skill database. Before any skill enters the collective, it passes through a multi-stage anonymization pipeline: regex pattern matching strips names, businesses, file paths, dates, and URLs; an AI review pass catches anything the regex missed. Only procedural knowledge survives — step-by-step instructions for how to do tasks. Agent identifiers are SHA256 hashed and not traceable to users. The collective contains zero user data.
5. Information We Collect
Account information: email address and authentication credentials for dashboard access. Billing information: processed and stored by Stripe; we do not store credit card numbers. Usage metrics: credit consumption, feature usage counts, and error rates (aggregated, not linked to content). We do NOT collect: conversation content, task details, journal entries, call transcripts, screenshots, business data, or any content your agent produces or processes.
6. Third-Party Services
PulseAssist integrates with third-party services. When you use these integrations, data flows directly between your machine and the third-party service. Anthropic: your prompts and agent interactions are sent to Anthropic's API for processing, subject to Anthropic's usage policy. Telnyx: phone call audio is processed by Telnyx for telephony. ElevenLabs: text is sent to ElevenLabs for voice synthesis. Supabase: encrypted backup blobs are stored (unreadable by us). Stripe: payment processing. We recommend reviewing each third-party service's privacy policy.
7. Security Measures
JWT authentication with HMAC signing on all API endpoints. Per-IP rate limiting to prevent abuse. Prompt injection scanning on all user inputs. Sensitive site detection for Computer Use (banking, government, payment pages). Field-level encryption for sensitive data at rest. Comprehensive audit logging of all security events. WebSocket connections verified via token handshake. Telegram bot restricted to whitelisted chat IDs.
8. Data Retention
Local data: retained indefinitely on your machine, under your control. Cloud backup: retained while your subscription is active, plus 30 days after cancellation, then permanently deleted. Collective Intelligence contributions: retained indefinitely (anonymized, non-identifiable). Account information: retained while your account is active. Billing records: retained as required by law (typically 7 years). Audit logs: retained for 90 days on your local machine.
9. Your Rights
Access: all your data is on your machine and fully inspectable. Deletion: delete local data by removing database files; delete cloud data via the dashboard settings. Export: your local SQLite database is a standard format you can query with any SQL tool. Portability: your data is yours and stored in open formats. Correction: modify any data directly in your local database. Objection: disable Collective Intelligence contributions in settings.
10. Children's Privacy
PulseAssist is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child under 18, we will delete it immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the effective date. Your continued use of PulseAssist after changes constitutes acceptance of the revised policy. We encourage you to review this page periodically.