Back to HomeMindload logoMindload

Privacy Policy

Last Updated: February 2026

Mindload ("we", "our", or "us") respects your privacy and is fundamentally built on a "local-first" architecture. This Privacy Policy explains how we handle your data when you use the Mindload macOS application ("the App") and our website (mindload.ai).

1. The "Local-First" Architecture (What we DO NOT see)

Mindload is designed to keep your data on your device.

  • Your Files: The documents, PDFs, and text files you index using Mindload remain entirely on your local hard drive. We do not upload, sync, or store your original files on our servers.
  • Your Vector Database: The embeddings (vector data) and SQLite databases generated from your files are stored locally on your Mac. We have no access to this database.
  • Your Conversations: Your chat history and memory profile are stored locally on your device. We do not have access to your conversation data.

2. Information We Collect and Process

To provide our AI features and maintain your subscription, we process the following data:

  • Account Information: When you create an account, we collect your email address via Supabase Auth. Your subscription status (e.g., Free, Power, Pro) is stored in your account metadata.
  • Billing Information: Our Merchant of Record, Paddle.com, collects your name, email, and payment details when you subscribe. We only receive your email and subscription status. We do not store credit card numbers.
  • AI Queries & RAG Processing: When you ask a question, the App performs a local search and extracts small, relevant text snippets (chunks of approximately 2-5 KB) from your local documents. These snippets, along with your prompt, are sent securely through our proxy server to third-party Large Language Model (LLM) providers to generate an answer. Your full documents are never sent — only the relevant chunks needed to answer your question.
  • Proxy Logs: Our proxy server temporarily logs request metadata (e.g., latency, token count, LLM provider used, and a hashed user ID) for rate-limiting, billing, and security purposes. We do not persistently store the content of your prompts or the document snippets sent through the proxy.
  • Telemetry & Analytics: If you opt-in, we collect anonymized, aggregated usage data (e.g., number of queries, file types indexed) via PostHog to improve the App. This data contains no personally identifiable information (PII) or document content. You can enable or disable analytics at any time in the App Settings.

3. Third-Party Service Providers

We share necessary data with trusted third parties solely to provide the service:

  • LLM Providers (Google, OpenAI, Anthropic): We send your prompts and relevant document snippets to these providers via their commercial APIs. Under their API terms of service, none of these providers use your data to train their AI models. These providers may temporarily retain data for abuse monitoring purposes (typically 7 to 55 days, depending on the provider), after which it is deleted.
  • Paddle.com (Merchant of Record): For payment processing and subscription management. Paddle acts as the Merchant of Record and handles all payment-related data under their own privacy policy.
  • Supabase: For user authentication (email and password). Supabase stores your account credentials securely under their privacy policy.
  • PostHog: For opt-in anonymous app analytics only.

4. Data Retention

  • Local Data: Your files, embeddings, conversations, and memory are stored on your device for as long as you choose to keep them. Uninstalling the App or deleting your data directory removes all local data permanently.
  • Account Data: Your email and subscription status are retained as long as your account is active. You may request deletion at any time.
  • LLM Provider Retention: The text snippets sent to LLM providers are subject to each provider's data retention policy for abuse monitoring. No provider uses this data for model training.

5. Your Rights

Depending on your location (e.g., GDPR in Europe, CCPA in California), you have the right to access, correct, or delete your personal data. Your personal data held by us is limited to your email address and subscription metadata — your files and conversations are already under your full control on your device. To exercise these rights, contact us at support@mindload.ai.

6. Security

All communication between the App and our proxy server is encrypted via HTTPS/TLS. Your documents never leave your device — only small text snippets are transmitted when you use cloud AI features.

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last Updated" date at the top of this page.

8. Contact Us

If you have any questions about this Privacy Policy, please contact us at support@mindload.ai.