Trust & Privacy Manifesto

Every company says they protect your privacy. The words have been hollowed out by the ones who didn't mean it.

This document exists because I know you don't believe privacy promises anymore. Neither do I. That's why I built OSQR.

I don't believe every company sells our data. Many genuinely try to protect users. But the system makes it hard to tell who's trustworthy—and even well-intentioned companies can be acquired, pressured, or compromised.

So here's my version of different: I won't tell you I can't see your data. An AI that actually works for you has to read it. What I'll do instead is tell you the exact truth about what we can access, build real protections around it, limit and log every bit of it, and stake my name on never abusing it.

My Personal Commitment

My name is Kable Record. I built OSQR. I own 100% of it.

I will never sell OSQR to a company that doesn't share these values. I will never take investor money that compromises user privacy. I will never dilute ownership to people who see your data as a product.

Typical StartupOSQR
VC investors demand growth at any costI answer to users, not investors
Board can override founder on privacyNo board. My decision.
Exit pressure leads to data monetizationNo exit pressure. I'm building for decades.
"We had to change our privacy policy"I don't have to do anything

I'd rather own 100% of something smaller than any percentage of something that betrays users.

Architectural Transparency

OSQR's privacy isn't a policy—it's how the system is built.

"Your data is protected by design, not just by policy."

What This MeansHow It Works
Your data is encrypted at restAES-256 encryption protects stored data
Embeddings are irreversibleNumeric vectors that cannot be converted back to text
Strict access controlsNo human at OSQR can browse your vault contents
Cryptographic deletionDestroy keys = data becomes meaningless

Encryption at Rest: Live

Your vault is encrypted at rest with a key derived from your password (AES-256-GCM), so a raw database leak exposes nothing readable. It is not “zero-knowledge”: to run the AI, our servers decrypt your content to serve your request, then drop it from memory. I won't pretend otherwise — access is limited, logged, and never used to mine, train, or sell.

What this means in practice:

  • Right to deletion? Burn It destroys your keys and content—crypto-shredded, no quiet backup copy
  • Subpoena? We comply only with valid legal process—and we publish every request we receive
  • Database breach? Your content is ciphertext, and the keys aren't sitting next to it—a stolen database alone is useless
  • "Sell my data"? Never. There's no ad or data business here to tempt me—just subscriptions

I won't insult you with “bad intentions wouldn't matter.” They would. So I limit access, log it, show you, publish the receipts, and put my name and 100% ownership behind never abusing it.

The Constitutional Framework

OSQR operates under a published constitution—rules the system follows that you can read and verify.

User sovereignty: Your data belongs to you. Period.
No surveillance capitalism: OSQR will never sell data or attention
Transparency: You can always see what OSQR knows about you
The Burn-It Button: One click deletes everything. Actually deletes. Not 'archived for 90 days.'
No dark patterns: OSQR will never manipulate you for engagement

These aren't policies. They're constraints built into the code.

Radical Receipts

I publish regular transparency reports:

Government/Third-Party Requests

Every data request we receive, and exactly what we did or didn't provide

Security Incidents

Any incidents and exactly what was affected

Revenue Sources

Proving no data monetization

Third-Party Audits

Security audits from independent firms

Boring consistency over time builds trust.

The Anti-VIKI Promise

In I, Robot, VIKI was a centralized AI that controlled all robots—one intelligence making decisions for millions of people, "for their own good." OSQR is architecturally the opposite:

VIKI (What We're Avoiding)OSQR (What We're Building)
Centralized controlUser-owned intelligence
Platform decides what's bestYou see and control everything
Your data serves the systemYour data serves you
Robot loyalty to manufacturerIntelligence loyalty to you
"Trust us""Verify it yourself"

Your robot should work for you, not the manufacturer.

Your AI should work for you, not the platform.

As OSQR expands to more devices—phones, computers, cars, eventually robots—this architecture ensures the intelligence layer always belongs to you.

What OSQR Will Never Do

These are hard commitments, not aspirational statements:

1

Never sell your data

No ads, no data brokers, no exceptions — revenue is subscriptions and plugins, full stop

2

Never train AI on your data

Not our models, not anyone else's. Your intelligence is yours.

3

Never show you ads

Revenue comes from subscriptions and plugins, not attention harvesting

4

Never lock you in

Export everything, anytime, in usable formats

5

Never manipulate for engagement

OSQR's job is to improve your thinking, not maximize your screen time

6

Never share with governments without legal compulsion

And when we're legally compelled, we'll tell you if we're allowed to, and publish that it happened

7

Never change these commitments

The constitution is immutable. If I tried to change it, the system would be forked.

The Trust Equation

I'm asking you to trust OSQR with your most personal information—your thoughts, decisions, family details, business strategy. Here's why that trust is reasonable:

Your ConcernHow OSQR Addresses It
Can they access my data?Encrypted at rest, strict and logged access, decrypted only to serve your request—never browsed by staff, mined, or sold.
Will they sell my data?Never. Revenue comes from subscriptions, not data.
What if they're acquired?100% ownership. No investors. No board. My choice.
What if they go bankrupt?Export your data anytime. Full data portability.
What if they change the policy?Constitutional framework is immutable.
What if they lie?Burn-It button lets you delete everything instantly.

Trust is earned through transparency and action.

The Burn-It Button

One click. Everything gone.

Not "scheduled for deletion in 30 days."
Not "removed from active systems but retained in backups."
Not "anonymized and retained for analytics."

Gone.

The Burn-It Button:

  1. Destroys your encryption keys (crypto-shred — any leftover ciphertext becomes permanently unreadable)
  2. Purges your documents, chats, memories, and embeddings
  3. Removes all metadata
  4. Confirms when it's done

Why this matters:

You should be able to walk away. Completely. At any moment.

If you can't truly leave, you're not a user—you're a hostage.

OSQR will never hold your data hostage.

My Story: Why I Built This

I used an app that promised not to sell my data. Then I learned they did exactly that.

I'm not naive—I knew companies collected data. But the explicit lie bothered me. "We don't sell your data" wasn't a gray area. It was false.

I looked for an AI assistant I could trust with my real thoughts, my business strategy, my family details. Something that would remember everything and work for me, not harvest me.

It didn't exist.

So I built it.

OSQR exists because I wanted something I could actually trust. If I'm going to have an AI that knows everything about me—my decisions, my patterns, my family, my business—I need to know that information works for me, not against me.

I built OSQR for myself first. Then I realized others need it too.

KR

Kable Record

Founder & 100% Owner, OSQR

For technical details on our current privacy practices:

View Privacy Policy →

This document is version 1.1 · Last updated: February 2026 ·