New: Trust & Privacy Manifesto
Read our founder's personal commitment to privacy and why OSQR is built on architectural trust, not promises.
Privacy is Capability
If you can't trust your AI, you can't use it to its full potential. OSQR is built on privacy from the ground up.
"Your data belongs to you."
OSQR exists to make you more capable — not to extract anything from you. Everything you upload, write, think, or store in OSQR belongs solely to you. Your data is never sold, shared, or used for training. OSQR only uses your data to think for you, not for anyone else.
OSQR is a private intelligence engine — not a data farm.
1Our Privacy Commitments
Your Vault is Yours Alone
No one — not even OSQR staff — can see your files, chats, uploads, or memories. Your Personal Knowledge Vault is completely private.
Never Used for Training
OSQR does not train any AI model on your data. Not now. Not ever. Your content, documents, conversations, and embeddings are never used for machine learning.
Encrypted & Secure
Your data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Embeddings are stored as numeric vectors that cannot be reversed into text.
The "Burn It" Button
Delete everything instantly. One click. Irreversible. Total wipe. Documents, embeddings, chats, memories, profile — everything. Gone forever.
2Privacy Tiers
You control how your data is used. Choose the level that fits your comfort.
Maximum Privacy
- Nothing leaves your vault except what's sent to AI models to answer your questions
- None of your data improves OSQR globally
- No anonymization, no analytics on your content
- Fully private — the strictest setting
Improve My OSQR
- No raw content is ever shared
- Optionally allow OSQR to learn from patterns only
- Example: "User sets fitness goals but doesn't follow through"
- Improves your personal model — not anyone else's
Global Patterns
- Opt-in only, off by default, extra warnings
- Anonymously contribute patterns (never content)
- Zero identifiable data — aggregated trends only
- Help improve OSQR for everyone (the "Waze" model)
3Where Your Data Lives
| Data Type | Storage |
|---|---|
| Your Documents | Encrypted database (PostgreSQL + Neon) |
| Your Embeddings | Numeric vectors — mathematically irreversible to text |
| Your Profile | Encrypted rows tied only to your account |
| Your Chats | Private, encrypted, never exposed outside OSQR |
| AI Requests | Only the text needed to answer your question is sent to AI providers |
4No Human Access
OSQR Staff Cannot:
- ✕See your files
- ✕Open your vault
- ✕Browse your chats
- ✕View your uploads
- ✕Inspect your embeddings
- ✕See your profile data
OSQR Staff Can See:
- ✓Your email address
- ✓Your subscription plan
- ✓Billing metadata
- ✓Error logs (no content)
That's it. Nothing else.
5The "Burn It" Button
Instant, Complete Deletion
When you click "Burn It," OSQR permanently deletes:
- • All your documents
- • All embeddings
- • All chat history
- • All memories
- • Your entire vault
- • All profile data
- • Cached model outputs
- • All system logs
Once deleted, OSQR cannot recover your data.
There is no undo. No cold storage copy. No internal archive. No ghost copy for analytics.
Legal exception: In rare cases where OSQR is required by law, regulation, valid legal process (such as a subpoena or court order), or governmental request to preserve data, the "Burn It" function may be temporarily suspended for the affected account until the legal obligation is resolved. We will notify you if this occurs, unless prohibited by law from doing so.
6How AI Requests Work
When OSQR sends something to AI providers (OpenAI, Anthropic, etc.), the rule is simple:
Only the exact text necessary to answer your question goes to the model.
Example:
If you ask: "Summarize page 4 of my document"
→ OSQR only sends page 4's text to the AI
Example:
If you ask: "What were my goals last month?"
→ OSQR fetches goals from your vault internally, sends only your question and the relevant text
You control what is sent because it is always tied to your explicit action.
7Encryption & Security
At Rest
AES-256 encryption via Neon/PostgreSQL
In Transit
TLS 1.2+ / HTTPS for all connections
Passwords
Hashed with bcrypt/argon2 (never stored in plain text)
Embeddings
Stored as vectors — mathematically irreversible to text
8Data Minimization
OSQR collects the minimum necessary:
- Email address
- Password (hashed)
- Subscription status
- Usage metrics (not content)
- Optional profile info you provide
That's it. No tracking. No surveillance. No creepy behavior. No "shadow profiles."
9SMS & Text Messaging
How SMS Opt-In Works
OSQR offers an optional SMS feature that lets you text back and forth with your AI assistant. You must explicitly opt in before receiving any messages.
Opt-In Process
- 1.You log in to your OSQR account at app.osqr.ai
- 2.You navigate to Settings → Phone & SMS, or are prompted via the phone setup dialog
- 3.You enter your phone number and check the consent box agreeing to receive SMS messages
- 4.We send a one-time 6-digit verification code to confirm you own the number
- 5.After verification, you can text OSQR and receive responses via SMS
Message Details
- Message frequency varies based on your usage
- Message and data rates may apply
- Reply STOP at any time to unsubscribe from all SMS messages
- Reply HELP at any time for support information
- Reply START to re-subscribe after opting out
Your Phone Number
Your phone number is stored securely and used only for delivering SMS messages you have requested. It is never shared with third parties, used for marketing, or sold. You can disconnect your phone number at any time from Settings → Phone & SMS.
10Google User Data & Third-Party Integrations
When you connect your Google account (Gmail, Calendar, Drive, Contacts, Tasks) to OSQR, OSQR receives a scoped OAuth grant from Google that lets OSQR act on your behalf inside your Google account. This section describes exactly what OSQR does with that access and what it does not do.
Scopes OSQR requests from Google
| Scope | What OSQR uses it for |
|---|---|
| gmail.modify | Read, label, archive, send, and reply to emails when you instruct OSQR (or your OSQR VA) to do so. OSQR only acts on messages in response to your explicit commands or the automations you configure. |
| calendar | Create, update, and read events on your Google Calendar when you ask OSQR to schedule, reschedule, or look up meetings. |
| drive.file | Open and save only the specific Drive files you ask OSQR to work with (per-file access — OSQR cannot browse your whole Drive). |
| contacts | Look up and create contacts when you ask OSQR to email or message someone. |
| tasks | Read and write items to your Google Tasks when you ask OSQR to capture or complete a task. |
| userinfo.email | Identify which Google account the grant belongs to. Not used for marketing. |
Google API Services User Data Policy & Limited Use
OSQR's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- OSQR does not use Google user data (including Gmail message content) to train generalized or third-party AI / ML models.
- OSQR does not sell, rent, or transfer Google user data for advertising, re-selling, or any purpose unrelated to the user-facing features you asked OSQR to perform.
- OSQR does not allow humans to read Google user data except (a) with your explicit consent, (b) where necessary for security investigations or to comply with applicable law, or (c) where the data has been aggregated and anonymized for service-operations purposes (e.g., error counts).
- OSQR only transfers Google user data to the AI providers needed to fulfill the specific request you made (e.g., summarize this thread), and only the text needed to answer that request. Sub-processors are contractually bound not to use the data for training.
Where Google data lives in OSQR
OSQR does not maintain a persistent mirror of your Gmail inbox. Messages are fetched from Google on-demand when you (or your automation) ask OSQR to act on them, and are discarded from working memory when the request completes. OSQR stores:
- Your OAuth access and refresh tokens, encrypted at rest in our Neon (PostgreSQL) database.
- Minimal metadata required to support your automations (e.g., the Gmail message ID you told OSQR to follow up on).
- Logs of actions OSQR took on your behalf (who, what, when — never the message body), for audit and support.
How to revoke OSQR's access to your Google account
You can remove OSQR's access at any time:
- 1.Inside OSQR, open Settings → Integrations and click Disconnect next to Google. OSQR immediately revokes its OAuth token and deletes the stored credentials.
- 2.You can also revoke access directly from Google at myaccount.google.com/permissions.
- 3.The "Burn It" button (described above) deletes every OAuth token OSQR holds for you as part of the full-account wipe.
A Note from the Founder
I built OSQR to be the AI assistant I always wanted — one that truly knows me, remembers my context, and helps me think better. But that kind of deep integration requires trust.
If you're going to index your entire life into an AI system — your documents, your thoughts, your goals, your struggles — you need to know that data is sacred.
That's why OSQR is built on privacy from day one. Not as a feature. Not as a marketing bullet point. As a foundation.
Your capability depends on your willingness to be honest with OSQR. And your willingness depends on trust. I intend to earn it.
Kable Record
Founder & 100% Owner, OSQR
Questions about privacy? Concerns? Ideas?
privacy@osqr.app