The short version
SiloVault collects no data. None.
No analytics. No telemetry. No account. No personal data. No usage metrics. No error beacons. No advertising IDs. No fingerprinting. No crash reports. No data of any kind is collected, stored, transmitted, or shared by SiloVault about you, your device, or your documents.
Everything SiloVault does — indexing, hybrid search, cited chat answers, OCR, transforms, Legal/Contracts-mode review, and the MCP server — runs entirely on your Mac, on-device, using a bundled local runtime and locally-stored open-weights models (Gemma chat models and embedding models running through Apple MLX). There is no cloud component. There is no server. There is no SiloVault account.
What we don't have, and therefore never see
Because SiloVault has no server-side component, the following do not exist anywhere in our infrastructure (and our infrastructure consists of: nothing):
- Your name, email, phone, or address.
- Your IP address, device identifier, MAC address, or any other hardware fingerprint.
- The documents you index, the text and images extracted from them, the questions you ask, the cited answers SiloVault writes, the summaries, FAQs, timelines, and briefs it generates, the risk flags, clause extractions, and redlines produced in Legal/Contracts mode, or any PDF you export.
- The contents of your Documents, Downloads, Desktop, or any other folder.
- Session timing, feature usage, button clicks, or any other behavioural data.
- Crash reports. SiloVault does not implement a crash-reporting SDK.
We never see any of this because none of it is ever sent. The app does not phone home, ever.
The local backend is not a network service
SiloVault runs a small local Python (FastAPI) process to perform indexing, search, chat, and transforms. It binds strictly to the loopback interface (127.0.0.1:8765), never to a public or network-facing address. The SwiftUI host renders the vault in a WKWebView loaded from that same loopback origin. This is on-device inter-process communication (IPC) only — a private channel between the macOS host and the on-device engines. It accepts no external connections and is not reachable from your network or the internet.
Outbound traffic you initiate
Three classes of outbound network traffic can originate from your Mac while SiloVault is running. None of them go to SiloVault. All of them are user-initiated:
- Model weight downloads. After onboarding, SiloVault offers to download the Gemma chat and embedding model weights from public open-weights repositories — ModelScope or Hugging Face. The download is anonymous by default; no token, account, or registration is required. Once the weights are on disk, indexing, search, chat, OCR, transforms, and MCP are all fully offline.
- Mac App Store updates.When Apple ships a SiloVault update, the Mac App Store delivers it. This traffic is between your Mac and Apple's servers, governed by Apple's privacy policy. SiloVault is not involved.
- Links you click. If you click an external link inside the app (for example, opening this privacy policy), your default browser handles the request. SiloVault is not involved.
Permissions we request, and why
SiloVault requests no special macOS permissions beyond the standard sandboxed file access every Mac App Store app operates under:
- Folders you choose. SiloVault reads only the folders you explicitly select through the macOS file picker. Access is retained across launches using security-scoped bookmarks — the sandbox-native mechanism for remembering exactly the folders you granted, and nothing else.
That is the entire list. SiloVault does not ask for Microphone, Camera, Screen Recording, Contacts, Location, or Full Disk Access. If you never add a folder, SiloVault can read nothing at all.
On-device data you create
The vaults you build, the indexes and embeddings derived from your documents, the text recognized by on-device OCR, your chat history and generated transforms, the Legal/Contracts-mode output for legal-preset vaults, the downloaded model weights, and your local preferences live on your disk under ~/Library/Containers/com.silovault.app/Data/Library/Application Support/SiloVault/ (plus any folder you explicitly choose to export to). They are yours. We do not have access to them. Deleting SiloVault removes the app; your work remains under its container until you delete it manually.
Model Context Protocol (MCP)
SiloVault can expose a vault to AI coding tools — Claude Code, Codex, and Cursor — through a local Model Context Protocol server, launched on demand as ohm-backend --mcp. This server communicates over stdio (standard input/output) with the tool that launches it. It does not open a network port, does notaccept remote connections, and answers queries using only the documents you have indexed on this Mac. What the tool you connect does with those answers is governed by that tool's own privacy policy — SiloVault transmits nothing anywhere itself.
Children's privacy
SiloVault is rated 4+ on the Mac App Store. Because no personal data is collected from any user, no special treatment is required for users under 13. Same policy applies regardless of age: nothing collected.
Third-party components
SiloVault uses these open-source components and public services. None of them receive any data about you from SiloVault:
- MLX(Apple's on-device array/ML framework) — runs locally.
- mlx-lm — runs locally to serve chat and embedding inference on your Apple Silicon GPU.
- Gemma models(Google's open-weights models, downloaded on demand under the Gemma terms) — run locally for chat and analysis.
- FastAPI — the bundled local backend, bound to loopback only.
- Apple Vision OCR (via the bundled
silovault-ocrCLI) — reads scanned PDFs and images entirely on-device, with no network access. - Hugging Face Hub / ModelScope — contacted only when you choose to download model weights.
Changes
If we ever materially change how SiloVault handles data — for example, if a future version of the app ever begins to collect anything at all — we will publish an updated version of this page, announce the change prominently in the release notes, and require explicit consent in-app before any new collection begins. The effective date at the top of this document reflects the current policy.
The current policy is: nothing is collected.
Contact
Questions about this policy: admin@ohmslaw.net
For non-private inquiries you can also open an issue at github.com/flowmar47/silovault.