Circular tunnel background
BAISS

Privacy Policy

Effective date: 19 September 2025

At BAISS, privacy is a product requirement. We designed BAISS to work offline by default, so your content stays on your device, not on our servers.

Quick summary

  • Zero Data Transmission (Desktop App): Your documents, prompts, and AI outputs never leave your device unless you explicitly enable an online feature or connect your own third-party account.
  • Absolute User Ownership: You own your content (inputs, outputs, indexes). BAISS does not claim any rights over it.
  • No Telemetry by Default: The app does not send analytics or crash reports unless you turn them on.
  • Website-only collection: We collect the minimum personal data necessary on our Website (e.g., contact forms, support, optional analytics).
  • GDPR & local law: We comply with the EU GDPR and other applicable laws.

1. Scope and who we are

This policy explains how we handle personal data for the desktop application (the "App") and the website (the "Website"). For the Website, BAISS acts as a data controller. For the Desktop App, content is processed locally on your device; BAISS does not receive or store your content by default.

2. Definitions

  • Local-First Mode: All model inference, indexing, and retrieval run on your device; no content is transmitted to BAISS.
  • Online Mode / Connectors (optional): Features you may enable that call external services (e.g., a cloud model provider you choose). These calls are made from your device directly to that provider under your account or keys, not via BAISS proxies.
  • Content: Your inputs (prompts, documents, data), outputs (model responses), and local indexes or embeddings.

3. Desktop App – data practices

3.1 What stays local by default

  • Your Content (files, prompts, outputs, local indexes or embeddings).
  • On-device settings and preferences.
  • Activity logs stored locally (you can clear them in-app).

We do not collect or receive the above by default. The app does not transmit your Content to BAISS.

3.2 Optional Online Mode and connectors

If you enable Online Mode or connect a third-party service (e.g., a cloud model API or your own storage provider):

  • Requests are sent directly from your device to that service using credentials you supply.
  • BAISS does not see or store your Content or credentials.
  • The third-party's privacy terms apply (please review them before enabling).
  • You can disable connectors at any time.

3.3 Telemetry and crash reports (opt-in)

  • Off by default. If you opt in, we may collect strictly necessary diagnostics (e.g., error codes, performance metrics, anonymized feature usage).
  • No Content ever leaves your device via telemetry.
  • You can toggle these options at any time in Settings → Privacy.

3.4 Updates and licensing

  • License activation or verification may require minimal, non-content data (e.g., a hashed license ID) to validate your entitlement. We do not collect your Content for this purpose.

3.5 Retention

  • For the Desktop App, retention is under your control. Your Content resides on your device until you delete it or uninstall the app. We do not keep server copies.

4. Website, data we collect and why

We collect only what is needed to operate the Website, respond to you, and improve the site.

4.1 Data you provide

  • Contact or support forms: name, email, message.
  • Early access, waitlist, or newsletter: email and any optional profile fields.
  • Business inquiries or demos: company details you provide.

Purpose & legal basis: to respond to you and provide requested information (contract or legitimate interest); with your consent for marketing emails (consent, withdraw anytime).

4.2 Data collected automatically (Website)

  • Technical logs: IP address, browser or OS, pages visited, timestamps (for security and debugging).
  • Cookies:
    • Strictly necessary: session and security cookies.
    • Analytics (optional): set only if you consent.

Purpose & legal basis: site security and reliable delivery (legitimate interest); analytics only with consent.

4.3 Retention (Website)

  • Contact or support records: up to 24 months after last interaction.
  • Newsletter lists: until you unsubscribe.
  • Server logs: typically 30–90 days (security or debugging), then aggregated or anonymized.
  • Legal or accounting records: as required by law.

5. How we use personal data (Website)

  • Provide and protect the Website.
  • Respond to messages and demo requests.
  • Send product updates or marketing only if you opted in.
  • Improve the Website's performance and content (analytics if consented).

We do not sell personal data.

6. International transfers

  • Desktop App: not applicable; no Content is sent to BAISS.
  • Website: if data is transferred outside your region, we use appropriate safeguards (e.g., EU Standard Contractual Clauses) and assess the recipient's laws.

7. Security

  • Desktop App: Content is processed locally. We recommend enabling full-disk encryption and OS-level security on your device. BAISS may create local indexes or embeddings to power search—these remain on your device.
  • Website: industry-standard security (TLS in transit, restricted access, logging, and monitoring). No system is 100% secure; please use caution online.

8. Your rights

Depending on your location, you may have the right to access, correct, delete, restrict, object, or port your personal data, and to withdraw consent where applicable.

  • Desktop App: Your Content is on your device. You can delete it locally at any time.
  • Website: To make a request, contact support@baiss.ai. We may need to verify your identity. You can also unsubscribe from emails via the link in each message.

Residents of the EEA or UK may complain to a data-protection authority. Residents of Morocco may also contact the CNDP under Law 09-08.

9. Children's privacy

BAISS is not intended for individuals under 18. We do not knowingly collect data from children.

10. Changes to this policy

We will update this page when we make material changes and, where required, notify you in-app or by email.

Version: v2025-08-18 (Local-First)

11. Content ownership & license

  • You retain 100% ownership of your Content.
  • By using the Desktop App, you grant BAISS a local, device-limited license only to the extent necessary for the app to process your Content on your device (e.g., to index files for search). BAISS does not receive or store your Content.

12. Telemetry & diagnostics — detail (Desktop App)

Default: All off.

If you opt in, we may collect:

  • Non-content error details (error codes, stack traces with filenames but no file contents).
  • Performance metrics (startup duration, memory or CPU usage ranges).
  • Feature usage counters (for example, a count that a feature was used, without Content).

We do not collect file contents, prompts, outputs, or local indexes through telemetry.

You can opt out at any time in Settings → Privacy. We will honor your choice.

13. Cookies (Website)

Cookie typePurposeExamplesDefault
Strictly necessarySecurity, session continuitysession_id, csrf_tokenOn
Analytics (optional)Understand site trafficYour providerOff (consent required)
Preferences (optional)Remember choiceslocaleOff (consent required)

A detailed Cookie Notice is available at /cookie-policy (or below if combined).

14. Contact

Questions or requests: support@baiss.ai

To help us locate your record, include the email you used on the Website.