Our Privacy Promise
What we do — and don't do —
with your information.
Konshus is a Vault for the version of you that lives inside your AI — artifacts, atoms, patterns, and persona exports. That's genuinely sensitive context, and vague promises aren't enough. Here's exactly what we commit to, in plain English.
Our commitments
No human at Konshus reads your content
In normal operation, your artifacts and atoms are only ever opened by your Konshus — not by engineers, not by support, not by us. The model reads, distills, and writes back; people don't sit in the loop.
Admin access is metadata-only and audit-logged
Engineers can see that an artifact exists — its size, source type, and title — never the content. Every admin metadata read is recorded in the access log above, scoped to your account. To date that log is empty for every member, and that's the bar we hold ourselves to.
We never train AI on your data
Your conversations, uploads, and memory are never used to train any AI model — ours, OpenAI's, Anthropic's, Google's, or anyone else's. We use API providers that contractually guarantee this.
You teach. We learn — without reading
When you tag an upload About me / Not about me / Mix / Fiction, that label trains aggregate priors per source type and content shape, never your raw text. Your tags make every member's defaults smarter; your words stay yours.
Your Vault is encrypted with a key only you control
The deepest, most sensitive parts of your Konshus — your artifacts, atoms, patterns, and persona exports — are encrypted with a key derived from your password. Not even we can read them.
Everything else is encrypted at rest and in transit
Artifacts and atoms are encrypted on disk and over the wire using industry-standard TLS and AES-256. Isolated per-member. Never blended with another member's data.
No ads, no tracking, no analytics on your content
We use minimal app analytics (page views, errors) to keep things working. We never send the content of your artifacts, atoms, or persona exports to any third-party analytics or advertising service.
We will never sell or share your data
No data brokers. No partner programs. No 'anonymized' resale. If a government compels disclosure, we will tell you unless legally prohibited.
Export everything, anytime
One-click export of your full Vault — artifacts, atoms, patterns, and persona exports — as JSON. Your data, in a format you can take with you to any AI.
Delete everything, permanently
One-click account deletion that actually wipes the rows — not a soft-delete, not a 30-day grace period unless you ask. Gone means gone.
Two-factor authentication available
Optional 2FA on every account from day one. We strongly recommend turning it on.
Google Calendar stays read-only and opt-in
If you connect Google Calendar, we only request read-only access, only pull events you ask us to sync, and store an encrypted refresh token so we can keep the connection alive. Disconnect anytime — we revoke the token with Google and delete it. Google data is never used to train any AI model, and our use of Google APIs follows Google's Limited Use requirements.
What's in your downloads
Your raw memories belong to you. You can take them with you any time, on any tier, forever.
Raw memories (every tier)
From Memories & downloads, download a .zip of your artifacts as Markdown files — one folder per source, plus a manifest.json and README.txt. Works on Ember (free) and up. No quotas, no gating — only a light rate limit (3 exports/hour) so the system stays healthy.
Distilled persona (Spark and up)
Whisper, Briefing, Full Mirror, and Crisis Handoff are distillations of your atoms and patterns — the part your Konshus actually uses. Those live on the Personalize route and unlock with paid tiers; raw memories don't.
What we won't pretend
Privacy theater is worse than no privacy promise at all. Here's what we deliberately don't claim.
Atom extraction runs through an AI provider, which briefly reads your imported text in order to distill it into sourced facts. That happens under a no-training contract, and the resulting atoms are encrypted in your Vault.
We can read individual artifacts if compelled by lawful court order, because they're encrypted at rest but not end-to-end. Your atoms, patterns, and persona exports are the part we can't read.
If you forget your password and don't have a recovery key set up, your encrypted Vault is gone. That's the tradeoff for us not having a backdoor.
Browser extensions. Our optional ChatGPT Backup extension runs only on chatgpt.com, captures the turns you send/receive in the active tab, and posts them to your own MCP endpoint with a write-only (backup-only) token. The server rejects any read call from that token at the scope layer. No analytics, no telemetry, no third-party calls. Uninstall anytime.
This page is our privacy promise — what we commit to, in human language. It sits alongside (not instead of) our full Privacy Policy and Terms of Service, which govern your account.
Questions? Email hello@konshus.ai.
Looking for the formal version? Read the Privacy Policy →