Privacy Policy

Last updated: May 2026

OpenCone is a cloud-hybrid retrieval client that parses documents locally, sends chunk text to OpenAI and Pinecone for the retrieval path, and uses the OpenAI Responses API for grounded answers. This policy describes those data flows so you can understand the privacy boundary clearly.

1. On-Device Processing

2. Data Sent Off Device

To perform its core functions, OpenCone transmits data directly from your device to the following services using secure HTTPS connections. No data is routed through or stored on developer-owned servers.

Destination Data Sent Purpose Notes
OpenAI Responses API Conversation history (user prompt + retrieved context snippets) Generate natural-language answers using RAG Transmitted over HTTPS. OpenCone may retain local answer history until you clear it, but no developer-owned server is involved in the request path.
OpenAI Embeddings API Chunked text generated from your documents Produce high-dimensional vector representations Only the specific text chunks being embedded are transmitted.
Pinecone Vector DB Embedding vectors and metadata (document ID, file name, up to 200-char preview) Similarity search and retrieval Encrypted in transit; metadata excludes raw document bodies.

3. Keys & Authentication

4. Retention & Deletion

5. Analytics & Tracking

6. User Consent & Transparency

7. Contact

For privacy questions or data deletion requests, contact support at: gunnarguy@me.com or gunnarguy@me.com.