Privacy Policy
Effective date: June 10, 2026
ZilchOS is self-hosted, open-source software. This policy explains what data the ZilchOS Android app and server handle, where that data goes, and who is responsible for it.
The short version: ZilchOS has no company servers and collects nothing on our behalf. The app connects to a ZilchOS server — either one running on your own phone, or one you operate elsewhere (Raspberry Pi, home server, VPS). You and your configuration decide what data is processed and which third-party AI providers, if any, ever see it.
1. Who controls your data
The developer of ZilchOS does not operate any backend, database, or analytics service that the app reports to. The app is a client for a ZilchOS server instance that you install and control (including the on-device server bundled with the Android app). You are the data controller for any information your ZilchOS instance stores or transmits.
2. Data the app and on-device server may handle
Depending on which features you enable, your ZilchOS instance may process:
- Account credentials — a username and password (stored as a bcrypt hash) used to sign in to your ZilchOS server's web interface.
- Chat messages and files — text, images, or documents you send to the assistant, plus the conversation history needed to maintain context.
- Voice audio — recordings made when you use push-to-talk, if voice transcription/synthesis is configured.
- Camera snapshots — still images from IP cameras you connect for motion monitoring, if that feature is configured.
- Device sensor data — camera, GPS location, screen contents, or other sensor data from an Android device you explicitly pair via ADB, if that feature is configured.
- Files on your device or server — read or written by the assistant within directories you explicitly allow.
- Messaging platform content — messages relayed through Telegram, Discord, Slack, IRC, or WhatsApp, if you connect those accounts.
- Memory / knowledge graph entries — notes, preferences, and facts you ask the assistant to remember.
- Usage and budget metrics — token counts and estimated cost per AI request, used for the optional spending dashboard.
None of the above is collected unless the corresponding feature is enabled on your instance. A fresh installation with no AI provider configured handles none of it.
3. Where your data goes
- Your ZilchOS server. All data above is stored locally by your server (on your phone, or on whichever device you point the app at).
- AI providers you configure. When you send a message, the relevant text (and any attached image/audio) is sent to the AI provider(s) you configured in settings — for example OpenAI, Anthropic, Google Gemini, OpenRouter, Groq, or a self-hosted Ollama model. Each provider's own privacy policy governs how they handle that request. If you configure only a local Ollama model, no message data leaves your network.
- Messaging platforms you connect. If you enable the Telegram, Discord, Slack, IRC, or WhatsApp connectors, messages pass through that platform's infrastructure under its own privacy policy.
- Third-party services your skills/integrations call. If you configure integrations (e.g. calendar, email, Home Assistant, GitHub), requests go to those services per your configuration.
The ZilchOS app itself does not send analytics, crash reports, advertising identifiers, or telemetry of any kind to the developer.
4. Data security
- Conversation history, the knowledge graph, and the feedback store can optionally be encrypted at rest with AES-256-GCM.
- Account passwords are stored as bcrypt hashes, never in plain text.
- Web sessions use server-side tokens with CSRF protection on mutating requests.
- You are responsible for securing the device or network your ZilchOS server runs on (e.g. enabling HTTPS, using strong passwords, restricting network access) — particularly if you expose it beyond your local network.
5. Data retention and deletion
Data is retained on your ZilchOS server until you delete it. You can delete conversation threads, knowledge graph entries, and accounts from the admin interface, or remove the underlying data files directly. Uninstalling the Android app removes the app and its on-device server files but does not affect a separate ZilchOS server you may also be connected to, nor any data already sent to third-party AI providers (see their retention policies).
6. Children's privacy
ZilchOS is a general-purpose automation tool intended for users capable of configuring server software and is not directed at children under 13. We do not knowingly collect data from children.
7. Permissions used by the Android app
- Internet — required for the embedded server and the in-app browser to communicate with AI providers and connected services.
- Foreground service / data sync — keeps the local ZilchOS server running while the app is in the background.
- Notifications — shows the persistent "server running" status notification required for foreground services on Android 13+.
The app does not request location, contacts, camera, microphone, or storage permissions unless a feature you enable requires them.
8. Changes to this policy
If this policy changes, the updated version will be published at this same URL with a revised effective date.
9. Contact
Questions about this policy or about ZilchOS can be sent to angsuman.syncli@gmail.com.