What leaves the device#
Ostler is local-first, not air-gapped. The Hub does make a small number of outbound network calls, and we want to be precise about which ones, when they fire, and what is in them. This is the page we point auditors and privacy-conscious users at first.
The headline
No personal data, ever, leaves the device for Creative Machines – or anyone else for that matter. Your knowledge graph, contacts, messages, calendar, mail, conversation history, and AI inferences are not transmitted to us, and there is no server of ours that would receive them if they were. The outbound calls Ostler does make are listed exhaustively below.
If you want a hard guarantee that nothing at all goes out, disconnect from the internet. Ostler keeps working. You lose public data enrichment, web search, and software updates – nothing else.
The summary table#
| Call | When it fires | What is in it | Disable? |
|---|---|---|---|
| Software update check | Periodically and on launch | App version | Settings |
| AI model download | Once, at install or model change | Public model name and version | Skip optional models |
| Software dependency updates | At install and on user-triggered upgrade | Package and image names and versions | n/a (you control when you upgrade) |
| Wikidata / Wikipedia enrichment | When Ostler enriches a person or organisation page | The name being looked up | Settings |
| Web search | Only when you ask the assistant to search the web | Your search query | Do not invoke search |
| Marketing website analytics | Only when you visit ostler.ai in a browser | Page-view counts, country, referrer | Use a privacy browser, or do not visit the site |
The remainder of the page expands each row.
Calls that contain no personal data#
These are the housekeeping calls every desktop app makes. They reveal that an Ostler install exists at your IP address (the same way any HTTP request does), and nothing else.
Software update check#
Ostler checks for new versions of itself periodically and on launch. The request contains the current app version. The response is an update manifest. No data from your knowledge graph is included.
You can disable automatic update checks in Settings. We recommend leaving them on, because security fixes ship through this channel.
AI model download#
When you set up Ostler or change the active local model, the Hub downloads model weights from the public model registry it is configured to use. This is a one-off file download. The registry sees your IP address and the name of the model you requested. Your knowledge graph is not part of the request.
If you want to install models out-of-band (for example on a machine you intend to keep offline), Ostler supports importing model files from disk.
Software dependency updates#
Ostler runs on top of standard tooling – a container runtime, a package manager, and similar. When you upgrade Ostler, those tools may fetch updated package or image versions over their normal channels. These are public file downloads carrying package names and versions.
Calls that may contain a name from your graph#
Two features issue outbound queries whose content is derived from your data. We are direct about this because the names of people in your contacts are themselves personal data under data-protection law.
Wikidata and Wikipedia enrichment#
When Ostler tries to enrich a person or organisation page with public biographical data – a Wikipedia summary, a date of birth, a company website – it queries Wikidata or Wikipedia for the relevant name.
What is in the call:
- The name of the person or organisation being looked up
- Standard HTTP metadata (your IP address, user agent)
What is not in the call:
- Any other field from your graph
- Your relationships, messages, calendar, or inferences
- Any private information about the person being looked up
You can disable enrichment in Settings, in which case no such queries are made.
Direction of flow
The point of enrichment is to pull public information in. Personal data does not go out, except for the lookup name itself, which is required for the lookup to mean anything. There is no version of public-data enrichment that does not name the thing being enriched.
Web search#
If you explicitly ask the assistant to search the web, the query is sent to your configured search provider. By default, Ostler routes web search through a privacy-respecting search proxy that strips client identifiers (cookies, user agent) before forwarding the query text to upstream search engines.
What goes out: the search query you typed, plus standard HTTP metadata to the proxy. The upstream engines see the query text but not your device identity.
This is an improvement over querying a major search engine directly, not a magic isolating layer. If you reconfigure web search to point at a different provider, that provider's terms apply.
Web search only fires when you invoke it. Ostler does not run background searches.
The marketing website is separate#
The ostler.ai public website and the docs.ostler.ai documentation site use Plausible Analytics, an EU-hosted, cookieless analytics service, to count visits and understand which pages are read. The Ostler app itself does not. No identifying cookies are set. No profiles of visitors are built. No cross-site tracking. We do not use Google Analytics, Facebook Pixel, or any ad-tech tracker.
This is the marketing surface only. The Ostler app itself does no analytics, sets no cookies, and does not communicate with any analytics provider. There is no session to maintain – the app does not have a user account on our servers, because we do not have servers that hold user accounts.
What Ostler deliberately does not send#
Things Ostler is built not to do
The list below is not "things we promise not to do" – it is the list of categories we have deliberately built no mechanism for. There is no code path in the Hub that would transmit any of these.
- Telemetry of your usage. Ostler does not phone home with what you typed at the assistant, what you read, or how often you opened the app.
- Crash reports that include your data. Ostler does not ship a crash reporter that uploads memory dumps or log files containing personal data.
- Behavioural analytics. There is no tracker on what you click, what you search, or how you navigate.
- Aggregated training data. Your conversations, inferences, and knowledge graph are not used to train any model, ours or anyone else's.
- Cross-user "fleet learning". One user's data is not a feature input for another user's instance.
- Federated analytics. There is no anonymised-but-linkable aggregate stream.
- A backup channel. Ostler does not maintain an encrypted-at-rest copy of your data on our servers as a "convenience". You back up locally, with Time Machine, or you do not back up.
If we ever ship a feature that would change any of this, it will be opt-in, it will be disclosed, and existing users will be notified before it ships.
When in doubt, watch the wire#
You can verify any of the above with the standard tools your operating system already has. Run a packet logger or your firewall's monitoring view; you will see the calls listed in the table at the top of this page and nothing else when the app is idle. We welcome that scrutiny – it is the kind of trust you cannot get from a cloud product.
Cross-references#
- What stays local – every category of data that does not leave
- What we never collect – categories Ostler is built not to handle
- Voice and speaker identification – the no-audio-egress promise spelled out
- Apple Mail FDA vs Google OAuth – why our Gmail integration sends nothing to Google
- Architecture / Data flows – diagrams of every flow, end to end
- Architecture / Privacy model