Zimac

Privacy Policy

Last updated: July 9, 2026

The short version: Zimac is local-first: your durable content — chats, memory, notes, emails, documents — lives on your own device, encrypted at rest. A model request still sends its prompt and selected context to the model route you choose. Our hosted servers process what is needed to run your account, bill you, meter and forward hosted-proxy calls, and relay end-to-end-encrypted team messages we cannot read. We don't sell data or run ad trackers; self-hosted Enterprise installs keep their platform traffic inside the customer's cloud.

1. What stays on your device (almost everything)

The Mac App stores your working life locally, under a folder you can open in Finder (~/Documents/Zimac). That includes conversations, the memory graph, notes, imported emails and documents, people profiles, backups, pairing state, and what the assistants learn about how you write and think. Sensitive stores are encrypted on disk with a key held in your macOS Keychain. We have no server-side copy and cannot recover it for you.

The in-app Erase memory action is deliberately recoverable: it removes live personal content but creates and retains a backup, and it keeps connections, API keys, and pairing. For full local deletion, use Settings → Privacy → Erase all local data. After an exact typed confirmation, the App quits and removes live data, backups, plugins, setup and pairing files, cached activation, and its Stitcher generic-password items from Keychain. The erase works without the license server; if a device slot could not be deactivated first, you can remove it later from Hub or the verified-email recovery link. See the complete removal guide first.

When you choose direct Anthropic, the request goes from your device to Anthropic and never touches Zimac's hosted proxy. When you choose a local model, it can remain on your device. Other remote OpenAI-compatible services receive requests under their own terms.

2. What we process, and why

If you use our hosted Platform, we process the minimum each service needs:

3. Model providers

Model calls have to be processed by a model. Requests routed through our proxy go to the provider configured for your org (by default Anthropic) and are handled under that provider's terms and data policies; we choose API terms under which providers do not train on your data. If you connect directly to Anthropic or another remote provider, your relationship is directly with that provider. A local model can keep the call entirely on your machine.

4. Who we share with

Only processors that make the service work: AWS (hosting and authentication), Stripe (payments), and your model provider (model calls). We don't sell or rent personal data, and we don't share it for advertising. We may disclose information if the law genuinely compels it — though note the design: the most sensitive data never reaches us to be disclosed.

5. Retention

6. Your rights

Use Hub → Account & privacy for self-service personal-account deletion, or email [email protected] to access, correct, export, or delete data we hold when you cannot sign in. We honor these requests regardless of where you live, including under GDPR and CCPA/CPRA. Leaving or deleting an organization is not the same as deleting your personal account. Before deleting an org, settle its credits and subscriptions. Personal-account deletion requires a fresh interactive sign-in, revokes hosted tokens, and removes account data subject to records we must keep by law; it does not erase devices or cancel unrelated Stripe commitments unless the confirmation says so.

7. Security

In transit, hosted services use TLS. At rest on your device, sensitive stores are sealed with a Keychain-held key. On the hosted-proxy path, the upstream provider credential lives server-side while your revocable org token is stored on the device. On the direct-provider path, your provider key is stored in the device Keychain and sent to that provider. Platform stores are encrypted, and team messages are end-to-end encrypted with keys we never hold. No system is unbreakable — but this one minimizes what each component receives.

8. Zimac Enterprise (self-hosted)

If your company runs a self-hosted Zimac Enterprise install, the entire platform operates inside your company's own cloud account. We receive no personal data from it whatsoever — no accounts, no usage, no content. Your employer operates that install and is the controller of its data; their policies apply.

9. Children

Zimac is a professional tool, not directed at children, and not intended for anyone under 16.

10. Changes & contact

If we change this policy in any material way, we'll announce it on this site (and by email for account holders) before it takes effect. Questions: [email protected].