Skip to content
Golden Retriever

Privacy & Data

Your files stay on your Mac

Section titled “Your files stay on your Mac”

Golden Retriever is built on a local-first architecture. When you index documents, PDFs, images, audio, or video files, that processing happens on your Mac. Your original files are never uploaded to our servers. The vector index (Qdrant) that powers semantic search runs locally on your device, and the metadata database (SQLite) is also stored locally. We have no access to your files or to the embeddings generated from them.

What we send to Google

Section titled “What we send to Google”

When you index files or ask questions, content is sent directly from your Mac to Google’s Gemini API. This happens for two reasons: generating the embedding vectors that make semantic search work, and answering your questions using the Gemini 2.5 Flash model. We don’t proxy this data through our servers — it flows directly between your Mac and Google. Google does not retain your content after processing it under their enterprise service terms. Google’s privacy policy and data processing terms apply to data sent to their API. See Google Cloud Privacy Notice for details.

What we collect

Section titled “What we collect”

Our backend at api.goldenretriever.ai collects a minimal set of data to operate the subscription service and improve the app:

  • Device identifiers — a pseudonymous ID that identifies your installation, used for entitlement checks and usage metering
  • Usage statistics — aggregate counts such as number of searches performed and index size, used to enforce tier limits and understand how the app is used
  • App version — to understand which versions are in use and prioritise compatibility fixes
  • Crash reports — stack traces and error logs when the app crashes, used to identify and fix bugs

This telemetry data is sent to our backend hosted on Hetzner servers in Nuremberg, Germany (EU). We do not collect or see your search queries, your document content, or the questions you ask the AI.

Payment processing is handled by Stripe. When you subscribe, Stripe collects your email address, billing address, and payment details. We receive confirmation of payment status but do not store your card details. Stripe’s privacy policy governs their handling of this data.

Your rights

Section titled “Your rights”

Under GDPR, you have the right to access the data we hold about you, the right to have it deleted, and the right to receive it in a portable format. These rights apply to the telemetry and account data we hold on our backend. Because your files, embeddings, and search history never leave your Mac, you already have full control over that data — you can delete it at any time from Settings → Data Management.

To exercise your GDPR rights regarding backend data (device identifiers, usage statistics, account information), contact us at privacy@goldenretriever.ai. We will respond within 30 calendar days. If you believe your rights have been violated, you can lodge a complaint with the Information Commissioner’s Office (ICO) in the UK at ico.org.uk or with your local EU data protection authority.

Data location

Section titled “Data location”

Our backend runs on Hetzner CX23 servers in Nuremberg, Germany. Telemetry and account data stay within the EU. Payment data is processed by Stripe and subject to their global infrastructure. Embedding and AI processing goes to Google’s Gemini API. Users on the Vertex AI path can configure their GCP project to use EU regions if they require data residency in Europe.

The legal entity responsible for data processing is Do Your Bit Ltd, registered in England and Wales (Company No. 813003), Suite 2A, 7th Floor PF, City Reach, 5 Greenwich View Place, London E14 9NN. Privacy contact: privacy@goldenretriever.ai.