Skip to content
Golden Retriever

Privacy & Data

Your files stay on your Mac

Section titled “Your files stay on your Mac”

Golden Retriever doesn’t sync, copy, or upload your library. Your original documents, PDFs, images, audio, and video files stay where you put them on your Mac. The vector index (Qdrant) that powers semantic search runs locally on your device, and the metadata database (SQLite) is also stored locally. We have no servers that hold your files and no access to your library.

What we send to Google

Section titled “What we send to Google”

To make AI features work, the relevant content of your files is sent directly from your Mac to Google’s Gemini API:

  • Document text is sent to Gemini for embedding (so semantic search can find it) and as context when you ask questions.
  • Image bytes are sent to Gemini for visual description.
  • Audio bytes are sent to Gemini for transcription.
  • Video bytes are sent to Gemini for combined visual description and audio transcription.
  • Your search terms are sent to Gemini for embedding whenever you use Search, so results can be matched by meaning and not just exact keywords.
  • Your questions and the retrieved context are sent to Gemini 2.5 Flash to generate answers.

This traffic flows directly between your Mac and Google’s API — we don’t proxy or see it. The traffic is authenticated with your own Gemini API key. Google does not retain your content after processing it under their enterprise service terms. Google’s privacy policy and data processing terms apply. See Google Cloud Privacy Notice for details.

What we collect

Section titled “What we collect”

Our backend at api.goldenretriever.ai collects a minimal set of data to operate the subscription service and improve the app:

  • Device identifiers — a pseudonymous ID that identifies your installation, used for entitlement checks and usage metering
  • Usage statistics — aggregate counts such as number of searches performed and index size, used to enforce tier limits and understand how the app is used
  • App version — to understand which versions are in use and prioritise compatibility fixes
  • Crash reports — stack traces and error logs when the app crashes, used to identify and fix bugs
  • Embedder convention counts — how many chunks in your library use the current vs prior Gemini embedding format. This lets us know when it is safe to retire the older code path. No file content, paths, or titles are sent

This telemetry data is sent to our backend hosted on Hetzner servers in Nuremberg, Germany (EU). We do not collect or see your search queries, your document content, or the questions you ask the AI.

Payment processing is handled by Stripe. When you subscribe, Stripe collects your email address, billing address, and payment details. We receive confirmation of payment status but do not store your card details. Stripe’s privacy policy governs their handling of this data.

Your rights

Section titled “Your rights”

Under GDPR, you have the right to access the data we hold about you, the right to have it deleted, and the right to receive it in a portable format. These rights apply to the telemetry and account data we hold on our backend. Your library, embeddings, and search history live only on your Mac — you can delete them at any time from Settings → Data Management. Content sent to Google’s Gemini API for processing is governed by Google’s terms; you can stop sending new content to Gemini by removing your API key in Settings.

To exercise your GDPR rights regarding backend data (device identifiers, usage statistics, account information), contact us at privacy@goldenretriever.ai. We will respond within 30 calendar days. If you believe your rights have been violated, you can lodge a complaint with the Information Commissioner’s Office (ICO) in the UK at ico.org.uk or with your local EU data protection authority.

Data location

Section titled “Data location”

Our backend runs on Hetzner CX23 servers in Nuremberg, Germany. Telemetry and account data stay within the EU. Payment data is processed by Stripe and subject to their global infrastructure. Embedding and AI processing goes to Google’s Gemini API. Users on the Vertex AI path can configure their GCP project to use EU regions if they require data residency in Europe.

The legal entity responsible for data processing is Do Your Bit Ltd, registered in England and Wales (Company No. 813003), Suite 2A, 7th Floor PF, City Reach, 5 Greenwich View Place, London E14 9NN. Privacy contact: privacy@goldenretriever.ai.