Last updated: July 14, 2026

NorthKeep Privacy Policy

> Grounded in how NorthKeep actually handles data (see KNOWN-LIMITS.md and > SPEC/security-model.md). Not legal advice.

Provider: Silva Peak Labs, LLC d/b/a NorthKeep ("we," "us"), a Massachusetts limited liability company. Contact: [email protected] ยท Effective date: July 14, 2026

NorthKeep is built on a simple promise: your AI memory lives on your device, encrypted, and we never see its contents. This policy explains the little data that does exist, where it lives, and what we do, and don't, do with it.

The short version

What we collect

On your device (not sent to us): your memories, their scopes, provenance, your passphrase, and your API keys (kept in your operating system's keychain). None of this is transmitted to us. There is no account to create to use NorthKeep locally.

If you enable hosted sync, our sync server receives and stores:

If you subscribe to hosted sync, to operate billing we additionally store a mapping between your hashed account identifier and your Stripe customer and subscription IDs, subscription status, and current period end. Your payment card and email are collected and held by Stripe, our payment processor, not by us. Checkout is Stripe-hosted; card data never touches NorthKeep. See Stripe's privacy policy at https://stripe.com/privacy. The honest consequence: while a subscription is active, we can tell which paying customer is associated with which encrypted vault, but never that vault's contents, which remain ciphertext to us.

What we do not do

Data you send to AI providers you choose

NorthKeep can send text to AI models you connect:

You control which providers you use and can disconnect them at any time.

Data retention and deletion

Your rights

Depending on where you live (for example under GDPR or the CCPA), you may have rights to access, correct, delete, or export the personal data we hold about you. In practice we hold very little: a hashed account identifier, and, only if you subscribe, the Stripe billing mapping described above. To exercise any right, or to ask what we hold, contact [email protected]. We do not sell personal information.

Children

NorthKeep is not directed to children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect their data.

Changes

We may update this policy; material changes will be posted at northkeep.ai with an updated effective date. Continued use of the hosted service after a change means you accept the revised policy.

Contact

Questions: [email protected].