LOCAL MODEL Privacy notice.
Plain-language summary up top. Full notice below — every paragraph reviewed.
The short version. We collect what's needed to sell you a license, keep the software working, and answer your support email. Nothing else. Hardware reports and benchmark submissions are opt-in. We do not use Google Analytics, Facebook Pixel, or any cross-site tracking. Card data never touches our servers — Stripe handles it.
You can turn off anything optional. Inside the app: Settings → Privacy. We never read your files, your chats, or your screen.
LOCAL MODEL DOJO — PRIVACY NOTICE
Version 1.0 — April 2026
(draft for third-party legal review; in-app text is generated from this file)
---------------------------------------------------------------
WHO WE ARE
---------------------------------------------------------------
Local Model Dojo is a desktop application operated by Average Joes Construction LLC, referred to below as "we", "us", or "the
Company". We can be reached at:
Postal: Address on request — privacy@localmodeldojo.com
Email: privacy@localmodeldojo.com
Website: https://localmodeldojo.com
This notice tells you exactly what information we collect, why,
how we store it, and what rights you have over it.
---------------------------------------------------------------
WHAT WE COLLECT AND WHY
---------------------------------------------------------------
We collect only what is necessary to sell you a license, keep the
software working on your computer, and provide support.
1. Account / billing data (REQUIRED)
- Your email address
- Your name (if provided during checkout)
- Stripe customer ID (Stripe collects the card number; we do not see it)
Used for: license delivery, invoices, password reset, legal
records. Stored for as long as you are a customer plus 7 years
(tax requirement).
2. License data (REQUIRED)
- Your license key
- Subscription status, plan tier, renewal date
- Machine identifier hash (SHA-256 of motherboard UUID + CPU ID)
- Public IP address at time of activation (reduced to /24 subnet)
Used for: enforcing the "machines per license" and "IPs per
license" rules you agreed to at purchase. Deleted when you cancel
your subscription plus 30 days.
3. Hardware profile (OPTIONAL — on by default, can be turned off)
- CPU model, RAM total, GPU model, available VRAM, OS build
- NO license key, NO machine hash, NO IP address in this record
Used for: improving model recommendations and benchmarking
accuracy. Aggregated into hardware classes before any public
display. Toggle in Settings tab.
4. Benchmark submissions (OPTIONAL — off by default, you opt in)
- Your chosen display name (you pick — does not need to be real)
- Tokens-per-second scores for each model you ran
- Hardware class (aggregated, not device-unique)
Used for: public leaderboard only if you opt in. Can be deleted
any time from the License tab.
5. Crash reports (OPTIONAL — prompted on each crash)
- Stack trace, application version, OS version, last user action
- NO license key, NO email, NO machine hash, NO IP in the stored
record (the submitting IP is used only for rate limiting then
discarded within 24 hours)
Used for: fixing bugs and publishing fix documentation. You can
decline each crash report without affecting app operation.
6. Website cookies (minimal)
- Session cookie if you log into your account on the website
- Stripe sets its own cookies on the checkout page
- We do NOT use Google Analytics, Facebook Pixel, or any
cross-site tracking.
We do NOT collect:
- File names, file contents, or chat messages from your computer
- Browsing history
- Keystrokes
- Screenshots
- Contacts
---------------------------------------------------------------
WHO WE SHARE WITH
---------------------------------------------------------------
We use the following third-party processors. Each processes only
the data they need to do their specific job.
Stripe (payment processor) ............. Billing & card data
Postmark or Resend (email) ............. Transactional emails
Cloudflare (CDN + WAF) ................. Public endpoints, DDoS
Supabase or Railway (hosting) .......... License server & DB
Netlify (website hosting) .............. Marketing + blog
GoDaddy (domain registrar) ............. Domain records
We do NOT sell or rent any customer data to third parties.
We do NOT use your data to train any machine-learning model.
We will disclose data only if legally compelled by a valid
subpoena, court order, or equivalent process — and we will notify
you unless legally prohibited from doing so.
---------------------------------------------------------------
WHERE IT IS STORED
---------------------------------------------------------------
All customer data is stored on servers physically located in the
United States. Transactional email may briefly transit EU or
Canadian servers during delivery (Postmark/Resend infrastructure).
All data is encrypted in transit (TLS 1.3) and at rest (AES-256
where the provider supports it; all listed processors above do).
---------------------------------------------------------------
HOW LONG WE KEEP IT
---------------------------------------------------------------
Billing records ........ 7 years after last invoice (tax law)
License records ........ 30 days after subscription cancelled
Hardware profiles ........ Until you delete or cancel
Benchmark submissions ...... Until you delete or cancel
Crash reports ........ 12 months, then aggregated only
Support tickets ........ 2 years, then archived
Website logs ........ 90 days
---------------------------------------------------------------
YOUR RIGHTS
---------------------------------------------------------------
No matter where you live, you have these rights with respect to
data about you that we hold:
Access — Ask for a copy of everything we have on you.
Correct — Ask us to fix anything inaccurate.
Delete — Ask us to delete your data. We will, except where
tax or legal obligations require we keep billing
records.
Export — Ask for your data in a portable, machine-readable
format (JSON).
Opt out — Turn off optional data collection from inside the
app or the website at any time.
Complain — Contact a data-protection authority if you
believe we have mishandled your data.
To exercise any of these, email privacy@localmodeldojo.com. We will
respond within 30 days.
EU and UK customers have additional rights under GDPR/UK GDPR.
California customers have additional rights under the CCPA. Both
are covered by the list above; ask if you need specifics.
---------------------------------------------------------------
CHILDREN
---------------------------------------------------------------
Local Model Dojo is not intended for children under 16. We do not
knowingly collect data from anyone under 16. If you believe a
child has created an account, email privacy@localmodeldojo.com and
we will delete the account and all associated data.
---------------------------------------------------------------
CHANGES TO THIS NOTICE
---------------------------------------------------------------
If we change this notice in any material way, we will email
current customers at least 30 days before the change takes effect,
and post the updated version at https://localmodeldojo.com/privacy.
Older versions remain available on that page for reference.
---------------------------------------------------------------
CONTACT
---------------------------------------------------------------
Questions, requests, complaints:
Email: privacy@localmodeldojo.com
Mail: Address on request — privacy@localmodeldojo.com
Security concerns (vulnerabilities, suspected breach):
Email: security@localmodeldojo.com
---------------------------------------------------------------
END OF NOTICE. Prepared for third-party legal review.