At Zimmer, we believe your privacy is not a feature; it is a fundamental requirement. Zimmer is designed to be a "local-first" application, meaning the vast majority of its operations occur exclusively on your hardware. This policy outlines exactly what data we collect, why we collect it, and—most importantly—what we never touch.
1. Data Sovereignty Architecture
Zimmer operates on a Zero-Telemetry architecture. Unlike standard AI tools, we do not track your prompts, your code, or your file interactions.
Local Inference: All AI processing (text generation, agent logic) happens locally on your machine. Your prompts never cross a network and are never seen by us or any third party.
Local Storage: Your chat history, agent logs, and workspace configurations are stored exclusively on your local disk in ~/Library/Application Support/Zimmer. These files are stored in standard local directories. Because your data remains entirely on your device, we recommend enabling macOS FileVault to ensure your local disk is fully encrypted at the OS level.
Model Hub: When you download models, the request is made directly to the source (e.g., Hugging Face). We do not track which models you download or how often you use them.
2. Information We Collect
To provide our services, we collect only the absolute minimum required information:
Account Data: If you create a Zimmer preview account, we store your email address and a unique user ID to keep access working. This is authenticated via Google or GitHub OAuth.
Preview Access: The app may periodically verify preview eligibility. This request contains only the minimum account and device information required to keep access working.
Anonymous Crash Reports: If the app crashes, you may be asked to send a report. These reports are strictly opt-in and contain only technical debugging information (stack traces, OS version, hardware specs). They never contain your prompts or code.
The Zimmer Privacy Guarantee
We will never sell your data. We will never train models on your data. We will never implement cloud-based logging for your prompts. Your intelligence is your own.
3. MCP & Third-Party Integrations
When you use the Model Context Protocol (MCP) to connect to external services (like Notion, GitHub, or Linear), Zimmer acts as a secure local bridge.
Credential Storage: Your API keys, personal access tokens, and OAuth secrets are stored in the macOS System Keychain. Zimmer retrieves these only at runtime and never transmits them to our servers.
Direct Communication: Connections to third-party APIs are established directly from your machine. We do not proxy this traffic. The privacy policies of those respective services apply to those interactions.
4. Your Rights & Control
Because we do not store your data on our servers, you have ultimate control over it:
Deletion: You can delete all your data at any time by simply deleting the application and its support folders.
Export: You can export your chat logs and configurations directly from the application settings.
Transparency: Zimmer is committed to transparency. We regularly publish updates to our security architecture for community review.
5. Regulatory Compliance
By keeping all data local, Zimmer is inherently compliant with strict data residency and privacy regulations, including GDPR, CCPA, and HIPAA. Organizations can deploy Zimmer across their teams without worrying about data leakage or cloud provider security audits.