Privacy Policy for Cairn

Last updated:

In short: Cairn keeps everything on your Mac. Your maps are local JSON files and your API keys live in the macOS Keychain. There is no account, no sign-in, no analytics, and no telemetry. The app only reaches the network when you take an explicit AI action, and only your selected node and its branch context are sent to the AI provider you chose, using your own key. Nothing else leaves your Mac. When you use the Evidence verb, that provider runs its own web search to gather citations. AI output can be wrong and should be checked before you rely on it.

This policy explains what Cairn ("Cairn", "the app") does and does not do with your information. It is written in plain language.

Information we collect

Cairn does not collect personal data. There is no account and no sign-in, and the developer does not receive, store, or retain information about you. Some data is used only on your device, and only with your permission:

What Cairn does not do

Network access

Outbound only, and only when you take an explicit AI action (a verb, Converge, a scan, listing models, or testing a connection). Requests go to the provider you configured: Anthropic (api.anthropic.com), OpenAI (api.openai.com), Google Gemini (generativelanguage.googleapis.com), or a custom or local endpoint you supply (for example a local model at localhost:11434). The app makes no calls on a timer and no calls on its own. The Tauri auto-updater is compiled in but inert in this version and makes zero network calls.

Bring your own key. Keys for Anthropic, OpenAI, Google Gemini, and any custom or local endpoint are stored only in the macOS login Keychain under the service com.cairn.Cairn. They are never written to settings, plists, or logs, and the interface can only learn whether a key exists, never read it back.

Cairn has no advertising, no analytics, and no third-party tracking.

Third-party services

The following may be involved, and only for the purposes above:

Data retention

Because the developer never receives your data, there is nothing for the developer to retain. Your content and settings remain on your device until you remove them or uninstall the app.

Your choices

You control any permission the app requests in System Settings → Privacy & Security, and you can change or revoke it at any time. Denying a permission only disables the related feature; the rest of the app keeps working.

Children’s privacy

Cairn is a general-audience utility. It does not knowingly collect any information from anyone, including children.

Changes to this policy

If this policy changes, the date above will be updated. Material changes will appear here before they take effect.

Contact

If you have any questions about this policy or your data, please write to tulaihia@gmail.com.