Privacy Policy

Last Updated: February 14, 2026

At LucaOS Inc. ("LucaOS," "we," "us," or "our"), our fundamental mission is to build the world's first sovereign operating system for synthetic intelligence. Unlike traditional computing platforms that rely on the commoditization of user data, Luca OS is engineered from the kernel up to protect your digital sovereignty.

This Privacy Policy describes how we collect, use, and handle your information when you use our websites, software, and services ("Services").

1. The Core Principle: Local-First

Your Data, Your Device. Luca OS operates primarily as a local interface. All core processing, including natural language understanding, database management, and file indexing, occurs locally on your hardware (using the Cortex engine and NPU acceleration). We do not upload your personal files, chat logs, or voice recordings to our servers for training purposes.

2. Information We Collect

We collect only the minimum amount of data necessary to provide and improve our Services.

2.1. Account Information

When you join our waitlist or create an account to access the Luca Kernel, we collect:

  • Email address
  • Name (optional)
  • Authentication credentials (hashed)

2.2. Telemetry (Opt-In)

We believe telemetry should be transparent and optional. If you choose to enable "Diagnostic Data Sharing," we may collect anonymous performance metrics such as:

  • Application crash reports
  • System resource usage (CPU/RAM/NPU load)
  • Feature usage frequency

This data is stripped of all personal identifiers before leaving your device.

3. How We Use Information

We use the limited information we collect for the following purposes:

  • Service Provision: To verify your license and provide access to software updates.
  • Communication: To send important product updates, security alerts, and support messages.
  • Security: To prevent fraud and abuse of our platform.

4. Third-Party Integrations

Luca OS acts as a hub for various AI services. You may choose to connect third-party providers (e.g., Anthropic, OpenAI, GitHub) via API keys.

  • Direct Connection: When you use a third-party model, your device communicates directly with that provider's API. Your data does not pass through LucaOS servers.
  • Keys Storage: API keys are encrypted at rest on your device using your system's secure enclave (Keychain/TPM). We never see your keys.

5. Data Retention and Deletion

Since your primary data resides on your device, you have complete control over its retention.

  • Local Data: You can delete your local Luca profile, database (`~/.luca/db`), and configuration at any time. This permanently erases the data.
  • Account Data: You may request deletion of your LucaOS account by contacting privacy@lucaos.space. We will delete your account information within 30 days.

6. Security

We employ industry-leading security measures to protect your information:

  • Encryption in Transit: All communications between your device and our update servers are encrypted via TLS 1.3.
  • Encryption at Rest: Local databases are encrypted using XChaCha20-Poly1305 if disk encryption is enabled.

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes via email or through the Luca OS notification center.

8. Contact Us

If you have questions about this Privacy Policy or your data rights, please contact us at:

LucaOS Inc.
San Francisco, CA
Email: privacy@lucaos.space