Legal
Privacy Policy
Last updated: March 14, 2026
Korvo is a local-first planning and decision workspace, operated by Snab Limited, a company registered in England and Wales (Company No. 16006744), with its registered office at 27 Old Gloucester Street, London WC1N 3AX ("we", "us", "our").
Privacy is not a feature we bolt on - it is a core architectural decision. Your files, notes, projects, chat messages, AI prompts, AI responses, and decision history are stored on your device. They never leave your machine unless you explicitly choose to share them.
This policy explains what data we do collect, why, and how we protect it.
1. What Stays on Your Device (We Never See This)
The following data is created and stored entirely on your local machine. It is never transmitted to Korvo servers, Supabase, or any third party:
- Project content, structure, and metadata
- Notes and documents
- Uploaded files (PDFs, markdown, text, etc.)
- Chat messages and AI conversation history
- AI prompts you write and responses you receive
- Plan Mode reasoning and decision trails
- Search indexes and vector embeddings
- Your AI provider API keys (OpenAI, Anthropic, Google, etc.)
- Global Memory facts
- Local application settings and preferences
When you use AI features, your prompts and context are sent directly from your device to your chosen AI provider using your own API key. Korvo's servers are never in that path.
2. What Our Server Knows
We collect the minimum data necessary to authenticate you and manage your subscription:
| Data | Purpose |
|---|---|
| Email address | Account identity, purchase receipts |
| Name and profile photo | Display in the app (from Google sign-in) |
| Plan type and status | Entitlement (free / early access / pro) |
| Stripe customer & subscription ID | Payment management, renewals |
| Payment timestamps | Billing history |
This is the privacy boundary. Our server knows who you are and what you paid for. It does not know what you store, search, write, or ask your AI.
3. Authentication
Korvo uses Supabase Auth with Google OAuth for sign-in. When you sign in with Google, we receive your email, name, and profile photo from Google. We do not receive or store your Google password.
Authentication sessions are managed via secure, httpOnly cookies on the website and secure storage on the desktop app. Tokens are refreshed automatically and expire after inactivity.
4. Payment Processing
Payments are processed by Stripe. We never see or store your credit card number, CVC, or bank details. Stripe is PCI DSS Level 1 certified. For details, see Stripe's Privacy Policy.
5. AI Providers (Bring Your Own Key)
Korvo supports a Bring Your Own Key (BYOK) model. You provide your own API keys for AI providers (Anthropic Claude, OpenAI GPT, Google Gemini, local models via Ollama).
- Your API keys are stored locally on your device, encrypted at rest. They are never sent to Korvo servers.
- AI requests go directly from your machine to the provider. Korvo does not proxy, log, or inspect these requests.
- Each AI provider has its own privacy policy and data handling practices. You should review them before providing your key.
6. Website Analytics
The korvo.xyz marketing website uses:
- Google Analytics (GA4) - anonymous usage statistics (page views, referrers, device type). Governed by Google's Privacy Policy.
- Vercel Analytics - anonymous web performance metrics.
The Korvo desktop app does not include analytics, telemetry, or any phone-home functionality.
7. Cookies
The korvo.xyz website uses cookies strictly for:
- Authentication session - secure, httpOnly cookies managed by Supabase Auth. Required for sign-in to work.
- Analytics - Google Analytics cookies for anonymous traffic measurement.
We do not use advertising cookies or tracking pixels.
8. Infrastructure & Security
- Website hosting: Vercel (SOC 2 Type II certified).
- Database & Auth: Supabase (SOC 2 Type II certified). Data encrypted at rest (AES-256) and in transit (TLS 1.3).
- Payments: Stripe (PCI DSS Level 1 certified).
- Desktop app: All workspace data stored locally using encrypted local storage. No data is transmitted to external servers (except AI provider API calls initiated by you).
9. Data Retention
| Data | Retention |
|---|---|
| Account profile | Until you delete your account |
| Subscription & billing data | Duration of subscription + 90 days |
| Local workspace data | Forever on your device - we never have it |
| Website analytics | 26 months (Google Analytics default) |
10. Your Rights
You may, at any time:
- Access your account data via the /account page.
- Delete your account and all associated server-side data by contacting us.
- Export your local workspace data at any time from the desktop app (no server involved).
- Revoke Google sign-in access from your Google Account settings.
Account deletion requests are fulfilled within 30 days. Your local data is unaffected - it stays on your device regardless.
11. Children's Privacy
Korvo is not intended for use by anyone under the age of 16. We do not knowingly collect personal data from children.
12. Changes to This Policy
We may update this policy from time to time. Changes will be posted on this page with an updated date. Continued use of Korvo after changes constitutes acceptance.
13. Contact
For privacy questions or data deletion requests: support@korvo.xyz
Snab Limited · Company No. 16006744
27 Old Gloucester Street, London WC1N 3AX, United Kingdom