Privacy Policy

Philo is built to keep your notes local by default. This policy explains what information may be processed when you use the landing site at philo.so, download the app, contact us, or use optional integrations inside the app.

What this policy covers

This policy covers the Philo website, the downloadable Philo desktop app, and direct support communications about Philo. It does not cover third-party services you connect on your own, except to describe when Philo sends data to them at your direction.

Information we receive

Depending on how you use Philo, we may receive:

• contact details and message contents if you email us;
• basic request and device data generated by normal website hosting and security logs;
• download activity routed through GitHub release assets;
• information sent to third-party AI or Google services only when you configure and use them inside the app.

How the website works

The landing site is a mostly static Astro site. It does not include its own account system or in-site note storage. The homepage makes a client-side request to GitHub to resolve the latest release download links, and the site loads Google Fonts. Those third parties may receive your IP address, browser details, and related request metadata as part of serving those resources.

How the desktop app works

Philo is local-first. Notes, images, widget files, and related content are stored on your device or in an Obsidian vault you choose. Philo does not operate a first-party cloud sync service for your notes through this site.

Some app settings are also stored locally on your device. That can include configured paths, onboarding state, selected providers, API keys you enter, and Google OAuth tokens if you connect Google features. Those values are stored locally so the app can function.

Optional third-party services

If you enable AI or Google features, Philo sends the relevant request data to the provider you selected so the feature can run. That may include prompts, note excerpts, tool inputs, or authentication data needed for the request. Providers currently supported in the app include Anthropic, OpenAI, Google, and OpenRouter.

Your use of those services is also governed by their own terms and privacy policies. Philo does not control how those providers retain or use data once a request reaches them.

Google account connections

If you connect a Google account, Philo may request permission to access your basic account profile, your Google Calendar data, and your Gmail data. The current planned Google Workspace access is read-only for Calendar and Gmail.

Philo uses that access only to provide the Google-powered features you choose to use inside the app, such as reading calendar or email information into your planning workflow. Google OAuth tokens and granted-scope records are stored locally on your device so the app can refresh access and reconnect to Google services.

Philo does not sell Google Workspace data and does not use it for advertising. The use of information received from Google Workspace APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

You can disconnect Google in the app settings or revoke Philo's access from your Google account permissions page. If Google access is removed, related features in Philo may stop working until you reconnect.

How we use information

We use information to:

• serve the website and downloads;
• respond to support or product inquiries;
• maintain security, availability, and abuse prevention;
• enable the optional integrations and provider requests you choose to use.

Sharing

We do not sell your information. We may share information with service providers involved in hosting, email, fonts, source code hosting, releases, or the third-party integrations you choose to use. We may also disclose information if reasonably necessary to comply with law, protect rights, or address abuse or security issues.

Retention

Website and communication records are kept only as long as reasonably needed for operations, support, legal compliance, and security. Content stored by the desktop app remains under your control on your device or chosen storage location unless you delete it.

Your choices

• Do not send us email if you do not want us to receive the contents of that message.
• Do not configure optional AI or Google integrations if you do not want data sent to those providers.
• Disconnect Google access in Philo or revoke it in your Google account if you no longer want Philo to read Gmail or Calendar data.
• You can delete local app data and your notes from the storage locations you control.

Children

Philo is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

Changes

We may update this policy from time to time. If we make a material change, we will update the effective date on this page.

Contact

Privacy questions can be sent to john@hyprnote.com.