Qorven’s default: only the LLM calls you authorise leave your machine. Everything else — memory, sessions, vault, audit — lives on your Postgres.

What leaves your box by default

WhenTo where
LLM prompt + completionEvery agent turnThe LLM provider you picked (OpenAI, Bedrock, …)
web_fetch, scrape, crawlWhen a Qor calls the toolThe URL the Qor is asking about
gh, researchWhen a Qor callsGitHub, Google, X, etc.
OAuth callbacksUser authorising a connectorThe connector’s identity provider (one-time)
That’s it. No phone-home, no anonymous metrics, no update-check without you running qorven update.

What you can turn off

Disable outbound

SSRF allowlist — restrict which hosts web_fetch can reach. Default-deny for private IPs; extend to public domains as needed.

Fully air-gap

Use Ollama or LM Studio as your sole provider. No outbound LLM calls. Disable OAuth connectors. Disable web_fetch. 100% local.

PII redaction

Strip emails, phones, cards, SSNs from memory writes. Keeps the raw turn in sessions.messages but writes the redacted version into embeddings.

Outbound approval

Gate every destructive tool call behind a human approval prompt.

What Qorven never does

  • Train on your data. We don’t have training infrastructure; your data wouldn’t go anywhere even if we did.
  • Share data between tenants. Every table has RLS; every query runs in a tenant-scoped tx.
  • Contact a license server. You own the binary; there’s no online check.
  • Anonymous telemetry. Zero. Not even version metrics.

Memory + privacy scopes

Memories are scoped so a Qor in a public channel never retrieves private context. Scope rules →.

Right to forget

Operator flow for a data-subject request: 
qorven memory purge --user <user_id>
qorven sessions delete --user <user_id>
qorven audit purge --user <user_id> --keep-action-summaries
Soft-deletes propagate to backups after the retention period expires.

Export

Same shape as backup: 
qorven backup --user <user_id> --output /tmp/user-export.tar.gz
Includes: sessions, memories, audit entries for that user. Machine-readable JSON, per-schema.

Compliance mapping (abridged)

RegulationHow Qorven helps
GDPRRight to access (export), right to forget (purge), data processing transparency (audit log)
CCPASame as GDPR essentially
HIPAASelf-hosted on your infra, encryption at rest; you’re responsible for the BAAs with your LLM provider
SOC2Audit log, access control, encryption, retention policies — the building blocks; you still need your own SOC2
Full compliance packet on request: compliance@qorven.ai.

Where next

Security model

Threat model, encryption, tenant isolation.

PII redaction

Configure what patterns to strip.

Licensing

How FSL-1.1-ALv2 interacts with deployment.