Skip to main content

Privacy Policy

Last updated: February 7, 2026

1. Data Collection Scope

DesireCore adopts a "local-first" data storage principle. The data we collect includes: user account information (such as username, email), AI assistant configurations created by users, conversation history, and application usage statistics.

Except for necessary account verification and software update checks, all core data is stored locally on the user's device by default. We will not upload user data to the cloud without explicit consent.

We cannot access, view, or regulate the behavior of user-created agents or any content they generate. All interaction data between users and their created agents is entirely controlled by the user. We do not have the capability to monitor or review such data, nor do we attempt to do so.

2. AgentFS Privacy Architecture

DesireCore uses our self-developed AgentFS file system architecture to ensure complete isolation and privacy protection of user data.

User profile data is stored in the independent user domain users/<user_id>/ directory. Each user's data is completely isolated from other users. Relationship data (such as interaction patterns between AI assistants and users) belongs to the user domain and is not shared with "companions" (i.e., other AI assistants or users).

This architecture ensures that: even if multiple users use the same device, their data remains physically isolated; AI assistants cannot access data from other users or other AI assistants.

3. Local Storage Principle

By default, all user data is stored only on the local device. This includes: conversation records, AI assistant configurations, user preferences, and generated files.

Locally stored data is protected using industry-standard encryption technology. Users can choose to enable password or biometric authentication for additional application access protection.

When users choose to export data backups, backup files are also in encrypted format, ensuring data security even when backup files are transferred or stored on external media.

4. Data Security

We employ multi-layer security measures to protect DesireCore application user data:

  • Transmission Security: All network communications use TLS 1.3 or higher encryption
  • Storage Security: Local data uses AES-256 encryption algorithm
  • Access Control: Supports password, PIN, and biometric authentication
  • Code Security: Open-source core code undergoes community audit

While we are committed to data security, no system is absolutely secure. Users should take reasonable measures to protect their devices and account credentials.

It should be specifically noted that: We cannot perform any security monitoring or content moderation on user-created agents and their interactions with third-party APIs. Data transmitted by users through agents to third-party services is outside our control or protection scope, and the related security responsibilities are jointly borne by the user and the third-party service provider.

5. User Rights

Users have complete control over their data:

  • Right to Access: Users can view all their stored data at any time
  • Right to Export: Support for exporting data in portable formats for backup or migration
  • Right to Deletion: Users can permanently delete their account and all related data
  • Right to Correction: Users can modify their profile and preference settings at any time
  • Right to Restrict Processing: Users can choose to disable specific data collection features (such as usage statistics)

6. User-Created Agents

DesireCore allows users to create and configure personalized AI agents. These agents are entirely defined by users in terms of their behavior, personality traits, and functional settings.

We are unable to monitor or regulate user-created agents and their usage. All actions, content, and interactions generated by user-created agents are controlled and the sole responsibility of the user. Users must ensure that their created agents and usage comply with applicable laws and regulations, and do not generate or disseminate any illegal, harmful, or infringing content.

Users bear full responsibility for their created agents, including but not limited to: agent behavioral settings, generated content, and interactions with other users or systems. We assume no direct or indirect liability arising from user-created agents.

7. Third-Party API Configuration

DesireCore itself does not integrate any third-party AI services. We provide users with the ability to manually configure third-party LLM APIs (such as OpenAI, Anthropic, etc.), allowing users to independently choose and connect to desired services.

When users configure and use third-party APIs, relevant interaction data is transmitted directly to the third-party servers specified by the user. The processing of this data is subject to the privacy policies of those third-party service providers, not DesireCore.

We recommend that users carefully review and understand the privacy policies and terms of service of the respective service providers before configuring third-party APIs. Users bear full security responsibility for their configured API keys and related credentials.

8. Data Retention

User data is retained only while the user has an active account. After a user deletes their account, all related data will be permanently deleted from our systems within 30 days (subject to technical and legal requirements).

Retention of locally stored data is entirely under user control. Uninstalling the app does not automatically delete local data files; users need to manually clear them or use the in-app data deletion feature.

9. Children's Privacy

DesireCore does not provide services to children under 13 years of age. If we discover that we have collected personal information from a child under 13, we will immediately delete that information.

Parents or guardians who believe their child has provided us with personal information, please contact us immediately, and we will assist in deleting the relevant data.

10. Policy Updates

We may update this Privacy Policy from time to time. Material changes will be communicated to users via in-app notifications.

Continued use of our services constitutes agreement to the revised Privacy Policy. We encourage users to review this policy regularly to stay informed.

11. Contact Us

If you have any questions or suggestions about this Privacy Policy, or wish to exercise your data rights, please contact us through the following means:

Email: ceo@solar-corona.com

We commit to responding to your requests within 30 days of receipt.