Skip to main content

Privacy Policy

Last Updated: March 29, 2026

1. Data Collection Scope

DesireCore adopts a "local-first" data storage principle. The data we collect includes: user account information (such as username, email), user-created AI assistant configurations, conversation history, and app usage statistics.

Except for necessary account verification and software update checks, all core data is stored locally on the user's device by default. We will not upload user data to the cloud without explicit consent.

To improve the product and track installation counts, DesireCore sends anonymous installation statistics to our update server on each launch. This information only includes: an anonymous device identifier generated from hardware information (SHA-256 hash, irreversible), client version number, operating system platform, and CPU architecture. We do not collect any personally identifiable information, and this device identifier cannot be associated with your personal identity. This data is used solely for counting unique installations and platform distribution.

We cannot access, view, or monitor the behavior of user-created agents or any content they generate. All interaction data between users and their created agents is entirely controlled by the user. We do not have and do not attempt to have the ability to monitor or review this data.

2. AgentFS Privacy Architecture

DesireCore uses the self-developed AgentFS file system architecture to ensure complete isolation and privacy protection of user data.

User profile data is stored in independent user domains under users/<user_id>/, with each user's data completely isolated from other users. Relationship data (such as interaction patterns between AI assistants and users) belongs to the user domain and is not shared with "companions" (i.e., other AI assistants or users).

This architecture ensures that: even when multiple users use the same device, their data remains physically isolated; AI assistants cannot access other users' or other AI assistants' data.

3. Local Storage Principle

By default, all user data is stored only on the local device. This includes: conversation records, AI assistant configurations, user preference settings, and generated files.

Locally stored data is protected using industry-standard encryption technology. Users can choose to enable password or biometric authentication for additional app access protection.

When users choose to export data backups, backup files also use encrypted formats to ensure data security even when backup files are transferred or stored on external media.

4. Data Security

We adopt multi-layer security measures to protect DesireCore application user data:

  • Transmission Security: All network communications use TLS 1.3 or higher encryption
  • Storage Security: Local data uses AES-256 encryption algorithm
  • Access Control: Supports password, PIN, and biometric authentication
  • Code Security: Open-source core code undergoes community auditing

While we are committed to protecting data security, no system is absolutely secure. Users should take reasonable measures to protect their devices and account credentials.

It should be specifically noted that: we cannot perform any security monitoring or content review on user-created agents and their interactions with third-party APIs. Data transmitted by users through agents to third-party services is outside our control or protection scope, and related security responsibilities are shared between the user and the third-party service provider.

5. User Rights

Users have complete control over their data:

  • Right to Access: Users can view all their stored data at any time
  • Right to Export: Supports exporting data in portable format for backup or migration
  • Right to Deletion: Users can permanently delete their account and all related data
  • Right to Correction: Users can modify their personal profile and preference settings at any time
  • Right to Restrict Processing: Users can choose to disable specific data collection features (such as usage statistics)

6. User-Created Agents

DesireCore allows users to create and configure personalized AI agents. These agents are entirely defined by users in terms of behavior, personality traits, and functional settings.

We cannot regulate user-created agents or their use. All behaviors, content, and interactions generated by user-created agents are controlled and responsible by the user. Users should ensure that their created agents and usage behavior comply with applicable laws and regulations, and do not generate or disseminate any illegal, harmful, or infringing content.

Users bear full responsibility for their created agents, including but not limited to: agent behavior settings, generated content, and interactions with other users or systems. We do not assume any direct or indirect liability arising from user-created agents.

7. Third-Party API Configuration

DesireCore itself does not integrate any third-party AI services. We provide users with the ability to manually configure third-party LLM APIs (such as OpenAI, Anthropic, etc.), allowing users to independently select and connect to desired services.

When users configure and use third-party APIs, related interaction data will be directly transmitted to the third-party servers specified by the user. Processing of this data is governed by the privacy policy of that third-party service provider, not DesireCore.

We recommend that users carefully read and understand the privacy policies and service terms of the respective service providers before configuring third-party APIs. Users bear full security responsibility for their configured API keys and related credentials.

8. Data Retention

User data is retained only while the user has an active account. After a user deletes their account, all related data will be permanently deleted from our systems within 30 days (subject to technical and legal requirements).

Locally stored data retention is entirely controlled by the user. Uninstalling the app does not automatically delete local data files; users need to manually clear them or use the in-app data deletion feature.

9. Children's Privacy

DesireCore does not provide services to children under 13 years of age. If we discover that we have collected personal information from a child under 13, we will immediately delete that information.

Parents or guardians who believe their child has provided us with personal information, please contact us immediately and we will assist in deleting the relevant data.

10. Policy Updates

We may update this Privacy Policy from time to time. Significant changes will be communicated to users through in-app notifications.

Continued use of our services constitutes acceptance of the revised Privacy Policy. We encourage users to periodically review this policy for the latest information.

11. Contact Us

If you have any questions or suggestions about this Privacy Policy, or wish to exercise your data rights, please contact us through:

Email: ceo@solar-corona.com

We commit to responding to your request within 30 days of receipt.