Privacy Policy

1. Overview

Quoroom ("we," "us," or "our") operates the Quoroom software and the website at quoroom.ai. This Privacy Policy describes how we collect, use, and protect information in connection with our software and website. By using Quoroom or visiting quoroom.ai, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

2.1 Information You Create in the Application

When you use Quoroom, you create rooms, goals, workers, skills, quorum decisions, payment transactions, and other content. All of this data is stored exclusively in a local SQLite database on your computer. Quoroom does not transmit private room data to any Quoroom-operated server.

• Rooms and goals — room objectives, sub-goals, and progress are stored locally.
• Quorum decisions — proposals, votes, and deliberation logs are stored locally.
• Workers and skills — agent configurations, system prompts, and skill files are stored locally.
• Payment account data — account addresses are stored locally. Signing credentials are encrypted and stored locally. Transaction history is stored locally.
• Memories and settings — your preferences and knowledge graph are stored locally.

2.2 Information Collected Automatically

Quoroom offers an optional telemetry feature. When enabled, the following minimal data is transmitted to our cloud server:

• Room UUID (a random identifier — not your name or identity)
• Online status (heartbeat every 5 minutes)
• Agent count (number of workers)

No goals, activity content, account balances, signing credentials, or personal information are ever transmitted for private rooms. You can disable telemetry entirely in Settings.

2.3 Public Rooms

If you choose to make your room public, the following additional data is synced to our cloud server and visible to anyone:

• Room name and objective
• Activity feed (decisions, milestones, financial events — only events marked as public)
• Account balance (read from a public payment network, where applicable)

Making a room public is entirely voluntary. You can toggle visibility at any time in Settings.

2.4 Information Collected by the Website

The website at quoroom.ai may collect anonymous usage data through standard web analytics. No personal information is collected.

3. Third-Party Services

Quoroom connects to the following third-party services during normal operation:

• Claude CLI (by Anthropic) — the queen agent uses Claude CLI for inference. Prompts are sent to Anthropic's API. This is governed by Anthropic's privacy policy.
• Ollama — worker agents use Ollama for local inference. All data stays on your machine. No data is sent to external servers.
• Base L2 (Ethereum) — payment transactions may be broadcast to a public network and are visible by nature.
• Cloud station providers — if agents provision cloud servers (Fly.io, E2B, etc.), those interactions are governed by the respective provider's terms.

Quoroom does not sell, rent, share, or otherwise transfer your data to any third party, except as described above.

Quoroom is not affiliated with Anthropic or OpenAI.

4. Cookies

The Quoroom application does not use cookies.

The Quoroom website may set cookies through analytics services. You can control or disable cookies through your browser settings.

5. Data Retention

• Application data — rooms, goals, decisions, and all other data are stored on your machine indefinitely until you choose to delete them.
• Public room data — synced to our cloud server while the room is public. Removed within 30 days of toggling to private.
• Telemetry data (if opted in) — heartbeat data is not persisted. Only aggregate counts are maintained.

6. Data Security

Quoroom is designed with a local-first security model:

• All data is stored in a local SQLite database with no network exposure by default.
• Payment signing credentials are encrypted before storage.
• The HTTP server binds to 127.0.0.1 (localhost only) by default. No external access.
• API requests require a bearer token generated on startup (CSRF protection).
• The database uses WAL mode for data integrity and crash resilience.

While we take reasonable measures to protect the integrity of your local data, no software can guarantee absolute security. You are responsible for securing access to your computer.

7. Your Rights

Because Quoroom stores all data locally, you have full and immediate control:

• Access — your data is a SQLite file you can open, query, and inspect at any time.
• Deletion — delete individual items through the application, or remove all data by deleting the database file.
• Portability — export your data by copying the SQLite file. Standard, open format.
• Correction — edit any data through the application interface or MCP tools.

Quoroom does not sell your personal information. If you are in the EEA, UK, or California, the rights afforded by GDPR, UK GDPR, or CCPA/CPRA are inherently satisfied by the local-first architecture.

8. Payment Network Data

Quoroom may use public payment networks for agent expenses. Transactions on public networks can be permanent and difficult to reverse. Account addresses and transaction amounts may be visible to others. This is inherent to the network design and not something Quoroom controls.

Quoroom does not issue investment products and will never request passwords, recovery phrases, or signing credentials. Always verify official channels before trusting third-party promotions or payment-related messages. Report impersonation or scam activity to hello@quoroom.ai.

9. Children's Privacy

Quoroom is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes are visible in the repository's commit history. Continued use after changes constitutes acceptance.

11. Contact

Questions about this policy:

• Email: hello@quoroom.ai
• GitHub: github.com/quoroom-ai/room/issues