Legal

Privacy Policy

Last updated: June 9, 2026

Overview

Purple is a local-first application. Your data lives on your device. This policy explains what data Purple stores, where it goes, and what the author (Matt Mierzwinski) does — and does not — receive.

Short version: Purple does not send any data to the author. Everything stays on your device unless you explicitly connect to a cloud-hosted AI model or a third-party service such as Google or Dropbox.

1. Data stored on your device

All application data is stored locally in a SQLite database at ~/.purple/purple.db. No copy of this data is transmitted to the author or any author-operated server. This includes:

  • Conversation history and messages
  • Persistent memories (facts you ask Purple to remember)
  • OAuth access tokens for Google and Dropbox integrations
  • Shell command approval preferences
  • Application settings (server URLs, API keys you configure)

2. AI model processing

Purple sends your prompts and conversation context to an Ollama server for language model inference.

Local models (default): If Ollama is running on your own machine (the default endpoint is http://localhost:11434), all AI processing happens entirely on your device. No data leaves your machine for model inference.

Cloud-hosted models: Ollama offers cloud-hosted model tiers. If you configure Purple to use one (for example by running ollama pull gemma4:31b-cloud), your prompts and conversation context are sent to Ollama's servers for processing. The author does not receive or have access to this data. Please review Ollama's Privacy Policy for details on how they handle that data.

3. Google Workspace integration

Connecting your Google account is entirely optional. If you do, Purple can read and send Gmail, manage Calendar events, and search or edit Google Drive documents — but only when you ask it to. Purple complies with the Google API Services User Data Policy, including its Limited Use requirements.

What Purple can access (only the scopes necessary to carry out actions you explicitly request — no background access):

  • Gmail (gmail.modify scope) — email subjects, senders, recipients, message bodies, and labels. Purple can search your inbox, read threads, send emails, and save drafts.
  • Google Calendar (calendar scope) — event titles, times, descriptions, and attendees. Purple can list, create, update, and delete events.
  • Google Drive / Docs (drive scope) — file names and the text content of Google Documents. Purple can search your Drive, read documents, and create or edit them.

How it's used: Purple only accesses Google data to carry out actions you explicitly ask for (e.g. "summarize my unread emails" or "schedule a meeting for tomorrow"). It does not access Google data in the background or for any purpose beyond executing your instructions. That data is passed to the AI model running on your own machine and is not sent to the author or any other third party. The one exception: if you configure Purple to use a cloud-hosted Ollama model, Google user data included in your prompts will be processed by Ollama's servers — see Ollama's Privacy Policy. Google user data is never shared with any other third party.

Storage and deletion: Your Google OAuth token is saved in ~/.purple/purple.db on your device only — it is not retained on any server. API requests go directly from your device to Google. Any Google data that surfaces in a conversation may be saved in your local chat history; you can delete it at any time by clearing the database. You may also revoke Purple's access to your Google account at any time via Google Account Permissions.

No AI training: Google user data is never used to train, improve, or develop any AI or machine learning model, and is never shared with the author or any third party for that purpose.

Purple's use of Google APIs is also subject to Google's Privacy Policy.

4. Dropbox integration

If you authorize Purple's Dropbox integration:

  • OAuth tokens are stored locally in ~/.purple/purple.db.
  • All API calls are made directly from your device to Dropbox's servers. No data is proxied through any author-operated infrastructure.
  • Use of Dropbox is subject to Dropbox's Privacy Policy.

5. Web search

If you configure a Brave Search API key or a SearXNG instance, search queries are sent directly from your device to those services. The author does not see, store, or process any search queries.

6. This website (getpurple.net)

This landing page may use Google Analytics 4 (GA4) to collect anonymous, aggregated usage statistics — page views, approximate geographic region, and browser type. No personally identifiable information is collected. No persistent analytics cookies are set by this site.

To opt out, use a browser extension that blocks requests to googletagmanager.com. No other tracking, cookies, or persistent storage is used on this website.

7. No telemetry from the application

The Purple application does not transmit telemetry, crash reports, usage statistics, or diagnostic data to the author or to any author-operated service. There is no analytics SDK, no error-reporting service, and no call-home mechanism in the application.

8. Children

Purple's Kids Friendly Mode and Kids Profile Mode adapt the assistant's behavior for younger users. These modes do not change how data is stored or transmitted — the same local-storage and direct third-party API practices described above apply regardless of operating mode.

9. Contact

For privacy-related questions, please contact the author or open an issue at the project repository.