Privacy & security
Grimoire is local-first: your notes, indexes, and assistant traffic to Ollama stay on your machine unless you explicitly turn on features that use the network (for example Wikipedia bundle catalogue fetch or downloading models through Ollama). There is no vendor-hosted Grimoire cloud that stores your vault or chat transcripts.
For where files live on disk, see Vault & data. For model and RAG details, see AI assistant.
What stays local by default
- Note bodies and metadata in your chosen vault directory (SQLite, attachments, LanceDB paths as implemented).
- Semantic indexes (LanceDB) used for search and RAG.
- Ollama requests to
http://localhost:11434— chat and embeddings hit your Ollama process, not a hosted Grimoire API.
Optional features such as Wikipedia catalogue download or pulling a model use the network in the ordinary way those tools do — Grimoire does not replace them with a silent telemetry channel.
Vault password vs folder password
| Vault password | Folder password | |
|---|---|---|
| Scope | The entire vault at rest | One folder (and its descendants, per app rules) |
| Crypto | AES-GCM with Argon2id key derivation (in-app Security copy) | Additional encrypted scope for sensitive subtrees |
| Password storage | Not stored — if you lose it, notes cannot be decrypted | Same expectation: treat passwords as irrecoverable secrets |
You can use only a vault password, only folder passwords, or both, depending on how you segment content.
Lock and unlock semantics
- Unlock — You enter the vault password (and folder passwords as needed) so encrypted content is readable in the session.
- Lock — Security settings or Ctrl+Shift+L (when a vault password exists) locks the vault again.
When locked:
- Notes in encrypted scope are hidden and not readable until unlocked again (matches feature guide and Security copy).
- Bulk Markdown export skips locked notes (
SettingsData.svelte). - Search / RAG do not silently use ciphertext you cannot read — treat locked trees as absent from normal assistant context until unlocked (see project narrative in the public roadmap / blog).
Audit log
The audit log is optional and entirely on-device. In Settings → Privacy, enabling it records privacy-sensitive actions to a local log — never transmitted (per in-app copy).
What gets recorded
The viewer labels actions roughly as follows (from AuditLog.svelte):
- Notes — open, create, update, delete, export
- Folders — create, rename, delete
- Search — full-text, semantic, or combined searches
- LLM — chat and “improve” style calls
- File scanner — scans and imports
- Wikipedia — read events
When “Log file access” is enabled and the audit log is on, file scanner reads are included too (SettingsPrivacy.svelte).
Retention and pruning
audit_retention_daysin settings:0means retain indefinitely (default). Any positive number auto-deletes entries older than that many days when the app starts, and you can Prune now from Privacy settings.- Clear log removes entries from the in-app log (destructive).
Export
From the Privacy section, the embedded audit viewer can export CSV or JSON to a path you choose. If some rows reference locked-folder notes, export may skip those rows and report how many were skipped (export result messaging in AuditLog.svelte).
What never leaves the machine (core product path)
- Your note text and vault files — unless you copy them, export them, or enable a separate tool (Ollama model mirrors, browser links from Help, and so on).
- Audit entries — stored and viewable only inside the app’s local storage for that vault.
See also
- Vault & data
- Settings glossary — Privacy, Security, Data
- Troubleshooting
- Marketing Help — short trust-oriented FAQ