Privacy & Data Practices

Last updated: January 2026

The Short Version

Enzyme uses AI to understand your notes. When you initialize and generate catalysts, note excerpts are processed by our AI providers. When you push to our servers, you can explore your thinking conversationally from anywhere.

Your raw files stay on your device. We store catalysts and embeddings—distilled excerpts, not your full notes. We don't sell your data, we don't train AI on it, and we don't share it.

Our Commitment

You're trusting us with your thinking—notes that contain personal reflections, half-formed ideas, things you're still figuring out. We don't take that lightly.

  • US-based AI providers only. We use AI providers headquartered in the United States with enterprise-grade privacy commitments. Your data never routes through servers in jurisdictions with weaker privacy protections.
  • No training on your data. Our AI providers contractually commit to not using API data for model training. Your notes stay yours.
  • Enzyme as the trust layer. We vet our providers and maintain strict data handling agreements. You don't need to evaluate every AI company—that's our job.

How It Works

Enzyme helps you explore your own thinking, but that requires AI to understand what you've captured. Here's what happens at each step:

When you initialize

You run enzyme init. AI analyzes your vault structure to understand what patterns exist, what entities matter, and how to organize insights. This sends excerpts of your notes to our AI providers. There's no fully offline initialization; AI understanding is what makes Enzyme work.

When you generate catalysts

Enzyme distills your notes into catalysts using AI. Your note content is sent to our providers for processing. Per our agreements, this data is not stored or used for training.

When you push (opt-in)

You run enzyme push to sync catalysts to our servers. This enables conversational exploration of your vault via MCP, so AI can help you multiply your ideas from anywhere.

What We Collect

Account Information (when you sign up)

  • Google account email (via OAuth 2.1)
  • Authentication tokens (for secure access)
  • Subscription status

Pushed Data (only if you run enzyme push)

  • Catalysts derived from your notes
  • Relevant note excerpts
  • Entity references (tags, concepts)
  • Semantic embeddings for similarity search

What never gets stored on our servers

  • Your full, raw markdown files
  • Your full vault structure

Anonymous Analytics

  • App version, OS type
  • Feature usage patterns (not content)
  • Error and crash reports (no personal data)

How We Protect Your Data

Your pushed data is protected by multiple layers:

Encrypted in Transit

All connections use TLS 1.3. Data is encrypted between your device and our servers.

Encrypted at Rest

Our database provider encrypts stored data on disk using AES-256. This protects against physical disk access and backup theft. Encryption keys are stored separately from data.

What at-rest encryption does NOT protect against: application-level access. Database administrators with appropriate access could technically read your data. This is standard for managed database services.

User Isolation

Row-Level Security policies ensure API requests only return your own data. Even with valid credentials, users cannot access each other's catalysts.

Secure Authentication

OAuth 2.1 via Google with automatic token refresh. No passwords stored on our side.

What we don't claim

We don't offer zero-knowledge or end-to-end encryption. To provide AI integration, our servers must process your catalysts. We can technically read what you push. We don't, except to debug issues you report. But we won't pretend otherwise.

AI Processing

Our AI Providers

We exclusively use AI providers that meet our standards:

  • Headquartered in the United States
  • Enterprise-grade data handling agreements
  • Contractual commitment to not train on API data
  • SOC 2 certified or equivalent security standards

We regularly evaluate our providers and will update this policy if we make changes. Your data never goes to providers in jurisdictions with weaker privacy protections.

Local Embeddings (optional)

Semantic search can use local models (ONNX/CoreML) that run entirely on your device. This means similarity search works without external API calls.

Remote MCP (opt-in via push)

When you connect your AI assistant to your vault:

  • AI reads catalysts you've pushed to our servers
  • AI generates responses based on your captured thinking
  • This is the whole point: AI that understands your notes

The value exchange: You share your thinking with AI so it can help you explore it. Enzyme doesn't work without AI processing; that's the product.

Your Rights & Controls

Delete Everything

Run enzyme push --clear to remove all pushed data from our servers. This is immediate and permanent. Your local vault is unaffected.

Revoke MCP Access

Disconnect AI from your vault through your account settings. Pushed data remains until you explicitly delete it.

Stay Local

You can use Enzyme indefinitely without ever creating an account or pushing data. Local search, local embeddings, local insights.

Use Your Own AI Provider

If you prefer your data never touch Enzyme's servers, you can use your own AI credentials:

ANTHROPIC_API_KEY=<your-key> OPENAI_API_KEY=<your-key> enzyme init

When you provide your own credentials, Enzyme connects directly to your AI provider. No data routes through our servers for initialization or catalyst generation.

GDPR/CCPA

We comply with privacy regulations. Email support@enzyme.garden for data requests.

Contact

Questions about our privacy practices? Reach us at support@enzyme.garden.