Privacy Policy — MokingBird AI
MokingBird Oy | Business ID: 3615646-1 | Finland
Last updated: April 2026
This policy covers all MokingBird AI products and websites, including:
- https://ai.mokingbird.xyz/
- https://ai.mokingbird.xyz/mbrag
- https://ai.mokingbird.xyz/datagen
- https://ai.mokingbird.xyz/finetune
Introduction
MokingBird AI is a suite of desktop applications developed by MokingBird Oy. This Privacy Policy describes how our AI products handle your data. It applies to:
- MokingBird Node — the desktop hub application
- mbRAG — Retrieval-Augmented Generation framework
- mbDataGen — Synthetic dataset generation platform
- mbFT — Universal fine-tuning platform
All of the above are desktop applications that run locally on your device. They were designed from the ground up with a core architectural commitment: your data stays on your machine.
This is not a privacy policy that describes what we do with data we've collected about you. It is a policy that explains why we collect essentially none, and what limited data interactions do exist.
Contact us for privacy inquiries at [email protected].
1. Our Privacy Commitment
MokingBird AI products are built on the principle that the model comes to your data, not the other way around.
When you use mbRAG to query your documents, those documents are processed on your hardware. When you use mbDataGen to generate training data from your corpus, that corpus stays on your machine. When you use mbFT to fine-tune a model, the resulting model is yours — we have no visibility into it.
This is not a product feature. It is the architecture. There are no MokingBird servers receiving your documents, queries, datasets, or model outputs during normal application operation.
2. Data We Collect During App Operation
During normal operation of any MokingBird AI application: none.
Specifically, the following are never transmitted to MokingBird servers:
- Documents you load into mbRAG
- Queries you submit to any pipeline
- Vector embeddings or index files created on your machine
- Datasets generated by mbDataGen
- Model weights or fine-tuning results produced by mbFT
- Your configuration files or settings
- Your usage patterns, session duration, or feature usage statistics
- Crash reports or error logs
- Any other information generated during app use
There is no background analytics process. There is no telemetry SDK. There is no crash reporter sending data to our servers. If you want to verify this, you can monitor the application's network activity — you will find nothing from the app itself during normal operation.
3. Your API Keys
Many users connect MokingBird AI tools to external LLM providers (OpenAI, Anthropic Claude, Google Gemini) or embedding providers (Cohere, HuggingFace API). To do so, you provide API keys.
Your API keys:
- Are stored locally on your device (in a configuration file or OS keychain, depending on your platform)
- Are never transmitted to MokingBird servers
- Are sent only to the third-party provider you are connecting to (e.g., an OpenAI API key is sent to OpenAI's servers when you make a query, exactly as it would be in any OpenAI client)
- Are not logged or cached by MokingBird systems
MokingBird Oy has no access to your API keys.
4. Documents and Data You Process
When you feed documents into mbRAG, generate data with mbDataGen, or provide training data to mbFT:
- All processing happens on your machine using your hardware (CPU/GPU)
- Document contents are loaded into memory locally and never transmitted over the network to MokingBird
- Vector stores (embeddings databases) are saved locally to a directory you control
- Generated datasets are written to local files on your machine
- Fine-tuned model checkpoints are saved to local directories on your machine
The only exception is if you have configured a cloud LLM provider: in that case, queries sent to that provider (e.g., OpenAI API) are governed by that provider's own privacy policy. MokingBird has no control over, or access to, what you send to those providers.
5. LLM Provider Privacy
MokingBird AI supports both local LLMs (via Ollama, llama.cpp, HuggingFace local, vLLM) and cloud LLMs (OpenAI, Anthropic, Google Gemini).
When using local LLMs: All queries stay entirely on your device. No internet connection is required. Complete privacy end-to-end.
When using cloud LLMs: Your queries are sent to the provider's API servers (e.g., api.openai.com). This is governed by OpenAI's, Anthropic's, or the relevant provider's privacy policy — not ours. MokingBird is a client that calls the API on your behalf using your key. We do not see, log, or store those queries.
We recommend reviewing the privacy policy of any cloud LLM provider you connect to MokingBird AI tools.
6. Optional Update Checks
MokingBird AI applications may offer optional checks for software updates. When an update check occurs:
- A single HTTPS request is made to our release endpoint (GitHub Releases)
- The request contains: current application version, your operating system type
- No personal data, user ID, API keys, or document data is included
- The response contains: latest version number and release notes
You can disable automatic update checks in the application Settings.
7. Data We Do Not Intend to Collect by Default
For local-first product operation, we do not require or intend to collect:
- Mandatory account creation for basic desktop usage
- Broad behavioral tracking for advertising or profiling
- User dataset content for data brokerage or model training
- File contents processed during app operation
This is architectural, not just a policy statement — the app has no mechanism to transmit these data types in local mode.
8. No Telemetry, No Analytics
Our applications contain no:
- Analytics SDKs (Google Analytics, Mixpanel, Amplitude, etc.)
- Crash reporting services (Sentry, Bugsnag, etc.)
- Usage tracking or feature analytics
- Session recording or heatmapping
We do not know how you use the software. We do not track which features you use, how many documents you process, or what models you fine-tune. This is intentional.
9. Website Analytics (ai.mokingbird.xyz)
The MokingBird AI website may use privacy-friendly, cookieless web analytics (such as Plausible or Cloudflare Web Analytics) to understand aggregate traffic patterns. If analytics are in use, they:
- Do not track individual users
- Do not use cookies
- Do not build behavioral profiles
- Collect only aggregate page view counts and referrer data
We will update this section if our analytics setup changes.
10. International Transfers
MokingBird Oy is based in Finland, within the EU. Where infrastructure services process data outside the EU/EEA, we apply required GDPR safeguards including standard contractual clauses or adequacy decisions where applicable.
11. Your GDPR Rights
As a user in the European Union (or anyone protected by GDPR-equivalent legislation), you have the following rights:
- Right of access — Request information about personal data we hold about you
- Right to erasure — Request deletion of your personal data
- Right to rectification — Request correction of inaccurate data
- Right to portability — Receive your data in a machine-readable format
- Right to object — Object to processing of your data
- Right to withdraw consent — Withdraw consent for any processing based on consent (e.g., newsletter subscriptions)
Since our desktop applications collect no personal data, most of these rights are satisfied by design. For any data held through website contact forms, newsletter subscriptions, or support tickets, contact [email protected]. We respond within 30 days.
12. Data Retention (Website and Support)
| Data type | Retention |
|---|---|
| Website server logs | 30 days |
| Contact form submissions | 90 days after resolution |
| Newsletter subscriptions | Until you unsubscribe |
| Support ticket history | 1 year after resolution |
Application data (documents, models, configurations, datasets) is stored only on your device. We have no copies.
13. Children's Privacy
MokingBird AI products are professional developer and researcher tools. They are not intended for use by children under 13. We do not knowingly collect personal information from children under 13. Since the applications collect no personal data during operation, there is no such data at risk. If you believe a child has used these applications in a way that has generated personal data, contact [email protected].
14. Changes to This Policy
We will update this policy when our data practices change. Material changes will be noted on the website and in the application's release notes. The "Last updated" date at the top of this document will always reflect the most recent revision.
15. Contact
MokingBird Oy Business ID: 3615646-1 Finland
- Privacy: [email protected]
- Security issues: [email protected]
- AI product inquiries: [email protected]
- General: [email protected]
This document is a working baseline and should be reviewed by legal counsel before production publication.