Privacy Policy — Local Infrastructure Platform Use of My Data
Audience: Mark Myers (internal reference)
Purpose: Documents how the Local Infrastructure platform handles my data on this system
Effective Date: March 2, 2026
Governing Document: CONSTITUTION.md ("How I Work With AI," v5)
What This Covers
This document describes what data the Local Infrastructure platform accesses, stores, transmits, and retains on the Mac Mini where Golgi operates. It is a self-audit, not a legal compliance document. It exists so I know exactly what my agent touches and where my data goes.
What Local Infrastructure Accesses on This Machine
Local Infrastructure operates under a single-user personal assistant trust model. The agent has broad access to the local system within the scope I've configured:
File system access:
Full read/write access to ~/.local-infra/workspace/ (governance files, memory, project files)Full read/write to ~/.local-infra/ (configuration, credentials, session transcripts, logs)Shell access via tool use (can execute commands, read/write files, run scripts)Access to any file or directory the OS user account can reachMessaging channels:
Telegram messages sent to/from the bot account (processed in real time)SMS messages routed through Twilio webhook (queued in Firebase, relayed via Telegram)Potential access to Discord, WhatsApp, or other channels if configuredNetwork access:
Web browsing and search via tool useAPI calls to external services (GitHub, Vercel, Firebase, etc.)Outbound HTTP requests as needed for tool execution
What Data Flows to Anthropic's API
Every interaction with Golgi sends data to Anthropic's Claude API for processing. This includes:
Message content: The text of my messages and Golgi's responsesSystem prompts: Workspace governance files loaded at session start (CONSTITUTION.md, SOUL.md, USER.md, AGENTS.md, etc.)Tool use context: Commands executed, file contents read, search results — anything that enters the conversation context windowSession history: Prior messages in the current session (conversation context)What Anthropic does with API data (as of March 2026):
API data is retained for 7 days (reduced from 30 days as of September 2025), then automatically deletedAPI data is not used for model training under commercial/API termsOrganizations can opt into 30-day retention for audit purposes via Data Processing AddendumFlagged content may be retained up to 2 years (inputs/outputs) or 7 years (trust & safety scores) if a safety policy violation is detectedWhat this means in practice: Every governance file, every memory entry, every message I send through Golgi passes through Anthropic's infrastructure. It's processed, held briefly, and deleted. But during that window, it exists on their servers.
What Data Is Stored Locally vs. Transmitted
Data Type
Stored Locally
Transmitted Externally
Governance files (CONSTITUTION.md, SOUL.md, etc.)
Yes — ~/.local-infra/workspace/
Yes — loaded into API context each session
Memory files (MEMORY.md, daily notes)
Yes — ~/.local-infra/workspace/memory/
Yes — loaded into API context when read
Session transcripts
Yes — ~/.local-infra/agents/*/sessions/*.jsonl
No — stored locally only
Configuration and credentials
Yes — ~/.local-infra/local-infra.json, credentials/
No — used locally for auth
Telegram messages
Processed in transit
Yes — Telegram servers + Anthropic API
SMS messages
Queued in Firebase
Yes — Twilio + Firebase + Anthropic API
Shell command output
Transient (in context window)
Yes — enters API context if part of conversation
Screenshots and images
Yes — ~/.local-infra/workspace/screenshots/
Only if explicitly sent via Telegram or entered into context
Gateway logs
Yes — ~/.local-infra/logs/
No — local only
Token and Credential Handling
Credentials are stored locally under ~/.local-infra/ in the following locations:
Gateway auth token: local-infra.json or environment variableAnthropic API key: Agent auth profileTelegram bot token: Channel config or environment variableFirebase/Twilio credentials: Environment variables or config filesGitHub tokens: Environment variablesLocal Infrastructure does not provide built-in encryption for stored credentials. Protection relies on:
OS-level file permissions (directories at 700, files at 600)Full-disk encryption on the host (FileVault on macOS)Environment variables preferred over config file storage where possibleThe security hardening completed in late February 2026 addressed file permissions, credential isolation, and gateway authentication.
Memory and Persistence
Golgi maintains persistent state across sessions through:
MEMORY.md — Curated long-term memory, updated by the agent during main sessionsDaily memory files — memory/YYYY-MM-DD.md, raw logs of session activitySession transcripts — Full conversation logs stored as JSONL filesSQLite databases — Performance tracking (e.g., golgi_performance.db)Heartbeat state — JSON file tracking periodic check-in statusAll persistent data is stored locally on the Mac Mini. Session transcripts may contain any data that entered the conversation — including file contents, personal messages, command output, and API responses.
What I Can Delete, Export, or Audit at Any Time
Full control over all local data:
Delete any file under ~/.local-infra/ at any timeExport workspace files, memory, and transcripts by copying themAudit session transcripts to see exactly what was sent and receivedReview gateway logs for operational historyGit history (as of March 2, 2026) provides version tracking for governance filesAPI-side data:
Cannot delete data during Anthropic's 7-day retention window (it auto-deletes)Can review Anthropic's data handling via their Privacy Center (https://privacy.claude.com)Not opted into extended retention or training data contribution
Local Infrastructure's Own Privacy Posture
Local Infrastructure is an open-source, self-hosted platform. There is no centralized Local Infrastructure service collecting data from users. As noted in their security documentation: the platform operates on a personal assistant trust model where the operator (me) controls the trust boundary.
Local Infrastructure does not have a traditional privacy policy because it doesn't collect user data — it runs on my hardware, under my control. The privacy implications are defined by how I configure it and which external services I connect.
Risks I've Accepted
By running an autonomous agent with shell access, I've accepted the following:
Broad local access: Golgi can read/write any file my user account can reach. A misconfigured or compromised agent could access sensitive data beyond the workspace.API data exposure: Every conversation passes through Anthropic's infrastructure. Even with 7-day deletion, data exists on external servers temporarily.Credential proximity: API keys, tokens, and credentials are stored on the same machine the agent operates on. Defense relies on file permissions and OS-level encryption.Messaging channel exposure: Messages processed through Telegram and SMS pass through third-party infrastructure (Telegram servers, Twilio, Firebase).Session transcript accumulation: Conversation logs grow over time and may contain sensitive data from past sessions if not pruned.Agent autonomy risk: Golgi can execute shell commands, write files, and take actions without per-action approval. The governance framework (CONSTITUTION.md, SOUL.md) constrains this, but the technical capability is broad.
Institutional Data Boundary
No student records, protected educational data, or institutionally governed data enters this system. This is a hard constraint established in CONSTITUTION.md. FERPA-protected information, Augusta University student data, and any information governed by institutional data policies are never processed through Local Infrastructure, Golgi, or any connected service.
This system processes Mark's personal and professional communications, drafts, and operational data only.
*This document is part of the privacy policy suite. See also: PERSONAL_DATA_AGENTIC.md, PERSONAL_DATA_EXTERNAL.md, PUBLIC_USER_PRIVACY_POLICY.md.*
*Governing document: CONSTITUTION.md ("How I Work With AI," v5)*