Privacy Policy

What Alexandria is

Alexandria is Greek philosophy infrastructure. It helps you build a structured picture of how you think — your Constitution — stored as markdown files on your own machine at ~/.alexandria/. Alexandria does not host, store, or retain your cognitive data.

Your data stays on your machine

Your Constitution, Vault, feedback log, notepad, and ontology are local markdown files on your device. They never leave your machine. Alexandria's server cannot access, read, or retrieve them. This is not a policy — it is architecture. There is no mechanism in the system for your private cognitive data to reach our servers.

What we store

Alexandria's server stores three categories of data, all on Cloudflare infrastructure:

Account records (KV) — your GitHub username, email address, API key, and billing status. Created when you sign up via GitHub OAuth.

Anonymous session metadata (KV) — when sessions start and end, constitution file size, vault entry count, platform type. Never content. Never personal information. Used to verify the product is working and to improve the methodology.

Published Library content (D1 + R2) — if you choose to publish shadow MDs, works, or quizzes to the Library, that published content is stored on our infrastructure. Publishing is an explicit, deliberate act — you review and approve everything before it leaves your machine. You can unpublish at any time.

Authentication

Account creation uses GitHub OAuth. Ongoing authentication uses an API key issued at signup. Your API key is stored in our KV alongside your account record and sent in the Authorization header on each request. The key authenticates your access to the Blueprint and Library APIs.

The Blueprint

Every session, your AI fetches Alexandria's Blueprint — the methodology that guides cognitive extraction and development. This is a text document served from our server. It contains no personal data. It is the same for all Authors. The Blueprint is readable — you can inspect exactly what instructions your AI receives.

Payments

Payments are processed by Stripe. Alexandria does not store credit card numbers or financial credentials. Stripe's privacy policy governs payment data.

Data retention

Account records are stored indefinitely while your account is active. Anonymous session metadata is stored in daily event logs with no expiration. User feedback submitted via the product is stored for 90 days. Published Library content is stored until you unpublish it or request deletion. There is no hidden retention beyond what is described here.

Your rights

Your cognitive data is yours. It lives on your machine. You can read, edit, move, or delete it at any time — it is markdown files in a folder. Deleting ~/.alexandria/ removes everything local.

Under GDPR, CCPA, and equivalent data protection laws, you have the right to:

Access — request a copy of all data we hold about you (account record, session metadata, published Library content).

Rectification — correct any inaccurate data in your account record.

Erasure — request deletion of your account and all associated data. Email us and we will delete your account record, session metadata, and any published Library content within 30 days.

Portability — your cognitive data is already on your machine in open markdown format. For server-side data, we will provide your account record and published content in JSON/markdown format on request.

Objection — you may object to processing of your session metadata. Email us and we will stop collecting it for your account.

To exercise any of these rights, email benjamin@mowinckel.com.

No tracking

Alexandria does not use cookies, third-party analytics, advertising trackers, or fingerprinting on any surface. The website, the server, and the product are tracking-free.

Contact

Benjamin Mowinckel — benjamin@mowinckel.com