SafeRag SE Privacy Policy
Last updated: February 8, 2026
SafeRag SE is built with absolute privacy as its foundation. All AI processing happens locally on your Mac using built-in models via llama.cpp and Apple Foundation Models. No data ever leaves your device. No cloud connections, no tracking, no accounts. Your conversations, documents, and data remain entirely yours.
Overview
SafeRag SE ("we", "our", or "us"), developed by Corixa, is a macOS application available on the Mac App Store for private AI conversations with RAG (Retrieval-Augmented Generation) capabilities. This privacy policy explains our commitment to your privacy and how SafeRag SE handles (or rather, doesn't handle) your information.
Our Privacy Commitment
SafeRag SE was created for individuals who want powerful AI capabilities without cloud exposure. We adhere to three core principles:
What SafeRag SE Does NOT Do
To be absolutely clear, SafeRag SE does not:
- Collect personal information - No registration, no accounts, no user tracking
- Transmit conversation data - All chat history stays on your Mac
- Upload documents to cloud - RAG documents are processed entirely locally
- Store data on servers - We don't operate any data storage servers
- Track usage analytics - No telemetry, no usage statistics, no behavior tracking
- Share data with third parties - No data sharing of any kind
- Use cookies or web trackers - No tracking technologies of any kind
- Require internet connection - Works completely offline after initial model download
How SafeRag SE Works
Built-In AI Processing (llama.cpp)
SafeRag SE uses llama.cpp, an open-source local AI inference engine, to provide conversational AI capabilities directly within the app:
- AI models run locally on your Mac using Apple Silicon's Neural Engine and GPU
- Conversations processed entirely on-device - no server component
- No internet connection required after initial model download
- You control which models are downloaded and can delete them anytime
- Model files stored within the app's sandboxed container
Apple Foundation Models (macOS 26+)
On macOS 26 (Tahoe) and later, SafeRag SE can use Apple's on-device Foundation Models:
- Runs through Apple's secure on-device infrastructure
- No model download required - available instantly
- All processing happens on-device through Apple's private AI framework
- Governed by Apple's own privacy commitments for on-device AI
Ollama (Optional)
SafeRag SE can optionally connect to Ollama if you have it installed:
- Ollama is not required - the built-in llama.cpp engine handles AI processing
- If used, Ollama runs locally on your Mac (localhost only)
- No data sent to external servers - communication stays on your machine
Local Data Storage (GRDB)
All your SafeRag SE data is stored locally on your Mac using GRDB.swift, a SQLite toolkit:
- Chat History: SQLite database within the app's sandboxed container
- RAG Documents: Vector embeddings stored via sqlite-vec in the local database
- Settings: Preferences stored locally within the app container
- Encryption Keys: Stored securely in macOS Keychain
Data location: ~/Library/Containers/io.corixa.SafeRagSE/
RAG Document Intelligence
When you add documents for RAG (Retrieval-Augmented Generation):
- Documents are processed locally to extract text content
- Text is chunked and converted to vector embeddings using local models
- Embeddings stored in the local SQLite database via sqlite-vec
- Similarity search and retrieval happens entirely on your Mac
- Original documents never leave your device
- You can delete documents and embeddings at any time
Supported Document Types
All processed locally without external services:
- PDF documents
- Plain text (.txt)
- Markdown (.md)
Watch Folder Automation
When using watch folder auto-ingestion:
- SafeRag SE monitors folders you explicitly grant access to
- New documents are automatically processed and indexed locally
- File access uses macOS security-scoped bookmarks within the App Sandbox
- No folder contents transmitted anywhere
- You control which folders are monitored and can revoke access anytime
Data Security
Your data is protected through multiple security layers:
- AES-GCM Encryption: Chat messages encrypted at rest with your passphrase
- macOS Keychain: Encryption keys and sensitive credentials stored in system Keychain
- App Sandbox: Mac App Store sandboxing prevents unauthorized access to other apps and system files
- PBKDF2 Key Derivation: Your passphrase is strengthened using PBKDF2 before use as an encryption key
- No Network Access: Core app functionality runs entirely offline
- User-Granted File Access: The app can only access files you explicitly grant permission to
Network Activity
SafeRag SE has minimal network requirements:
AI Model Downloads (One-Time)
Network activity occurs when downloading AI models for the built-in llama.cpp engine:
- Models downloaded from public model registries
- One-time download per model
- Models stored locally within the app's container, never re-downloaded
- You choose which models to download
App Store Purchase Verification
If you make in-app purchases:
- Purchase verification handled by Apple's StoreKit framework
- Transaction receipts validated through Apple's standard process
- No purchase data stored or processed by Corixa
- Transaction managed entirely by Apple
Apple Foundation Models (On-Device)
On macOS 26+, Apple Foundation Models process everything on-device:
- No network calls made by SafeRag SE for Foundation Model inference
- Apple manages the model infrastructure entirely on-device
- Subject to Apple's own privacy policy for on-device AI
No Analytics or Telemetry
Unlike most apps, SafeRag SE does not:
- Send crash reports
- Collect usage statistics
- Track feature usage
- Phone home with any data
Your Rights and Control
You have complete control over your SafeRag SE data:
Data Portability
- Export Chats: Export conversation history from within the app
- Access Data: All data stored in your app container is accessible to you
- Local Files: RAG documents remain as files on your Mac
Data Deletion
- Delete Messages: Remove individual messages from history
- Delete Sessions: Remove entire conversation sessions
- Delete Documents: Remove RAG documents and their vector embeddings
- Complete Removal: Uninstalling the app removes all data from the sandboxed container
Third-Party Services
llama.cpp (Built-In)
SafeRag SE includes llama.cpp for local AI inference:
- Open-source: llama.cpp is free, open-source software (MIT License)
- Embedded: Compiled into the app as an XCFramework - no external dependencies
- Local processing: Runs entirely on your Mac
- No telemetry: llama.cpp does not collect or transmit any data
- Source code: https://github.com/ggerganov/llama.cpp
Apple StoreKit
For Mac App Store distribution and in-app purchases:
- Governed by Apple's privacy policy
- Purchase data managed by Apple, not Corixa
- Apple's privacy policy: https://www.apple.com/legal/privacy/
Apple Foundation Models (macOS 26+)
On supported devices running macOS 26 or later:
- Provided by Apple as part of the operating system
- All inference runs on-device through Apple's private frameworks
- Governed by Apple's privacy commitments for on-device AI
- SafeRag SE sends prompts to the local Foundation Models API - no cloud involved
No Other Third Parties
SafeRag SE does not integrate with:
- Analytics services (Google Analytics, etc.)
- Crash reporting services (Sentry, etc.)
- Cloud storage services
- AI cloud services (OpenAI, Anthropic, etc.)
- Marketing platforms
- Any other external services
Children's Privacy
SafeRag SE is not directed at children under 13. We do not knowingly collect information from children under 13. The app requires macOS 15.0+ and is intended for personal use by adults. Since the app collects no data whatsoever, there is no risk of inadvertent data collection from minors.
Data Breach Notification
Since SafeRag SE processes all data locally with no cloud storage:
- There is no central database that could be breached
- Your data security depends on your Mac's security
- The App Sandbox provides an additional layer of protection
- Use a strong Mac login password and enable FileVault encryption
- Keep macOS and SafeRag SE updated via the Mac App Store
International Data Transfers
Not applicable. Since all data stays on your Mac, there are no international data transfers. Your data never leaves your device regardless of where you're located.
Changes to This Policy
We may update this privacy policy to reflect changes in SafeRag SE's functionality or legal requirements. Changes will be posted on this page with an updated revision date. Material changes will be announced via:
- Updated policy on this page
- Website announcement on corixa.io
- App Store update notes (when applicable)
Continued use of SafeRag SE after changes constitutes acceptance of the updated policy.
Questions About Privacy?
We welcome questions about SafeRag SE's privacy practices. Our architecture is simple: everything stays on your Mac. If you have specific concerns or need clarification:
- Email us at privacy@corixa.io
- Visit our support page at SafeRag SE Support
Contact Information
For privacy-related inquiries, data requests, or general questions:
- Email: privacy@corixa.io
- Support: support@corixa.io
- Website: https://corixa.io
- Product Page: https://corixa.io/products/saferag-se/saferag-se.html
Company: Corixa
Product: SafeRag SE for macOS
Distribution: Mac App Store
Jurisdiction: Iceland
Summary: What Makes SafeRag SE Different
Most AI tools require you to trust a company with your data. SafeRag SE is different:
This isn't just a privacy policy - it's our product architecture. Privacy isn't a feature; it's the foundation.