FeaturesDiscussionsPreviewSkillsMobileOrchestrationDocs
Theme
Get Started

Privacy Policy

Last updated: April 1, 2026

1. Introduction

Buildersoft LLC ("we," "our," or "Buildersoft") operates Sophon, an AI personal assistant platform. This Privacy Policy explains how we handle information in connection with the Sophon software, the Sophon website (sophon.buildersoft.io), and related services.

Core principle: Sophon is a self-hosted platform. When you run Sophon on your own infrastructure, your data stays on your infrastructure. We do not collect, access, store, or process your conversations, memory, documents, credentials, or any runtime data.

2. What We Do Not Collect

When you self-host Sophon, the following data remains entirely on your servers and is never transmitted to Buildersoft:

  • Conversations and chat history
  • Agent memory (short-term and long-term)
  • Uploaded documents and processed content
  • API keys, OAuth tokens, and credentials
  • Channel configurations and message content
  • Workflow definitions and execution data
  • User profiles and authentication data
  • Usage analytics or telemetry

Sophon contains no telemetry, analytics, tracking pixels, or phone-home mechanisms. The software makes no outbound connections to Buildersoft servers.

3. What We May Collect

3.1 Website

When you visit our website, we may collect standard web server logs (IP address, browser type, pages visited) for security and operational purposes. We do not use third-party analytics or advertising trackers.

3.2 Contact Forms

If you contact us through our website, we collect the information you voluntarily provide (name, email, message content) to respond to your inquiry.

3.3 License Verification

Pro and Enterprise tier licenses may periodically verify license validity with our licensing server. This transmits only the license key and a hardware fingerprint. No user data, usage metrics, or content is included.

3.4 Marketplace

If you use the Sophon Marketplace to browse or install skills, requests are made to the Marketplace API. These requests include your Sophon instance version and the skill being requested. No conversation data, memory, or credentials are transmitted.

4. Third-Party Services

Sophon connects to third-party services only when you explicitly configure them:

  • LLM Providers (Anthropic, OpenAI, Google, Ollama, etc.) — conversation content is sent to your chosen provider according to their privacy policy.
  • Channel Platforms (Telegram, WhatsApp, Slack, etc.) — messages are exchanged with these platforms according to their respective policies.
  • Integration Services (GitHub, Jira, Google Calendar, etc.) — data is exchanged only when you install and configure the corresponding skill.

You choose which providers and services to connect. Sophon ships with zero pre-configured external connections.

5. Data Storage & Security

All Sophon runtime data is stored in the ~/.sophon directory on your host. Credentials are encrypted at rest using AES-256-GCM. Key management uses your operating system's secure storage (DPAPI, Keychain, or libsecret). Enterprise deployments can integrate with HashiCorp Vault, AWS Secrets Manager, or Azure Key Vault.

6. Children's Privacy

Sophon is not directed at children under 13. We do not knowingly collect personal information from children.

7. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Material changes will be communicated through the Sophon changelog.

8. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@buildersoft.io.