?

Data handling

rousseau-agent is self-hosted. When the operator runs the daemon on their own infrastructure, no data leaves that infrastructure except the LLM call itself.

There is:

  • No telemetry endpoint. rousseau makes no calls to rousseau-agent.dev or any other author-controlled server at runtime.
  • No SaaS control plane. There is no license server, no cloud dashboard, no phone-home.
  • No usage analytics. The daemon does not report which tools were invoked, how many turns ran, or what models were called.
  • No crash reporting. Crashes surface in local logs (journalctl --user -u rousseau-agent.service). No stack traces are shipped anywhere.

Where session data lives

Data Location Encryption at rest
Sessions (message history) ~/.local/share/rousseau/sessions.db Filesystem-level only (LUKS / FileVault if the operator configured it).
Cron jobs Same SQLite database Same.
WhatsApp device pairing ~/.local/share/rousseau/whatsapp.db Same.
Log output systemd journal (typically ~/.local/state/) Same.
Config file ~/.config/rousseau/config.yaml Same.
claude CLI OAuth tokens ~/.claude/ Same.

None of these are transmitted anywhere by the daemon.

LLM providers

The LLM provider is the one external touchpoint. Every provider has its own data-handling and retention policy — none of which rousseau controls:

Provider Retention policy
claudecli Whatever the local claude CLI is configured to send. Typically Anthropic's standard retention.
Anthropic direct See https://www.anthropic.com/legal/aup
AWS Bedrock Contract-defined; typically no long-term retention for inference traffic on Bedrock.
Google Vertex AI Contract-defined; typically no long-term retention for Vertex inference.
OpenAI-compatible Depends on the endpoint. Ollama and self-hosted vLLM retain nothing external; OpenAI and OpenRouter have their own policies.

Choose the provider whose retention policy matches your operational requirements. For the strictest posture, run against a self-hosted Ollama, vLLM, or LM Studio — no data leaves your infrastructure.

Transport-side data

Chat transports send messages through the vendor's servers (WhatsApp, Signal, Slack, Discord, etc). Each has its own data-handling posture. rousseau does not add a layer on top of them — the vendor sees whatever the underlying protocol shows them, which is protocol-specific:

  • Signal and WhatsApp: end-to-end encrypted; the vendor sees metadata but not message content.
  • Slack, Discord: not end-to-end encrypted; the vendor sees message content.
  • Matrix: end-to-end encrypted when the room is E2E-enabled; server-side otherwise.
  • Email: not end-to-end encrypted unless you layer PGP or S/MIME on top (rousseau does not).
  • iMessage: end-to-end encrypted; BlueBubbles sits between rousseau and Apple.

Deleting a session

Sessions are rows in a SQLite database. Delete with:

rousseau session delete <session-id>

Or drop the entire database:

rm ~/.local/share/rousseau/sessions.db

The next startup will re-create an empty one. This also purges the FTS5 cross-session recall index.

Third-party dependencies

go.mod lists every dependency. None of them are configured to phone home. Build-time dependencies (linters, static analysers) run in CI only. Runtime dependencies are enumerated in the CycloneDX SBOM attached to every release.

Type to search 150+ pages. Ranking: BM25 with title/description boost.