Security

Local-first by design

ArchHub is a desktop application. Your projects, your brain, your skills — they all live on your machine. The cloud backend is opt-in for collaboration, billing, and shared LLM proxy on paid tiers; even then it holds references, never resolved secrets.

What lives where

• Your machine: brain.db (skills + facts), .speckle/ commits (project state), 1Password / Windows Credential Manager refs to your API keys.
• Cloud (Fly.io): identity, plan tier, firm membership, billing state. Per-user brain replica synced via Loro CRDT — references only, no PII bodies.
• Never on cloud: resolved API keys, project drawings, full chat transcripts (unless you opt-in to telemetry).

Trust + compliance

See CAIQ_LITE.md + TRUST_CENTER.md in the repo for the full statement. GDPR delete is a one-button operation in Settings → Account — your cloud brain replica gets purged immediately and your auth tokens invalidated.