Cosmos Chat
Introduction
Cosmos Chat ("we", "our", or "the App") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application.
By using Cosmos Chat, you agree to the practices described in this Privacy Policy.
Overview
Cosmos Chat is an AI chat application that runs entirely on your device. All AI processing happens locally using downloaded models, ensuring your conversations remain private.
Key Privacy Points:
- All AI inference runs locally on your device
- Chat history is stored only on your device in an encrypted database
- Internet is only used to download AI models (one-time)
- Optional Hugging Face sign-in for accessing gated models
- No analytics, tracking, or advertising
- You control all your data
Information We Collect
Information You Provide
Chat Conversations
- Messages: Your chat messages and AI responses are stored locally in an encrypted Room database
- Conversation metadata: Titles, creation dates, and message counts
Hugging Face Account (Optional)
- OAuth tokens: Stored securely in EncryptedSharedPreferences (AES-256-GCM encryption)
- Username and avatar: Displayed in the app when signed in
- Purpose: Only used to download gated AI models from Hugging Face
Audio Input (Optional)
- Voice recordings: Processed in real-time for speech-to-text conversion
- Processing: Entirely on-device using Sherpa-ONNX, never transmitted
- Storage: Audio is immediately discarded after transcription
Automatically Collected Information
- App theme preference (light/dark/system)
- Chat engine preference (MediaPipe/llama.cpp)
- Debug logging preference (disabled by default)
Diagnostic Logs (User-Initiated Only)
- App logs are stored locally and only shared when you explicitly use "Share Logs" in Settings
- Logs contain technical debugging information, timestamps, and device metadata
- Logs do NOT contain your chat messages or personal conversations
Permissions We Request
| Permission | Purpose | Required |
|---|---|---|
| Internet | Download AI models from Hugging Face, Cloudflare R2, and GitHub | Yes (one-time) |
| Microphone | Voice input for speech-to-text (if voice features enabled) | No |
| Notifications | Show AI service status in notification bar | No |
| Boot Completed | Auto-start AI service for quick access | No |
| Foreground Service | Keep AI inference running reliably in background | Yes |
How We Use Your Information
Core Functionality
- Chat: Generate AI responses using on-device models
- History: Save and display your conversation history
- Voice Input: Convert speech to text for hands-free chatting
- Voice Output: Read AI responses aloud using text-to-speech
- Model Downloads: Fetch AI model files from authorized sources
Data Storage and Security
Storage Architecture
| Data | Location | Encryption |
|---|---|---|
| Chat messages | Room database (app internal storage) | Android file-based encryption |
| App preferences | DataStore (app internal storage) | Android file-based encryption |
| OAuth tokens | EncryptedSharedPreferences | AES-256-GCM |
| AI models | App internal storage | None (public model weights) |
| Debug logs | App cache directory | None |
On-Device AI Processing
All AI inference happens locally on your device:
- Chat models: Gemma 3 1B (MediaPipe) or Llama 3.2 3B (llama.cpp)
- Embedding model: Nomic Embed Text v1.5 for semantic search
- Speech-to-text: Whisper Tiny via Sherpa-ONNX
- Text-to-speech: Piper VITS via Sherpa-ONNX
Your prompts and conversations are NEVER sent to external servers for AI processing.
Data Sharing and Disclosure
We Do NOT Share Your Data
Cosmos Chat DOES NOT:
- Share your chat history with third parties
- Sell your personal information
- Transmit your conversations to external servers
- Use analytics or tracking services
- Display advertisements
Network Requests
The app only connects to the internet for:
- Model downloads: One-time download of AI models from Hugging Face, Cloudflare R2, or GitHub
- Hugging Face OAuth: Only if you choose to sign in for gated model access
Third-Party Services
Hugging Face (Optional)
- Purpose: OAuth authentication for downloading gated models
- Data shared: Only during OAuth flow (username, profile)
- Privacy Policy: https://huggingface.co/privacy
Model Hosting Services
- Hugging Face: Hosts Llama and Nomic embedding models
- Cloudflare R2: Hosts Gemma MediaPipe model
- GitHub: Hosts Sherpa-ONNX STT/TTS models
These services only see standard HTTP request metadata (IP address, user agent) during model downloads.
On-Device Libraries
- MediaPipe LLM Inference: Google's on-device AI SDK (no data transmission)
- llama.cpp: Open-source local inference (no data transmission)
- Sherpa-ONNX: On-device speech processing (no data transmission)
- AppAuth: OAuth library for Hugging Face sign-in
Data Retention
User Control
- You control all data: Everything is stored locally on your device
- Delete conversations: Remove individual chats from within the app
- Clear all data: Use Android Settings > Apps > Cosmos Chat > Clear Data
- Sign out of Hugging Face: Removes OAuth tokens from the device
App Uninstallation
- Deleted: All chat history, preferences, tokens, logs, and AI models
- Nothing retained: No cloud backup, no external storage
Your Privacy Rights
You have complete control over your data:
- Access: View all conversations within the app
- Modification: Edit or delete messages and conversations
- Deletion: Remove all data by clearing app data or uninstalling
- Portability: Your data stays on your device
- Withdraw consent: Revoke permissions anytime in Android Settings
Children's Privacy
Cosmos Chat is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.
Changes to This Privacy Policy
We may update this Privacy Policy for:
- Changes in legal requirements
- New features or functionality
- Improvements to security practices
Notification: Updates will be posted on this page with a new effective date.
Contact Information
If you have questions about this Privacy Policy:
Email: support@cosmosone.cloud
Subject Line: [Cosmos Chat Privacy]
Website: https://cosmosone.cloud
Response Time: Within 5 business days
AI Model Licenses
| Model | License | Terms |
|---|---|---|
| Gemma 3 1B | Gemma Terms of Use | View Terms |
| Llama 3.2 3B | Llama 3.2 Community License | View Terms |
| Nomic Embed | Apache 2.0 | View Terms |
| Whisper Tiny | MIT | View Terms |
| Piper TTS | MIT | View Terms |
Summary
| Aspect | Details |
|---|---|
| AI Processing | 100% on-device, never transmitted |
| Chat History | Stored locally in encrypted database |
| Network Usage | Model downloads only (one-time) |
| Authentication | Optional Hugging Face OAuth (tokens encrypted) |
| Voice Features | Optional, processed entirely on-device |
| Analytics/Ads | None |
| User Control | Complete |
Privacy-First Design: Cosmos Chat is built on the principle that your conversations are yours alone. By processing everything on your device, we ensure that your private thoughts stay private.