TLDR
- Your files and search index stay on your device. Content leaves your computer only when an AI you connected requests it.
- The desktop app sends no feature or behavioral telemetry. The miyo.md website uses DataFast for page and conversion analytics.
- The miyo relay service exists solely to let ChatGPT and Claude connect to your desktop app. It forwards requests and responses through an authenticated, encrypted tunnel without logging, storing, or inspecting their content.
- If you turn on chat sync, miyo saves your own ChatGPT and Claude conversations to your computer and fetches them directly from those sites. The chats and the session cookies used to fetch them stay on your device and never reach us.
- Account and payment data is limited to what we need to sign you in, manage access, and process purchases.
Introduction
This Privacy Policy applies to all users of miyo, a desktop application and associated services offered by Brevilabs LLC (“Brevilabs,” “we,” or “us”). It describes how we handle personal information in connection with the miyo desktop app, the miyo browser extension, the miyo.md website, and the miyo relay service. Please read this policy carefully. By using miyo, you acknowledge these practices.
What miyo does not collect
The desktop app keeps the following data on your device. We do not retain it on Brevilabs systems:
- Your notes, documents, and vault contents
- Your synced ChatGPT and Claude conversations, and the session cookies used to fetch them
- File names, folder structures, or metadata
- Queries you run against your local data
- Content returned by the MCP server. It goes directly to a local AI agent, or passes through Relay in transit when a remote AI requests it.
- Desktop feature interactions or behavioral telemetry
- Crash reports or error logs from the desktop app
What we do collect
To run the miyo.md website and manage accounts, we collect:
- Account information: email address, and optionally your name and profile image if you sign in with GitHub or Google.
- Subscription data: your current plan (Free or Relay), subscription period, and Stripe customer ID. This is stored in our database so we can gate desktop and relay access appropriately.
- Authentication tokens: short-lived session cookies on miyo.md, and signed JWTs that allow your desktop app and the relay to verify your entitlement without calling home on every request.
- Standard web server logs: IP address, browser type, and request metadata produced by Vercel when you visit miyo.md. These are retained according to Vercel’s standard log retention policy.
- Website analytics: page visits, sessions, and conversion events collected by DataFast. DataFast uses visitor and session cookies, which may also be attached to Stripe checkout metadata for conversion reporting.
- Relay operational data: your account ID, connected client name and last-seen time, and daily counts of tool calls by tool. These records do not include filenames, queries, file content, or MCP responses.
The miyo MCP server
miyo implements the Model Context Protocol (MCP). When an AI agent (such as Claude or a ChatGPT plugin) calls a miyo MCP tool, the request goes to the miyo server running on your device. The server reads only the specific data the tool requires. For example, a “search notes” tool reads matching note content; it does not scan unrelated files. Local agents connect directly on your computer. Remote ChatGPT and Claude connections use Relay, where the request and response pass through Brevilabs infrastructure in transit without being retained or inspected.
The miyo relay service
AI applications like ChatGPT and Claude cannot connect directly to software running on your local machine. The miyo relay (relay.miyo.md) bridges this gap by acting as a secure tunnel.
Here is what the relay does and does not do:
- Does: forwards MCP requests from the AI application to your desktop, and forwards responses back. Traffic is authenticated using signed JWTs so only verified Relay or Believer users can use the tunnel.
- Does not: read, log, store, or inspect the content of MCP messages passing through the tunnel.
- Does not: retain any data about filenames, queries, message content, or what your device returned.
- Does: record connected client names, last-seen times, and daily tool-call counts for operations and support.
The relay is operated by Brevilabs on Railway. Standard infrastructure logs (connection timestamps, error codes) may be retained for operational purposes, but these logs do not contain message content.
Chat sync (ChatGPT and Claude)
miyo can save your own ChatGPT and Claude conversations to your computer as markdown and keep them up to date automatically. This feature is optional and works together with the miyo browser extension. It stays off until you install the extension and turn on “Sync to Miyo Desktop.”
- Session handoff: when you enable sync, the browser extension passes your existing ChatGPT and Claude session cookies to the desktop app on the same computer over Chrome native messaging. They are never sent to Brevilabs or any other server.
- Local fetching: the desktop app uses that session to fetch your own conversations directly from chatgpt.com and claude.ai, the same way your browser does. This traffic goes between your device and those sites, not through our infrastructure. The sync is one-way and read-only: it only reads your conversations and never changes anything on ChatGPT or Claude.
- Local storage: your conversations are saved as markdown files in a folder you choose (by default, a “Miyo Chats” folder in your Documents) and indexed locally for search. Both the files and the index stay on your device.
- Cookie storage: the session cookies are kept on your device so sync can continue in the background. They are encrypted at rest using your operating system’s keychain and are used only to fetch your own chats. We never receive them.
To stop syncing, turn off the toggle in the extension or disconnect the account in the desktop app. Markdown files already saved stay on your computer until you delete them.
Payment processing
Subscription payments are handled by Stripe. When you purchase miyo relay, your payment details are entered directly into Stripe’s hosted checkout. We never see or store your card number. Stripe is subject to its own privacy policy.
Third-party services we use
- Vercel: hosts miyo.md. Standard web request logs.
- Railway: hosts the relay service. Standard infrastructure logs.
- Stripe: processes payments and manages subscriptions.
- DataFast: provides website and conversion analytics using visitor and session cookies.
- Resend: sends authentication emails (magic links). Only your email address is shared.
- GitHub / Google: optional OAuth sign-in providers. We receive only what you authorize during the OAuth flow (email, name, profile image).
Data retention and deletion
Account and subscription data is retained for as long as your account is active. If you cancel your subscription, your account record is retained so you can sign back in and resubscribe. To request full account deletion, email us at info@brevilabs.com.
Because your vault content is stored only on your device, deleting the miyo desktop app removes all local data. We have no copy to delete on your behalf.
Your rights
Depending on your location, you may have rights to access, correct, export, or delete your personal information. To exercise these rights, contact us at info@brevilabs.com with the subject line “Privacy Request.” We will respond within 30 days.
Children
miyo is not directed at children under 18. We do not knowingly collect personal information from anyone under 18. If we become aware that we have, we will delete it.
Changes to this policy
We may update this policy from time to time. Material changes will be communicated by updating the date at the top of this page and, where appropriate, by email. Continued use of miyo after changes constitutes acceptance.
Contact
Brevilabs LLC is the data controller for personal information processed in connection with miyo. Questions or concerns: info@brevilabs.com.