AnythingLLM Desktop App Privacy Policy

Effective July 14, 2025

Introduction

AnythingLLM Desktop processes as little info as possible, and can run entirely offline. This Privacy Policy ("Policy") describes what information Mintplex Labs ("we", "us", "our") may gather and how we use it when you download and use AnythingLLM Desktop (the "App").

We may update this policy occasionally. When we do, we'll post the new version on this page with a reasonable amount of time before the changes take effect.

Contact us

If you have any questions, comments or concerns regarding this Policy or our processing of information, please contact us at team@mintplexlabs.com.

What we process and why

We only process information in the following occasions:

• When Telemetry is enabled and some usage stats are sent to our servers (see above)
• When you email us directly
• When you interact with the AnythingLLM Community Hub (opens in a new tab)

Here's what this means in practice, and the situations when we would receive data:

When You Email Us

• What: Your email address and the content of your email
• Why: So we can respond to your questions or provide the support you need

When You Interact with the AnythingLLM Community Hub

• What: General connection information (IP address, user agent, etc.)
• Why: The community hub is a public website with resources you can use freely inside the app. This service is operated by Mintplex Labs and is optional to use.

Our Commitment to Privacy

Privacy is core to AnythingLLM Desktop - it is the reason over 1M people have downloaded the app.

We process as little information as possible to facilitate your usage of the app, and regularly review our data practices to process only what's necessary. Even then, we only collect information that is anonymous and cannot be used to identify you, your chats, documents, content, or anything else.

Even then, you can turn it off fully once and forever in the app settings.

Never sell your information to third parties

We are not in the business of selling your information to third parties. We simply care about how people use the app, and how we can improve it. That is the only reason we collect any information at all.

In no way, shape, or form do we sell your information to third parties or use it as leverage for any other purpose.

Others involved in handling information

We use service providers who help us with our business operations. These providers are only authorized to store the information as necessary to provide these services to us and not for their own promotional purposes.

Service Providers we use:

• PostHog (Telemetry service) - Privacy Policy: https://posthog.com/privacy (opens in a new tab)
• Cloudflare (CDN service) - Privacy Policy: https://www.cloudflare.com/privacypolicy/ (opens in a new tab)

Legal Requirements

In rare cases, we may need to disclose information to authorities, legal counsels, and advisors:

• To comply with legal obligations forced upon us by law
• When working with legal counsel on matters that could impact us

Business Changes

If our company undergoes organizational changes (like a merger or acquisition), information may be transferred to a new business as part of that process.

Data Subject Rights

AnythingLLM Desktop processes very limited data, none of which can be linked directly to individual users. Because the application does not include user-telemetry or user-specific tracking, we are unable to fulfill data subject requests such as providing a copy of your data or deleting your information. In other words, there's no way for us to identify or retrieve your specific data, and any information we do collect is anonymous and only kept briefly.

Additional information for individuals in the EU or UK

Controller

The data controller of the data described in this policy is:

Mintplex Labs, Inc., a Delaware corporation. Our registered address: 1950 W Corporate Way Ste. 25340, Anaheim, CA 92801.

Data subject rights

If you are in the EU or the UK, you have the following rights under the GDPR:

• Right to Access and receive a copy of your information that we process.

• Right to Rectify inaccurate information we have concerning you and to have incomplete information completed.

• Right to Data Portability, that is, to receive the information that you provided to us, in a structured, commonly used, and machine-readable format. You have the right to transmit this data to another person or entity. Where technically feasible, you have the right to have your information transmitted directly from us to the person or entity you designate.

• Right to Object to our processing of your information based on our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or if we need to process such information for the establishment, exercise, or defense of legal claims.

• Right to Restrict us from processing your information (except for storing it): (a) if you contest the accuracy of the information (in which case the restriction applies only for a period enabling us to determine the accuracy of the information); (b) if the processing is unlawful and you prefer to restrict the processing of the information rather than requiring the deletion of such data by us; (c) if we no longer need the information for the purposes outlined in this Policy, but you require the information to establish, exercise or defend legal claims; or (d) if you object to our processing based on our legitimate interest (in which case the restriction applies only for the period enabling us to determine whether our legitimate grounds for processing override yours).

• Right to be Forgotten. Under certain circumstances, such as when you object to our processing of your information based on our legitimate interest and there are no overriding legitimate grounds for the processing, you have the right to ask us to erase your information. However, notwithstanding such a request, we may still process your information if it is necessary to comply with our legal obligations, or for the establishment, exercise, or defense of legal claims. If you wish to exercise any of these rights, please contact us through the channels listed in this Policy.

When you contact us, we reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you with information that you have asked for, we will explain the reason.

Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, then according to Article 77 of the GDPR, you can lodge a complaint to the supervisory authority, in the Member State of your residence, place of work or place of alleged infringement of the GDPR.

If you are in the UK, you can lodge a complaint to the Information Commissioner's Office (ICO) pursuant to the instructions provided here (opens in a new tab).

Additional information for individuals in the United States

If you are an individual residing in the United States, we provide you with the following information pursuant to the applicable state privacy laws.

We do not sell your information and have not done so ever.

Your rights under U.S. State privacy laws

Right to deletion

Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:

• Delete your information from our records; and
• Direct any service providers to delete your information from their records.

Please note that we may not delete your information if it is necessary to:

Complete the transaction for which the information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us.

Help to ensure security and integrity to the extent the use of the consumer's information is reasonably necessary and proportionate for those purposes.

Debug to identify and repair errors that impair existing intended functionality.

Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.

Engage in public or peer-reviewed scientific, historical, or statistical research that conforms or adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the ability to complete such research, provided we have obtained your informed consent.

Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us and compatible with the context in which you provided the information.

We also will deny your request to delete if it proves impossible or involves disproportionate effort, or if another exception under the law applies. We will provide you with a detailed explanation that includes enough facts to give you a meaningful understanding as to why we cannot comply with the request to delete your information.

Right to correction

Right to correct inaccurate information

If we receive a verifiable request from you to correct your information and we determine the accuracy of the corrected information you provide, we will correct inaccurate information that we maintain about you.

In determining the accuracy of the information that is the subject of your request to correct, we will consider the totality of the circumstances relating to the contested information.

We also may require that you provide documentation if we believe it is necessary to rebut our own documentation that the information is accurate.

We may deny your request to correct in the following cases:

• We have a good-faith, reasonable, and documented belief that your request to correct is fraudulent or abusive.

• We determine that the contested information is more likely than not accurate based on the totality of the circumstances.

• Conflict with federal or state law.

• Another exception under the law.

Inadequacy in the required documentation

Compliance proves impossible or involves disproportionate effort.

We will provide you a detailed explanation that includes enough facts to give you a meaningful understanding as to why we cannot comply with the request to correct your information

Protection against discrimination

You have the right to not be discriminated against because you exercised any of your rights under applicable laws. If you exercise your rights, we cannot:

• deny you services.

• charge different prices or fees for services, also through discounts, benefits, or fines.

• provide you with a different level or quality of services.

• propose that you receive different prices or tariffs for services.

Please note that we may charge a different fee or provide a different level or quality of services, if the difference is reasonably related to the value we gain from your information.

Our response to your requests

We will respond to your requests within 45 days (or within 90 days, where the law permits, and we determine it necessary considering the complexity and number of the requests you have filed). If we take longer than 45 days, we will inform you of the extension within the initial forty-five-day response period, together with the reason for the extension.

We may deny your request in the following cases:

• If we believe in good faith, based on reasons which are documented in writing, that your request is fraudulent or is an abuse of your rights under applicable law.

• If we conclude that the request is irrelevant, based on all the circumstances at issue (e.g., if you requested to correct your information, and we find that it is likely to be accurate).

• If it is contrary to federal or state law.

• Due to discrepancy in the required documentation.

• If the fulfilment of your request turns out to be impossible or involves disproportionate effort.

We will provide you with a detailed explanation including sufficient facts, to enable you to meaningfully understand why we cannot fulfil your request.

You may appeal our decision to deny your request by sending us an email at team@mintplexlabs.com.