Trust & privacy
Privacy & data custody
What we can and can't see, and why the architecture decides it.
An AI you hand your household's schedule and facts to makes privacy promises whether it states them or not. Dustav's promises are made explicit, and the product is built to honor them — in several places, by architecture rather than by policy, which is the only kind of promise worth much.
Your content is yours
What you put into Dustav and what it creates with you — messages, calendar entries, notes, the household facts it remembers, photos you share — is your content. You keep ownership of it. We store and process it only to run the service for you. You can delete your entire account at any time, and deletion is real (it removes the associated data, with a cascade through everything it touched), not a flag that hides a row.
The model conversation runs on your key
This is the big one, and it follows from BYOK. Your conversations with Dustav are processed by Anthropic (Claude) under your own account with them, on a key you brought. We are not the AI provider. The inference — the part where your words actually reach a model — happens in your relationship with Anthropic, under their terms, not pooled into some platform account.
What we can and can't see
Two protections here are structural:
- Your key is encrypted at rest. We use it to operate Dustav and nothing else.
- Memory doesn't leak across contexts. The household's shared facts are loaded only where they belong. In any context that shouldn't see them, they're deliberately not loaded — channel-aware loading is a security feature, not a convenience.
- Photos are minimized before they're stored. A photo you share is resized and stripped of its embedded metadata — including any GPS location a phone camera quietly attaches — before it's saved, and the agent reads it once rather than re-sending it with every later message. It matters most for a picture of a child, which is exactly the kind of thing a household agent gets handed.
We won't pretend the operator of any hosted service can see nothing — running a product means data passes through systems we administer. What we can tell you honestly is the shape of it: we minimize what we hold, we encrypt the most sensitive piece, we don't route your conversations through a shared model account, and we don't build features that quietly mine your data. Where we can make a guarantee by construction instead of by promise, we do.
The nuke
A deterministic, non-negotiable control lives at the account level, outside of chat:
- Delete — the real nuke. Remove your whole account and the data goes — a real cascade through everything Dustav touched, not a flag that hides a row.
This is intentionally not mediated by the agent. The everyday "forget that about us" is a conversation; the absolute "erase this" is a button. (Want a copy of your data? There's no self-serve export — that's a privacy request to our team, handled by hand.)
Our legal pages (Terms, Privacy) are the binding statements; this page explains the posture behind them.