Your second brain stays yours.

Constella is built local-first. Your notes, PDFs, and the connections between them live on your device by default — not on our servers, and never inside a training set. Here is exactly how that works.

Last updated June 2026

Local-first by default

Your knowledge base is stored and indexed on your own device. It works offline, and nothing leaves until you choose to sync.

Never used for training

Your private content is never used to train our models or any third party’s. It powers your answers, in your session, and nothing else.

Yours to export or erase

Export everything to open formats, or delete it permanently, at any time. No lock-in, no retention games, no exceptions.

Where your data lives

When you capture a thought, import a PDF, or wire two ideas together on the canvas, that data is written to a local store on your device. Search, recall, and the connections between your notes are computed locally — which is why Constella keeps working on a plane with no signal.

If you enable sync across devices, your data travels through a private tunnel and is relayed through our infrastructure so your other devices can catch up. Less leaves your device than with a cloud-first app — and we’re actively working to make that tunnel unreadable even to us.

Training & AI

This is the one that matters most to researchers, so we want to be unambiguous: your private notes, sources, and unpublished drafts are never used to train any AI model — not ours, not a provider’s.

When you ask Constella a question, the relevant snippets of your own content are assembled into a prompt to generate that single answer, then discarded. Providers are bound by zero-retention agreements that prohibit training on inputs.

In plain terms: nothing you write in Constella will ever show up in a model’s memory, another user’s answer, or a future version of our product.

What leaves your device — and when

By default, almost nothing. The table below covers every case where data crosses the network, and what protects it.

Notes & canvas
Stays local — on your device unless you turn on sync.
Device sync
Private tunnel — relayed over a private TLS 1.3 connection.
AI questions
Sent to answer — relevant snippets only, zero-retention, never trained on.
Web search
Query only — your search terms, not your library.
Telemetry
Opt-in — anonymous, aggregate, and off by default.

The private tunnel

Data at rest on your device is protected by your operating system’s secure storage. Anything that syncs travels through a private tunnel — never out in the open.

  • In transit: TLS 1.3 on every connection — a private tunnel between your device and our relay.
  • At rest: OS-level secure storage on device.
  • On our roadmap: sealing the private tunnel end-to-end, so relayed data is unreadable even to us.

Your controls

You decide what Constella can see and keep. Every one of these lives in Settings, not in a support ticket.

  • Export your full knowledge base to Markdown and standard canvas formats, anytime.
  • Delete any note, source, or your entire account — permanently, with no soft-delete window.
  • Disconnect any integration and revoke its access in one click.
  • Choose which folders and sources are indexed, and which stay invisible to AI entirely.

Compliance & questions

Constella supports GDPR and CCPA data-subject requests, and offers a Data Processing Agreement for enterprise and institutional customers. Security reviews, SSO, and procurement documentation are available on request.

For anything not covered here — IRB requirements, institutional data policies, or a specific deletion request — reach our team at team@constella.app. A human answers. The full legal text lives on our Privacy Policy page.

Think freely. We’re not reading.

A second brain only works if you trust it with your unfinished thoughts. We designed Constella so you never have to think twice.

See pricing