← Back to Home

Privacy Policy

Last Updated: January 13, 2026

1. Introduction

Intentioned.tech ("we", "our", "the application") is a self-hosted, open-source social skills training platform. This privacy policy explains how data is collected, stored, and used when you use this application.

            🔒 100% Local Processing: This application is designed to be self-hosted. 
            All data processing occurs on your local machine or your own server. 
            No data is sent to external third-party services unless explicitly configured by you.
            Your voice never leaves your GPU.
        

2. Data Collection

The application may collect and process the following types of data during your training sessions:

Audio recordings: Voice input captured during conversations (processed locally, not stored after transcription)
Transcribed text: Your spoken words converted to text for conversation analysis
Conversation transcripts: The full dialogue between you and the AI assistant
Webcam data: If enabled, facial landmark data for eye contact tracking (not stored as images/video)
Performance metrics: Speaking pace, response times, filler word counts, and other communication metrics

3. Safety Violation Logging

Important: When content is flagged by our AI moderation system, a record is created to help maintain platform safety and improve moderation accuracy.

Safety violation logs are stored locally on your machine in:

Windows: %USERPROFILE%\Documents\simulation_safety_violations\
macOS: ~/Documents/simulation_safety_violations/
Linux: ~/Documents/simulation_safety_violations/

Each safety violation log contains:

Timestamp of the incident
Session identifier (anonymized)
The message that triggered the violation
The reason for flagging
Full conversation transcript up to that point

Purpose: These logs are stored locally for your own review and to help improve the moderation system.

Repeated Violation Transmission: If 3 or more unique safety violations are detected from the same session, a summary report is automatically transmitted to a separate "transmitted_to_host" folder for host/administrator review. Additionally, if 2 or more severe violations are detected, the session is immediately terminated and reported. This is designed to identify patterns of misuse and ensure platform safety. The transmitted reports are stored in:

[Documents]/simulation_safety_violations/transmitted_to_host/

4. Cookies and Local Storage

This application uses cookies to remember your preferences across sessions:

Settings Cookies: Your TTS/STT engine preferences, voice selections, LLM parameters
UI Preferences: Selected scenario, microphone mode, mute state

            Cookie Details:
            Cookies are stored locally in your browser only
No cookies are transmitted to external servers
Cookies expire after 1 year of inactivity
You can clear cookies at any time through your browser settings

        

Cookies used by this application:

intentioned_tts_engine - Your preferred text-to-speech engine
intentioned_kokoro_voice - Selected Kokoro TTS voice
intentioned_vibevoice_voice - Selected VibeVoice voice
intentioned_stt_engine - Your preferred speech-to-text engine
intentioned_max_tokens - LLM response length setting
intentioned_temperature - LLM creativity setting
intentioned_scenario - Last selected training scenario
intentioned_mic_mode - Preferred microphone mode (VAD or Push-to-Talk)
intentioned_tts_muted - Whether AI voice is muted

5. Data Storage

All data is stored locally on your machine or server:

Audio is processed in real-time and immediately discarded after transcription
Session data exists only in memory during active sessions
Analysis results are displayed but not permanently stored unless you save them
Safety violation logs are the only data written to disk

6. Third-Party Services

The application may interact with external services for the following purposes:

CDN resources: Loading of face-api.js models for eye contact detection

All text-to-speech engines (Kokoro, VibeVoice, pyttsx3) run completely offline on your device.

7. Browser Extension Detection

            Malwarebytes Browser Guard Detection: This application includes code to detect 
            when Malwarebytes Browser Guard is flagging our domain as a "Risky TLD" (false positive). 
            This detection is used solely to display a helpful warning banner explaining how to whitelist the site.
        

The detection works by:

Attempting to load a small invisible resource from our own domain to detect if it's being blocked
Monitoring console logs for Browser Guard-specific messages
Checking for DOM elements injected by the extension

This detection is entirely local and does not contact any external Malwarebytes servers.

No data is collected or transmitted through this detection. It exists purely to improve user experience by explaining false positive blocks on .tech domains.

8. AI Models Used

This application uses the following AI models, which run 100% locally on your machine or server:

Speech-to-Text (STT):
- NVIDIA Parakeet TDT 0.6B v3 (default) - NVIDIA NeMo, CC-BY-4.0 license, 600M parameters, supports 25 languages
- Vosk - Apache 2.0 license, offline-first, lightweight, 20+ language models
Text-to-Speech (TTS):
- Kokoro-82M (default) - Apache 2.0 license, 82M parameters, StyleTTS2 architecture
- VibeVoice Realtime 0.5B - 500M parameters, higher quality voice cloning
- pyttsx3 - Local system voices, fully offline fallback
Language Model (LLM):
- Google Gemma 3 1B (default) - 4-bit quantized, ~2GB VRAM
- Language-specific models available for 28 EU languages
Eye Contact Detection: Face-API.js - browser-based, no images stored

All AI processing occurs locally. Model weights are downloaded once and cached on your machine.

9. Data Retention

Session data: Cleared when you end a session or close the application
Safety violation logs: Retained until you manually delete them

10. Your Rights

Since this is a self-hosted application, you have complete control over your data:

Access: All data is stored locally and accessible to you
Deletion: You can delete any stored data at any time
Portability: All logs are stored in JSON format for easy export
Modification: You can modify the application's behavior through the source code

11. Security

Data security depends on your deployment configuration. We recommend:

Using HTTPS for all connections
Keeping your system and dependencies updated
Restricting network access to trusted users only
Regularly reviewing and clearing safety violation logs

12. Multilingual Support

Intentioned.tech supports 28 EU languages. Language detection and preferences are:

Stored locally in your browser's localStorage
Used only to select appropriate AI models and UI translations
Never transmitted to external services

13. Changes to This Policy

This privacy policy may be updated as the application evolves. Check the "Last Updated" date at the top of this document for the most recent version.

14. Contact

For questions about this privacy policy or the application, please contact us at akotler@pace.edu or visit intentioned.tech.