Privacy & Security¶
Your data privacy and security are fundamental to ChronoScope's design. This page explains how your information is handled.
Core Privacy Principles¶
🏠 Local-First Architecture¶
All processing happens on your machine:
- ✅ Documents are processed locally
- ✅ Timeline data stored on your computer
- ✅ No cloud storage of your documents
- ✅ You control your data completely
The only external communication:
- OpenAI API calls for event extraction (your choice)
- Optional: Analytics (can be disabled)
What Data Leaves Your Computer?¶
OpenAI API Calls¶
What is sent:
What is NOT sent:
- ❌ File names or metadata
- ❌ Your identity or account info
- ❌ Timeline data or notes
- ❌ Usage patterns
How it's processed:
- Document text extracted locally
- Text sent via HTTPS to OpenAI
- Events returned to your machine
- Original text discarded by OpenAI (per their policy)
OpenAI's Data Usage Policy:
- API data not used for model training (as of 2023)
- Data retained for 30 days for abuse monitoring
- No human review unless flagged for safety
Data Storage¶
Where Your Data Lives¶
chronoscope/
├── .streamlit/
│ └── secrets.toml # ⚠️ API key (keep private!)
├── data/
│ ├── timeline_events.json # 💾 Your timeline data
│ └── user_notes.json # 📝 Your personal notes
└── test-documents/ # 📄 Your uploaded docs
File Permissions¶
Recommended security:
# Protect your API key
chmod 600 .streamlit/secrets.toml
# Protect timeline data
chmod 600 data/timeline_events.json
chmod 600 data/user_notes.json
Data Persistence¶
- Timeline events: Stored in JSON (plain text)
- User notes: Stored in JSON (plain text)
- Uploaded files: Remain in upload directory
- No encryption at rest (use OS-level encryption if needed)
API Key Security¶
Protecting Your OpenAI Key¶
Your API key is sensitive:
- 💳 Linked to your billing account
- 🔑 Grants access to OpenAI services
- 💰 Usage charges to your account
Security best practices:
# ✅ DO:
1. Store in .streamlit/secrets.toml (gitignored by default)
2. Never commit to version control
3. Use environment variables for shared setups
4. Rotate keys periodically
5. Monitor usage at platform.openai.com
# ❌ DON'T:
1. Hard-code in application files
2. Share in screenshots or demos
3. Store in cloud sync folders (Dropbox, Google Drive)
4. Use the same key across many projects
5. Give API key to others
Key Rotation¶
How to rotate your API key:
- Generate new key at platform.openai.com
- Update
.streamlit/secrets.toml: - Restart ChronoScope
- Delete old key from OpenAI dashboard
Version Control Safety¶
Git Ignore Patterns¶
ChronoScope includes .gitignore to protect sensitive files:
# API Keys and Secrets
.streamlit/secrets.toml
.env
*.key
# Personal Data
data/timeline_events.json
data/user_notes.json
test-documents/personal/
# Virtual Environment
.venv/
venv/
Verify your setup:
# Check what would be committed
git status
# Should NOT see:
# - .streamlit/secrets.toml
# - data/timeline_events.json
# - test-documents/personal/
Network Security¶
HTTPS Encryption¶
All external communication is encrypted:
- OpenAI API: TLS 1.2+ (HTTPS)
- Documentation site: HTTPS only
- No unencrypted data transmission
Firewall Considerations¶
Required outbound connections:
No inbound connections required
Compliance & Regulations¶
GDPR Compliance (EU Users)¶
Your rights:
- ✅ Right to access: All data stored locally, you have full access
- ✅ Right to erasure: Delete data files anytime
- ✅ Right to portability: JSON format, easily exportable
- ✅ Right to rectification: Edit events directly
Data controller: You (the user) control your data
Data processor: OpenAI (for API calls) - see their DPA
CCPA Compliance (California Users)¶
California privacy rights:
- Know what personal information is collected
- Delete personal information
- Opt-out of sale (N/A - we don't sell data)
ChronoScope's stance:
- We don't collect personal information centrally
- All data remains on your device
- No data sale or sharing
HIPAA (Healthcare Data)¶
⚠️ ChronoScope is NOT HIPAA compliant
Do NOT use for:
- Protected Health Information (PHI)
- Medical records or histories
- Patient data processing
Best Practices¶
For Individual Users¶
# ✅ Recommended Setup
# 1. Use OS-level encryption
# macOS: FileVault
# Windows: BitLocker
# Linux: LUKS/dm-crypt
# 2. Secure your environment
chmod 700 /path/to/chronoscope
chmod 600 .streamlit/secrets.toml
# 3. Regular backups (encrypted)
tar -czf timeline_backup.tar.gz data/
gpg -c timeline_backup.tar.gz
# 4. Monitor API usage
# Check platform.openai.com/usage regularly
For Teams/Organizations¶
Shared deployment considerations:
-
Separate API keys per user
-
Data isolation
-
Access control
Data Retention¶
Automatic Cleanup¶
ChronoScope does NOT auto-delete:
- Timeline events persist indefinitely
- Notes saved until manually deleted
- Uploaded documents remain in folder
Manual cleanup:
# Clear all timeline data
rm data/timeline_events.json
# Clear user notes
rm data/user_notes.json
# Remove uploaded documents
rm -rf test-documents/personal/*
Backup Recommendations¶
Regular backups:
# Weekly backup script
#!/bin/bash
BACKUP_DIR=~/chronoscope-backups
DATE=$(date +%Y%m%d)
mkdir -p $BACKUP_DIR
cp data/timeline_events.json $BACKUP_DIR/timeline_$DATE.json
cp data/user_notes.json $BACKUP_DIR/notes_$DATE.json
# Encrypt backup
tar -czf $BACKUP_DIR/backup_$DATE.tar.gz $BACKUP_DIR/*_$DATE.json
gpg -c $BACKUP_DIR/backup_$DATE.tar.gz
rm $BACKUP_DIR/*.json $BACKUP_DIR/*.tar.gz
Security Incident Response¶
If Your API Key is Compromised¶
Immediate actions:
- Revoke key at OpenAI:
- Go to platform.openai.com/api-keys
- Find compromised key
-
Click "Revoke"
-
Generate new key
-
Update ChronoScope:
-
Monitor usage:
- Check OpenAI usage dashboard
- Review unexpected charges
- Contact OpenAI support if needed
Reporting Security Issues¶
Found a security vulnerability?
- Do NOT open a public GitHub issue
- Email: security@chronoscope.dev (or project contact)
- Include:
- Description of vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We commit to:
- Acknowledge within 48 hours
- Provide timeline for fix
- Credit researcher (if desired)
- Responsible disclosure
Privacy FAQs¶
Does ChronoScope see my documents?
No. Documents are processed entirely on your local machine. The only data sent externally is text content to OpenAI's API for event extraction.
Can I use ChronoScope offline?
Partially. You can view existing timelines offline, but event extraction requires internet connection (OpenAI API). Fallback rule-based extraction works offline but with lower quality.
Where is my timeline data stored?
Locally in data/timeline_events.json on your machine. It never leaves your computer unless you explicitly export and share it.
Does ChronoScope track my usage?
By default, no. Optional analytics can be enabled in settings, but all analytics are anonymized and opt-in only.
Can I use ChronoScope with sensitive documents?
Yes, but understand that text content is sent to OpenAI. For highly sensitive documents, consider: - Reviewing OpenAI's data policies - Using offline fallback extraction - Sanitizing documents before processing
How do I completely delete my data?
Also revoke your OpenAI API key if no longer using ChronoScope.
Additional Resources¶
- 📜 OpenAI Privacy Policy
- 📜 OpenAI API Data Usage
- 🔒 OWASP Security Guidelines
- 🛡️ Python Security Best Practices
Disclaimer
ChronoScope is provided "as is" without warranty. Users are responsible for ensuring their use complies with applicable laws and regulations. Always review and understand third-party service policies (like OpenAI) before processing sensitive data.
Questions or concerns about privacy?