Data Privacy

[njaramish]

First off, a big thank you to the developers of this project including @danny-avila!! This is half question, half feature/documentation suggestion.
 
I'm currently scoping out LibreChat for a corporate use case with strict privacy requirements, and was wondering if there is any documentation on data privacy or telemetry that LibreChat tracks. If not, a page discussing data that LibreChat collects (if any) would be very helpful -- other open source apps have similar pages, e.g. https://docs.continue.dev/telemetry

It would also be helpful to have documentation on any non-obvious APIs that are being called (e.g. instances where anything other than the deployed Docker compose project sees any data). I say "non-obvious" because anything sent to OpenAI/Anthropic is obviously going to be seen and or retained by that company, however there are other instances where user data may be transmitted to a 3rd party that are less obvious (some of which may have since been updated to be local, like Dicebar).

Having a page discussing any places where data could/would leave the local deployment would likely help potential corporate users to quickly scope out the project for suitability and aid in adoption! Again thank you very much for this awesome project!!

Note: For completeness, this is somewhat related to this issue regarding corporate adoption and local hosting, although I imagine any user would appreciate clear data privacy documentation.

[danny-avila]

Thank you! We will need to add a telemetry page to the docs but I can answer some of the concerns from memory here.

Currently, there is no telemetry done by LibreChat. For the Code Interpreter API served by LibreChat, you can find a privacy policy here: https://code.librechat.ai/legal/privacy

Meilisearch is a dependency used for searching/indexing conversations/messages, and it has telemetry for its usage; however our default configuration (.env.example) disables it at the outset.

As of recently, Unstructured.io was collecting telemetry usage of its SDK usage in https://github.com/danny-avila/rag_api but I've now disabled it in the image build.

The Artifacts feature pulls down at-runtime dependencies from codesandbox.io's servers, but does not transmit data AFAIK.

There is nothing else that comes to mind, thanks for bringing this up

[njaramish]

Thank you for the helpful information, speedy reply, and (again) awesome project :)