Nothing in third-party clouds. Photos, mail, finances and documents live on your own hardware.
Default-deny outbound: NoCloudMe's own pieces can't reach the internet unless they declare it;
the home server never calls out to GitHub at all. See Network & outbound traffic.
Double perimeter: LAN or VPN (WireGuard) to reach it; SSO (with optional 2FA) to get in.
Secrets stay out of the code: keys and tokens live in local files, never in the repository.
Backups and reversibility: a snapshot before every write, daily backups, replication across
machines. Bulk changes to your archive are one undo away and explain themselves — see
Curating your archive.
Auditing: web changes are logged with the user, the date and the details.
Permission panel: the AI assistant works under switches you control one by one; a permission
switched on is a ceiling (what it's allowed to do), never a command.
Courtesy toward your machine: heavy work freezes while you're typing and resumes once you
stop.
Point-and-count rule: with sensitive data like your messages, the machine
builds the infrastructure and counts, but never reads or classifies the content — reading is
for you alone.
Connectors, disclosed and boxed in: a connector can only write the database tables its manifest
declares, and it never sends SQL — it hands parsed rows to a shared, safe ingest engine. See
The Store.