Privacy First

Security & Privacy

One People is built on a simple principle: your data belongs to you. Not to us, not to advertisers, not to AI training pipelines. Here is how we enforce that.

Local-First Architecture

Your data lives on your Nexus — your device, your storage. Nothing leaves your machine unless you explicitly choose to sync with Beacon or Cloud Nexus. There is no background telemetry, no usage tracking, no silent uploads.

  • All AI processing runs on-device by default
  • No phone-home behavior or analytics collection
  • Offline mode works with full functionality
  • Cloud sync is opt-in and per-dataset

End-to-End Encryption

All communication between your Nexus and Beacon communities is encrypted end-to-end. When you share data with a Beacon group, only members of that group can decrypt it. Transit encryption uses TLS 1.3 at minimum.

  • Beacon↔Nexus traffic encrypted end-to-end
  • TLS 1.3 for all network communication
  • Encryption keys generated and stored locally
  • Group keys rotated when membership changes

Zero-Knowledge Design

Even if you use Cloud Nexus for hosting, One People cannot read your data. Your content is encrypted before it leaves your device, and we never hold the keys. We cannot comply with data requests for information we cannot access.

  • Client-side encryption before any cloud storage
  • Encryption keys never transmitted to servers
  • Cloud Nexus stores only encrypted blobs
  • No server-side data processing or indexing

Open Source Transparency

The One People platform is built on open-source foundations. You can audit the code, verify our security claims, and contribute improvements. No black boxes, no trust-us-bro security.

  • Core platform code is publicly auditable
  • Encryption implementations are standard, not custom
  • Security issues can be reported via responsible disclosure
  • Community security reviews are welcomed

Data Ownership

You own your data. Full stop. Export everything at any time in standard formats. Delete your account and every byte is purged — no 90-day retention periods, no anonymized copies kept for analytics.

  • Full data export in standard formats (JSON, CSV)
  • Account deletion is immediate and complete
  • No data retention after deletion
  • No selling or sharing data with third parties

A Note on Compliance

One People is an early-stage platform. We do not currently hold SOC II, HIPAA, or other formal compliance certifications. Our security architecture is designed with these standards in mind, and we are working toward formal audits as the platform matures. If your use case requires certified compliance today, please contact us to discuss your needs.

Read the Full Privacy Policy

Our privacy policy explains in plain language exactly what data we collect, how we use it, and your rights.

Privacy Policy