Privacy Policy
This Privacy Policy explains how Subumbra ("we," "our," or "the project") handles data in relation to the website located at subumbra.dev and the Subumbra open-source software.
Core Privacy Principle: Subumbra is self-hosted software. We do not operate a centralized software-as-a-service (SaaS) platform. All data, API credentials, logs, and cryptographic material reside solely on servers and infrastructure controlled entirely by you (the operator). We have zero access to your data or deployments.
1. The Informational Website (subumbra.dev)
The website subumbra.dev is purely informational and acts as a landing page and documentation hub. When you visit this site:
- No Personal Data Collection: We do not ask for, collect, or store any personal data (such as names, emails, IP addresses, or contact information).
- No Cookies or Marketing Trackers: We do not use advertising or analytical tracking cookies, pixel tags, or third-party web analytics (such as Google Analytics) to monitor your behavior.
- Cloudflare Security & CDN Proxy: To ensure high availability, load balancing, and protection against Distributed Denial of Service (DDoS) and bot attacks, this website is routed through Cloudflare's Content Delivery Network (CDN) proxy. Cloudflare may place technical, strictly necessary cookies (such as
__cf_bmor_cfuvid) on your browser. These cookies are set outside of our direct control, do not collect personal identification details, and are used solely to mitigate server abuse and verify legitimate visitor traffic. For more information, please refer to Cloudflare's Privacy Policy. - Server Logs: Our web server may maintain basic technical access logs for security and performance purposes (such as HTTP request headers, response codes, and server response times). These technical logs do not link back to personal identities and are purged automatically.
2. The Open-Source Software (Self-Hosted)
Subumbra is a split-trust security proxy designed to run in a self-hosted environment under your direct control (using Docker and your own Cloudflare Workers subscription).
- Key Storage: All provider API keys and tokens are encrypted locally on your server using modern authenticated encryption (AES-GCM + RSA-4096-OAEP) and pushed into your private, isolated Cloudflare Workers KV namespace.
- Data Transit: Request payloads, response streams, and metadata flow directly from your client applications, through your local security proxy, to your Cloudflare Workers runtime, and then directly to the selected upstream AI model providers. No intermediary servers, third parties, or developer endpoints ever see this traffic.
- Telemetry: The Subumbra software contains no telemetric reporting, tracking scripts, or "phone-home" mechanisms. It functions as an entirely isolated network utility.
3. Third-Party Services & Upstream Providers
When you use Subumbra to broker requests, the system forwards those requests directly to your configured upstream providers (such as OpenAI, Anthropic, Gemini, DeepSeek, etc.) and hosts the transient decryption logic inside your **Cloudflare Workers** tenant. The data processing and storage practices of those services are governed by their respective terms and privacy policies. We encourage you to review their compliance and privacy boundaries before routing traffic.
4. California Consumer Privacy Act (CCPA/CPRA) Compliance
Under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), because this website and open-source project do not collect, buy, sell, share, or store personal consumer information, there is no personal data to disclose, delete, or restrict. You are in full, sovereign control of your own data through your self-hosted infrastructure.
5. European Union General Data Protection Regulation (GDPR)
For visitors from the European Union or the European Economic Area (EEA), the project operates in full compliance with the GDPR. Since we do not process personal data on the informational website and have no access to the data residing on your self-hosted instances, we do not maintain a register of personal data, nor do we perform any user-profiling operations.
For your own self-hosted deployment, you act as the **Data Controller** (and Cloudflare acts as the **Data Processor**). You are responsible for ensuring that your handling of downstream users' data complies with applicable GDPR mandates.
6. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our software design or compliance requirements. Any updates will be pushed directly to this page along with an updated revision date.
7. Contact Information
If you have any questions about this Privacy Policy or the cryptographic design of the software, please reach out to the project author:
Email: [email protected]
GitHub: github.com/polysemic/Subumbra