Security & privacy
Built so we couldn't betray you if we tried
Clypy's privacy isn't a policy you have to trust — it's the architecture. Here's exactly how a clip moves, and what we can and can't see.
END-TO-END ENCRYPTION
Keys never leave your devices
Every clip is sealed on the device that copied it, with keys generated on your hardware and held in the OS keychain — never in a readable file. Our relay forwards ciphertext it has no way to open.
ON-DEVICE AI
Intelligence without disclosure
Semantic search, OCR, and classification all run locally. Your clips are never uploaded to a model, ours or anyone else's.
SECRET HYGIENE
Secrets are treated as radioactive
Password-manager copies are never captured. Anything that looks like a secret is concealed on sight and auto-expires from history.
YOUR EXIT
Delete means delete
Wipe a clip, a device, or your whole history at any time. There's no account to leave behind and nothing readable retained on our servers.
Plain-language commitments
No fine print, no asterisks
- We can't read your clips — our servers only ever hold ciphertext.
- No account, no password, no profile. There's nothing to breach.
- On the same network, clips sync device-to-device and skip our servers entirely.
- AI runs on your device; clip contents are never sent for processing.
- Password managers and detected secrets are never captured or synced.
- Export or delete everything whenever you want — deletion is permanent.