Cowork session transcripts
Every exchange with the local agent is stored as a file on your machine, scoped to your user account. The server has no copy.
Reference · Security
What Cortex stores. What it doesn't. Where.
Nine claims about data handling — each traceable to the code that enforces them. Two gaps disclosed plainly.
What stays on your machine
§ I
Cowork is a local agent.
The sessions it runs, the project memory it accumulates, and the files it produces do not leave your device. None of these leave the device unless you initiate the action.
Project wiki
Wiki data lives in a directory you choose. Nothing in Cortex reads or uploads wiki content to any server.
Observer friction log
The local log of tool errors and retries is written to your device and stays there whether or not you have upload enabled.
Custom skills sedimented from your work
Skills the observer pipeline extracts from your sessions are written as files in your chosen skills directory. They remain local until you explicitly contribute them to the marketplace.
What goes to the server
§ II
Chat is different.
Chat sessions persist server-side so the agent can continue across conversations.
What Cortex stores on the server for Chat users:
- Conversation history, keyed to your user ID. No other user's account can read your sessions.
- Long-term memory — a compiled profile of your preferences, databases, and LCA context. Extracted from conversation turns over time. Also keyed to your user ID.
What Cortex does not store:
- BOM files you upload during a Chat session. File uploads are passed to the AI for the duration of the conversation and are not written to any database table after the request completes.
The distinction matters: Cowork data belongs to your machine. Chat history belongs to your account on the server.
Nine verifiable claims
§ III
Statements about how the system behaves.
Each corresponds to an implemented check in the codebase.
- § 01
All traffic is encrypted in transit.
Every user-facing connection uses HTTPS. There are no plaintext HTTP paths for user data.
- § 02
Chat sessions are stored under your account and are not accessible to other users.
Conversation history and long-term memory are keyed to your user ID. The session store enforces this isolation at query time — one account cannot read another's.
- § 03
Commercial-database values are gated to license holders.
Without a license, Cortex still returns the dataset name, region, unit, version, and link — enough to confirm the dataset exists. The licensed values are withheld until access is brought. No literature value is substituted.
- § 04
Your Cowork sessions never leave your device.
Local agent sessions are stored in your app's local data directory. The server has no copy and no access path to them.
- § 05
Your project wiki is stored locally.
Wiki data lives in the directory you choose on your machine. It is not uploaded to Cortex servers.
- § 06
Every GWP result includes its source database and version.
The database name, version string, and system model are part of every result. Historical exports are not retroactively modified when a data provider releases a new version; each export captures the version at query time.
- § 07
Your data is not used to train AI models.
There is no pipeline in the codebase that reads conversation history and sends it to a model training job.
- § 08
Observer friction upload can be turned off.
The upload toggle is per-device, persisted locally. Turning it off stops all background uploads. The local friction log continues regardless.
- § 09
Uploaded BOM files are not persisted.
File uploads sent during a Chat session are passed to the AI for the duration of that conversation. They are not stored in any database after the request completes.
Restricted data
§ IV
There are many LCA tools that return a number when they don't have a verified one. Cortex is not one of them.
Several of the databases Cortex indexes are commercial — Ecoinvent, CarbonMinds, and others — and require a paid license from the data provider. The permission check runs on Cortex's side, before any result reaches the model.
Without a license: you can still find the dataset. The name, source, version, region, system model, and link return normally — enough to confirm a dataset exists and decide whether the license is worth bringing.
With a license: the values appear. The license-protected fields — emission factors, inventory detail, the broader impact assessment results — show up in place of the Licensed marker.
There is no silent substitution with literature values or model-generated figures. Fabricating a substitute would pollute the deliverable with unverifiable numbers. The enforcement is in the code, not in instructions alone.
Two things we have not yet built
§ V
No user-facing data export endpoint
A Chat user cannot download a structured export of their conversation history, compiled memory, or activity log. That data is accessible internally to administrators. A GDPR right-of-access request currently requires a manual admin operation.
This is an open gap. We have not yet built a self-serve export.
No user-initiated account deletion
Deleting your account and erasing the server-side data associated with it currently requires a manual admin operation. There is no self-serve deletion endpoint.
Data that lives only on your machine — Cowork session transcripts, wiki, custom skills, friction log — can be deleted by you at any time by removing the relevant directories from your device.
If procurement requires confirmed self-serve deletion, the current answer is that it requires contacting us.
Enterprise procurement
§ VI
Write in with specifics.
Questions about data handling, residency, or enterprise licensing: info@hiqlcd.com. A response with specifics, usually within two business days.