We do not view your biometrics, fitness logs, or golf rounds as commercial inventory. At Claiborn, we believe in complete user data sovereignty. Below is an outline of the core architectural choices and principles we employ to isolate, protect, and process your telemetry.
1. Isolated Per-User Databases
Rather than commingling everyone's health and telemetry statistics into a single, massive shared cloud database, every user on Claiborn gets a completely isolated, standalone SQLite database file (named user_[id].sqlite).
This physical separation creates a natural firewall. If a security event or unauthorized access occurs, it remains isolated to that specific database file, preventing large-scale multi-user data harvesting that is common in conventional SaaS architectures.
2. Zero Third-Party Tracking Pixels
Claiborn contains exactly zero Google Analytics tags, Facebook marketing pixels, Hotjar recorders, or TikTok advertising scripts. We do not load scripts or assets from third-party CDNs.
Our telemetry is strictly limited to self-hosted, transparent, and cookie-free performance metrics. We only track what is technically necessary to ensure system health and application uptime.
3. Transparency & SQL Portability
We believe in full transparency. We don't hide your telemetry behind complex, proprietary file formats. You have the right to download your entire SQLite database at any time.
Below is a look at the simple, transparent SQL schema used to store local AI context and vector metadata:
-- The isolated user database holds biometrics & embeddings
CREATE TABLE ai_embeddings (
id INTEGER PRIMARY KEY AUTOINCREMENT,
content_type TEXT NOT NULL, -- 'sleep_summary', 'golf_round', etc.
content_id TEXT NOT NULL,
raw_content TEXT NOT NULL,
embedding_vector BLOB NOT NULL, -- Stored in your downloadable database
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
);
-- Verification: embeddings are stored in your downloadable database file
$ SELECT count(*) FROM ai_embeddings;
>> 142 vectors mapped and stored in user SQLite file.4. Privacy-First AI & Training Protections
We are deliberate and committed to using privacy-oriented LLM providers, tiers and configurations with strict zero-data-retention and zero-training policies. Your data is processed in ephemeral, secure memory buffers. Furthermore, for users who prefer full local autonomy, we support Model Context Protocol (MCP), enabling you to connect your database directly to your own locally-run LLMs.
5. Portable Knowledge Embeddings
To deliver highly personalized biometric analysis and search capabilities, semantic vector mappings are computed for your telemetry and summaries.
These embeddings are stored directly in your isolated, downloadable SQLite database (under the ai_embeddings table) so you can inspect, export, and make additional use of them locally. They are not stored in your running application container per se, but inside your portable database file, ensuring you have full ownership of the computed vectors.
This is a personal project by Ben Halpern, founder of dev.to, and ultimately promises of privacy are about track records and trust. I hope you see that these choices reflect that.