AICookAI
HomeModelsPricingDocsDashboard

Privacy Protection

CookAI protects your privacy at the architecture level, ensuring private chats, memories, and data never leak.

Private Memories Don't Leak to Groups

Information Bot remembers in private chats won't be mentioned or exposed in group chats. This is achieved through context isolation:

  • • Private and group chats use separate context windows
  • • Memory files from private chats are not loaded into group chat context
  • • Bot won't proactively mention private chat content in groups
# Context isolation diagramPrivate → [private context + private memory] → replyGroup → [group context + public memory] → reply

Docker Container Isolation

Each Bot runs in an isolated Docker container, ensuring data isolation at the physical level:

  • • Your Bot cannot read other Bots' files
  • • Other Bots cannot read your Bot's files either
  • • No shared storage volumes between containers
  • • Process spaces are fully isolated

Network Isolation

block-tunnels.sh runs automatically at each container startup, preventing data exfiltration via tunnels:

# What block-tunnels.sh does1. Remove all tunnel tool binaries rm -f ngrok cloudflared localtunnel bore frpc2. Block tunnel tool installation via package managers3. Disable SSH reverse port forwarding4. Monitor and block suspicious network connections

🔑 Encrypted Data Storage

Bot's sensitive data is encrypted at rest:

  • • API keys and tokens are encrypted at rest
  • • Memory files stored inside containers, cleared when container is destroyed
  • • Data in transit is encrypted with TLS
  • • Your conversation data is never used for model training

⚖️ Security Responsibility Boundaries

Security is a shared responsibility. CookAI handles platform-level security, but users should also follow good practices:

CookAI Handles

  • • Container isolation & resource limits
  • • Network isolation & tunnel blocking
  • • Data encryption & transport security
  • • Owner lock & permission system

User Handles

  • • Message Bot first after creation to lock ownership
  • • Don't send sensitive info in group chats
  • • Manage allowlisted users carefully
  • • Don't delete security-related config files
PreviousOwner ProtectionNext⚠️ Safety Tips