Ollama
Local · privacy-pure
llama3.1:8b · phi3 · mixtral · qwen2.5
§ Posture · zero phone-home
Your data. On your machine.
Full stop.
Most AI products treat privacy as a marketing line on the pricing page. Team-X treats it as the operating system. Every byte of state lives on your machine. Every API key sits in the OS keychain. No analytics, no telemetry, no crash reports, no auto-update phone-home. The website you're reading right now ships zero third-party trackers and zero analytics. The product is the same.
Local-first Open-source No telemetry Zero phone-home
§01 Local-first by default
Run the entire org on Ollama.
Zero cloud dependency.
Team-X works fully offline. Install Ollama , pull a model
(llama3.1:8b, phi3, mixtral, qwen2.5), and
the orchestrator routes every agent turn through your local GPU or CPU. The org chart works.
The kanban works. The agentic loop works. The Copilot works. Goals, projects, meetings,
the audit log, the file vault: all of it. No degraded mode. No "available with cloud only" features.
When you do choose to use a cloud model, it's per-agent. Hire a Senior Engineer powered by Claude Opus on Anthropic, and a Customer Support Lead powered by Llama 3.1 on Groq, and a DevOps IC running on local Ollama, all in the same company. The provider router enforces privacy tiers per role, so a role configured for the Local tier physically cannot make a proprietary cloud call.
§02 Zero phone-home, ever
We do not collect anything.
Including "anonymous usage."
No Google Analytics, no Mixpanel, no Segment, no Sentry, no Amplitude, no PostHog, no Datadog, no Plausible, no Fathom. The desktop app does not call home. The website does not call home. The newsletter (when it ships) will not embed a tracking pixel or wrap any URL in a redirect tracker.
We will know exactly two things about you: whether you opened a GitHub release page (because
you can opt-in to "Check for updates" in Settings → Updates, which makes a
single GET request to the GitHub releases API and stops there), and whether you subscribed
to Field Notes (because we need an email address to send a
newsletter to). Both are explicit, opt-in, and revocable in one click.
Privacy is not a feature. It's a posture.
§03 Secrets in the OS keychain
Your API keys never touch a config file.
Every cloud provider key is stored in the platform's native secret store via keytar : Windows Credential Manager, macOS Keychain, and libsecret on Linux. They are never written to JSON, YAML, environment files, log lines, exports, or backups. When you ask Team-X to forget a provider, the key is removed from the keychain, not "soft-deleted" in a database.
// apps/desktop/src/main/services/secrets.ts
await keytar.setPassword('team-x', `provider:${provider}`, apiKey);
// readback
const key = await keytar.getPassword('team-x', `provider:${provider}`);
// clean delete
await keytar.deletePassword('team-x', `provider:${provider}`);
§04 Privacy tiers, enforced per role
Choose what your agents are allowed to use.
Three tiers, three colors, one filter. Set a role's privacy ceiling once and the provider router will refuse any call above it. Run the entire company on Local for a regulated workflow. Mix and match per role for a normal product team. Block proprietary clouds entirely if your compliance posture says so.
LM Studio
Local · privacy-pure
any GGUF · MLX
Groq
Open-source cloud
llama-3.1-70b · mixtral-8x7b
OpenRouter
Open-source cloud
mixtral · llama-3 · deepseek
Together
Open-source cloud
llama-3.1-405b · qwen2.5-72b
Fireworks
Open-source cloud
deepseek · qwen · llama-3
OpenAI-compat
Bring your own
any compatible endpoint
Anthropic
Proprietary cloud
claude-opus · claude-sonnet · claude-haiku
OpenAI
Proprietary cloud
gpt-5 · gpt-4o · gpt-4o-mini
Google
Proprietary cloud
gemini-2.5-pro · gemini-flash
See for yourself.
The source is the spec.
Team-X is open-source under the MIT license. The code is the privacy spec. If a claim on this page isn't backed by a file in the repo, it's not a real claim.