Privacy Policy

Last updated: March 22, 2026

Introduction

ddot ("we", "us", "our") operates the ddot Agent service across messaging platforms including WhatsApp, Telegram, and Discord, as well as the ddot gateway, MCP bridge, the ddot skill marketplace, and Twin AI features. This Privacy Policy explains how we collect, use, and protect your information when you interact with any ddot product or service.

Information We Collect

Messages

When you send a message to ddot Agent, we process the text content to route it to the appropriate skill and generate a response. Messages are processed in real-time and are not stored permanently unless you use a skill that explicitly provides data persistence (such as reminders or bookmarks).

User Identifiers

We receive your platform-specific user ID (e.g., phone number hash for WhatsApp, user ID for Telegram/Discord) solely to deliver responses back to you. We do not link these identifiers across platforms.

Skill Data

Some skills store data you explicitly provide (e.g., reminders, saved links). This data is isolated per-skill and per-user in a sandboxed key-value store. No skill can access another skill's data.

MCP Bridge Security Data

When you use the ddot-mcp-bridge to secure your MCP servers, the bridge generates audit chain entries containing: tool names called, timestamps, request/response metadata, and SHA-256 hashes for chain integrity. This data is stored locally on your gateway and is never transmitted to ddot or any third party. You have full control over retention and deletion of audit data via the ddot purge command.

Twin AI Data (Sigma Tier)

If you activate Twin AI (Sigma tier), your agent's memories are projected into a 5-dimensional manifold for enhanced recall and contextual awareness. This projection is computed locally on your gateway hardware. The resulting vectors are stored in your local DENSE database and are never transmitted externally. Twin AI processes:

  • Memory vectors: 5D projections of your stored memories along identity, relationship, emotion, action, and time dimensions
  • Resonance data: Connections discovered between memories within the manifold
  • Enrichment context: Contextual neighborhoods retrieved when you query your agent

All Twin AI data is self-hosted. No memory vectors, projections, or enrichment data leave your machine. If you deactivate Twin AI, the manifold projections are deleted; your original flat memories remain intact.

Information We Do Not Collect

  • We do not collect your name, email, or contact information
  • We do not read or store message history beyond active processing
  • We do not use cookies or tracking technologies
  • We do not sell, rent, or share your data with third parties
  • We do not use your data for advertising or profiling
  • We do not train AI models on your messages
  • We do not transmit MCP bridge audit data off your machine
  • We do not transmit Twin AI memory vectors off your machine

How We Use Your Information

Your information is used exclusively to:

  • Route your message to the correct skill for processing
  • Generate and deliver a response to your message
  • Maintain skill-specific data you explicitly create (e.g., reminders)
  • Enforce MCP bridge security policy (signature verification, tool whitelisting, audit logging)
  • Compute Twin AI memory projections and resonance maps (Sigma tier, local only)

Data Security

ddot uses a Three Rings security architecture:

  • Ring 3 (Channels): Messages arrive via platform APIs over TLS-encrypted connections.
  • Ring 2 (Gateway): All skills run in WebAssembly sandboxes with declared capability gates. Messages pass through a 5-layer prompt firewall. Skill and MCP server integrity is verified via Ed25519 cryptographic signatures before every execution. MCP server interactions are logged to a SHA-256 hash-chained tamper-evident audit trail.
  • Ring 1 (Twin AI): The Twin AI layer is isolated behind an OS-enforced one-way valve. It can read from Ring 2 but cannot write back. DENSE projections and on-chain attestations operate independently of user data flow.

ddot's security architecture meets all 14 CMMC Level 1 requirements. Data decommissioning follows NIST 800-88 Rev 1 guidelines via the ddot purge command.

Data Retention

  • Messages: Processed transiently and discarded after response delivery.
  • Skill data: Retained until you explicitly delete it or request account deletion.
  • Free tier memories: Flat key-value pairs retained for 14 days, then automatically purged.
  • Sigma tier (Twin AI): Memories and manifold projections retained indefinitely until you delete them or deactivate Twin AI.
  • Audit chain: Retained locally until you run ddot purge or manually delete the audit database.

Your Rights

You have the right to:

  • Request deletion of all your stored data at any time
  • Stop using the service by simply not messaging ddot Agent
  • Request information about what data we hold for your user ID
  • Deactivate Twin AI and delete all manifold projections
  • Purge all audit chain data from your gateway
  • Export your audit data for external review or compliance

To exercise these rights, see our Data Deletion page or contact us at the email below.

Self-Hosted Architecture

ddot is designed to run on your own hardware. Your gateway, MCP bridge, audit chain, memory store, and Twin AI projections all operate locally. No data is transmitted to ddot servers. The only external connections are those you explicitly configure: channel platform APIs (WhatsApp, Telegram, Discord), AI voice box APIs (if using a cloud LLM provider), and any network-capable skills you install.

Third-Party Platforms

ddot Agent operates on third-party messaging platforms (WhatsApp, Telegram, Discord). Your use of those platforms is governed by their respective privacy policies. We only receive the data these platforms transmit to us via their official APIs.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated revision date. For material changes affecting data handling of Twin AI or MCP bridge features, we will provide reasonable advance notice.

Contact

For privacy-related inquiries: privacy@ddot.build