Back to Home

Privacy Policy

Last updated: January 13, 2025

Our Commitment to Privacy

Libre WebUI is built on a foundation of privacy and user sovereignty. This Privacy Policy explains how we handle information on this website (librewebui.org) and within the Libre WebUI software application.

Core Principle: Zero telemetry. No analytics. No tracking. No phone-home code—ever.

1. The Libre WebUI Software

1.1 Local-First Architecture

Libre WebUI is designed as a self-hosted, local-first application. When you run Libre WebUI:

  • All data stays on your device — Your conversations, documents, settings, and API keys are stored locally on your machine or self-hosted server
  • No telemetry collection — We do not collect usage data, analytics, or any information about how you use the software
  • No phone-home functionality — The software does not send data to our servers or any third party
  • AES-256-GCM encryption — Your data is encrypted at rest using enterprise-grade encryption

1.2 Third-Party AI Providers

When you connect Libre WebUI to external AI providers (OpenAI, Anthropic, Google, etc.), your conversations are sent directly to those providers according to their respective privacy policies. We do not intermediate, log, or store these communications.

For maximum privacy, we recommend using local models via Ollama, which keeps all processing on your device.

1.3 Document Processing (RAG)

When you upload documents for chat (PDF, text files, etc.), these documents are processed and stored locally on your machine. Vector embeddings are generated and stored locally. No documents are transmitted to external servers unless you explicitly use a cloud-based embedding provider.

2. This Website (librewebui.org)

2.1 Information We Collect

This website is a static informational site. We collect minimal information:

  • No analytics or tracking scripts — We do not use Google Analytics, Meta Pixel, or similar tracking tools
  • No cookies for tracking — We do not set cookies to track your behavior across sites
  • Local storage only — We use browser localStorage to remember your theme preference (light/dark mode) and sessionStorage for language preference. This data never leaves your browser

2.2 Hosting and Server Logs

This website is hosted on Cloudflare Pages. Cloudflare may collect standard server logs which include:

  • IP addresses (anonymized after 24 hours)
  • Browser type and version
  • Pages visited and timestamps
  • Referring URL

These logs are used solely for security purposes and abuse prevention. We do not have access to individual user data from these logs. For more information, see Cloudflare's Privacy Policy.

2.3 Third-Party Services

This website uses the following third-party services:

  • Google Fonts — We load fonts from Google Fonts. Google may collect usage data according to their Privacy Policy
  • GitHub API — We fetch release information from GitHub's public API to display the changelog. No personal data is transmitted
  • LibreBot Widget — An optional chat widget that helps answer questions about Libre WebUI. LibreBot's privacy policy applies to interactions with this widget

2.4 External Links

This website contains links to external sites (GitHub, documentation, social media). We are not responsible for the privacy practices of these external sites.

3. Data Retention

Software: Since all Libre WebUI application data is stored locally on your device, you have complete control over retention. Delete the application data anytime you wish.

Website: We do not retain any personal data from website visitors. Cloudflare server logs are automatically deleted according to their retention policies.

4. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access — Request information about data we hold (for this website, we hold none)
  • Deletion — Request deletion of your data (for the software, simply delete your local data)
  • Portability — Export your data (the software stores data in standard formats you can export)
  • Objection — Object to processing (we don't process personal data)

5. Children's Privacy

This website and software are not directed at children under 13. We do not knowingly collect personal information from children.

6. Compliance

Libre WebUI's local-first, zero-telemetry architecture is designed to be inherently compliant with:

  • GDPR (General Data Protection Regulation)
  • CCPA (California Consumer Privacy Act)
  • HIPAA (Health Insurance Portability and Accountability Act) — when self-hosted with appropriate controls

Since data stays on your infrastructure, you maintain full control over compliance requirements.

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of any material changes by updating the "Last updated" date at the top of this page.

8. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please:

9. Open Source Transparency

Libre WebUI is open source software licensed under the Apache 2.0 License. You can verify our privacy claims by reviewing the source code at github.com/libre-webui/libre-webui.

Our commitment to privacy is also codified in our Ethical Charter.