Data Handling

What Gets Stored

Omnodex stores structured records of agent activity:

• Tool invocations (name, parameters, results)
• File access events (which files, read or write)
• Network activity (destination, type of request)
• Session metadata (start time, end time, agent type)
• Detection findings (which rules fired, on which events)

Where It Is Stored

Free Tier (Local Only)

All data lives on your machine in the OMNODEX_HOME directory (default: ~/.omnodex):

File	Contents
events.jsonl	Append-only event log (source of truth)
omnodex.db	SQLite read model (derived, rebuildable)
config.json	Local configuration

You own these files completely. Omnodex makes no network calls. Nothing leaves your machine.

Hosted/Cloud Tiers

When cloud sync is enabled:

• Events are encrypted locally before upload (see Encryption)
• Encrypted blobs are stored in cloud object storage
• The encryption key never leaves your machine
• We store only ciphertext - we cannot read your data

Data Retention

Local

You control retention. Events accumulate in the log file indefinitely until you delete them. The omnodex purge command provides a way to remove events older than a specified date.

Cloud

Encrypted event data is retained according to your plan:

• Hosted: 90 days
• Pro: 1 year
• Enterprise: Configurable (up to unlimited)

Deletion is permanent. When data is purged from cloud storage, it is gone - we do not hold backup copies of customer data.

Data Portability

The event log is standard JSONL. You can:

• Copy it to another machine
• Process it with any tool that reads JSON (jq, Python, etc.)
• Import it into your own systems
• Archive it to your own storage

There is no lock-in. Your data is always yours in a standard, documented format.

Next Steps

• Encryption - How zero-knowledge encryption works
• Security Model - The overall security architecture