Privacy
What Tesseract captures, what it skips, and how your data is protected.
Privacy-first architecture
Processing. All activity captures are processed on your Mac. The processing pipeline relies on onboard hardware and Apple frameworks including Apple Vision and Apple Natural Language Framework.
Storage. Your activity memories are stored in a local SQLite database.
Redaction. Before anything is stored, Tesseract runs a multi-layer redaction pipeline that strips API keys, tokens, credit card numbers, and other sensitive patterns from captured text. This all happens locally.
Non-local stuff. Tesseract will check our servers once in a while for auto-updates, roughly every 24 hours when used. Tesseract may send a bit of data about itself during these pings such as its current version number and install ID, but nothing about your personal information or location is transmitted.
AI. The AI Summary feature of Tesseract requires an AI provider which will have access to your local data. For a fully local experience, use a private or local AI provider.
What gets captured
Each capture records:
- A screenshot of your active (foreground) window
- Text extracted from the screenshot (after redaction)
- Window title and app name
- Browser URL (sanitized -- sensitive query parameters are stripped)
- Timestamp
Captures happen at regular intervals while Tesseract is running and your Mac is active.
What never gets captured
Tesseract automatically skips sensitive apps:
- 1Password
- Keychain Access
- Messages (iMessage)
- System Settings
- Login window (screen lock)
- iPhone Mirroring
- Screen capture UI
System security agents like coreautha and SecurityAgent (macOS authentication prompts) are also skipped by process name.
These apps are excluded by bundle ID or process name, so they're never captured regardless of what's on screen.
Adding apps to the skip list
Open Settings and use the Privacy section to manage your skip list. You can toggle text redaction and URL sanitization on or off, and add custom apps to exclude from capture.
You can also edit the config file directly at ~/.config/tesseract/privacy.json:
{
"customSkipBundleIds": ["com.example.myapp"],
"customSkipAppNames": [],
"enableRedaction": true,
"enableURLSanitization": true
}Text redaction
Before any captured text is stored, Tesseract runs a two-tier redaction pipeline:
Tier 1: Secret detection. 118 patterns from the gitleaks project detect API keys, tokens, and credentials for services like AWS, Stripe, GitHub, Slack, Anthropic, and 100+ others. A keyword pre-filter ensures these patterns only run when relevant keywords appear in the text.
Tier 2: PII patterns. Additional patterns catch:
- Credit card numbers (validated with the Luhn algorithm to reduce false positives)
- Social Security Numbers
- Verification and OTP codes
- Generic secrets near keywords like
password,secret, ortoken - Masked character runs (bullet or asterisk sequences from password fields)
Redacted values are replaced with placeholders like [REDACTED-KEY], [REDACTED-CARD], or [REDACTED-SSN] so you can see that something was captured without exposing the sensitive value.
URL sanitization
Browser URLs are sanitized before storage. Tesseract strips:
- Sensitive query parameters (
token,access_token,api_key,session_id,password,secret,code,auth_token,refresh_token) - Any query parameter whose value looks like a JWT
The rest of the URL is preserved so you still know what page you were on.
Pausing capture
Click the Tesseract menu bar icon and select Pause Capture to temporarily stop all capturing. Resume when you're ready.
Deleting your data
Your capture database lives at:
~/Library/Application Support/TesseractMemoryKit/captures.dbDelete this file to remove all captured data. Tesseract will create a fresh database on next launch.
You can also use the Tessa CLI to scrub existing sensitive data from the database:
tessa scrub --dry-run # preview what would be scrubbed
tessa scrub # scrub sensitive data