Effective date: 23 April 2026 · Version 1.0
LOSC (Life Operating System Caduceus) is a single-user personal information management system operated by Ntemis Latsoudis (elatsoudis@latsoudislaw.com). This policy describes what Google account data LOSC accesses, how it is stored, and the user’s rights.
1. Who operates LOSC
LOSC is operated by an individual — Ntemis Latsoudis — for personal use only. There is no organisation, employee, contractor, or third-party processor involved. The sole user of the system is the operator.
2. What Google data LOSC accesses
When the user grants OAuth consent, LOSC may access the following Google APIs on the user’s own account:
- Gmail (
gmail.readonly,gmail.send) — to surface unread counts, triage urgent email, search historical messages, and send drafted replies after explicit user approval. - Google Calendar (
calendar) — to display today’s events, the next 10 days, and to create events when the user requests it. - Google Contacts (
contacts) — read-only; to sync into a local relationship-management dashboard. - Google Photos (
photospicker.mediaitems.readonly) — to attach user-selected photos to journal entries. - Google Fit (
fitness.activity.read,fitness.body.read,fitness.heart_rate.read,fitness.sleep.read) — to populate the Health pillar of the life-insights dashboard.
3. How LOSC stores this data
All data accessed through Google APIs is processed locally on the operator’s own machines:
- OAuth tokens (access + refresh) are stored in a local SQLite database (
~/LOSC/data/losc.db) on the operator’s primary Mac. File permissions are restricted to the operator’s user account. - Email metadata, calendar events, contacts, photo metadata, and fitness readings are cached in the same local SQLite database for fast retrieval and offline access.
- Raw message bodies and attachments are never uploaded to any external server.
4. Who can see this data
Only the operator can see any data accessed through LOSC. The system has no user accounts, no sharing mechanism, no multi-tenant architecture, and no external dashboard. There is no analytics, no telemetry, no third-party SDK.
5. Third-party sharing
LOSC does not share Google account data with any third party. The operator may, at their discretion, send data they authored themselves (drafted emails, calendar events) to third parties via Google’s own APIs — but this is the operator acting as the account owner, not LOSC acting autonomously.
6. AI / language-model processing
LOSC uses large-language-model APIs (Anthropic Claude, locally-run Ollama models) to summarise, categorise, and search the operator’s own data. When LOSC sends a prompt that contains Google account data to Anthropic’s API:
- The data is covered by Anthropic’s Privacy Policy and Commercial Terms — specifically, Anthropic does not train on API inputs.
- Local Ollama models run entirely on the operator’s machine and send nothing to the internet.
7. Retention and deletion
The operator can revoke Google access at any time via myaccount.google.com/permissions, which invalidates all LOSC tokens. The operator can additionally run losc_revoke_access inside LOSC to delete the local token row and cached data.
8. Security
The operator’s machine uses FileVault full-disk encryption, a strong system password, and automatic screen lock. OAuth tokens are stored with owner-only file permissions. The LOSC codebase does not expose API endpoints to the public internet by default; the local API (localhost:8000) requires direct machine access.
9. Changes to this policy
Because this is a single-user system, policy changes take effect immediately upon being posted here. The operator is the only party affected.
10. Contact
Questions: elatsoudis@latsoudislaw.com.
LOSC is not affiliated with Google, Alphabet, or any other entity. All product names are trademarks of their respective owners.