Privacy Policy

Last updated: March 13, 2026

Overview

Muleline is a self-hosted photo and file sync platform. Your data stays on your own server. We do not collect, store, or have access to your photos, files, or personal data.

Self-Hosted Instances

When you self-host Muleline, all data — photos, files, metadata, user accounts — is stored exclusively on your own infrastructure. Muleline (the software and its maintainers) has zero access to your data. You are the data controller.

Mobile App

The Muleline mobile app connects directly to your self-hosted server. The app:

• Does not collect analytics or telemetry
• Does not send data to third parties
• Does not use advertising SDKs or trackers
• Stores your server URL and authentication tokens locally on your device using secure storage
• Accesses your photo library only with your explicit permission, solely for backup purposes

What We Don't Collect

We do not collect:

• Personal information
• Photos or files
• Usage analytics
• Device identifiers
• Location data
• Crash reports

Face Recognition Data

Muleline includes optional face recognition features powered entirely by on-server processing. Here is how face data is handled:

• What is collected: When face recognition is enabled, the server detects faces in your photos and generates mathematical face encodings (128-dimensional numerical vectors). Small face crop thumbnails (150x150 pixels) are also generated for display purposes.
• How it is used: Face encodings are used solely to group your photos by person, allowing you to browse your photo library by the people in it. Face data is never used for advertising, profiling, surveillance, or any purpose other than organizing your own photo library.
• Processing location: All face detection and encoding is performed entirely on your self-hosted server using the open-source dlib library. No face data is ever transmitted to Muleline's developers or any third party. The mobile app only displays face data retrieved from your server — it does not perform face processing itself.
• Storage: Face encodings are stored as binary data in your server's local SQLite database. Face crop thumbnails are stored on your server's local file system. All face data resides on infrastructure you own and control.
• Retention: Face data is retained on your server until you delete it. You can delete individual face data, remove all face data for a person, or disable face recognition entirely at any time through the app settings or the server API. When face recognition is disabled, no new face detection or encoding is performed.
• Third-party sharing: Face data is never shared with any third party. It exists only on your self-hosted server. Muleline's developers have no access to your face data or any other data on your server.

Face recognition is optional and disabled by default. Users must explicitly enable it in the app's settings.

Cloud Hosting (Future)

If we offer managed cloud hosting in the future, a separate privacy policy will apply to that service. Self-hosted users will never be affected.

Open Source

Muleline is MIT licensed and fully open source. You can audit the entire codebase at gitlab.com/ArchonAGI/muleline.

Contact

Questions about this policy? Email hello@muleline.win.