BYOS · Bring Your Own Storage

Privacy & Data Sovereignty

Last updated: 2026-05-13

The promise, in one paragraph

VR Eddie stores everything personal about you — your conversations, your bio, Eddie's memory of you, your custom courses, your room scans, your pins — in your own Google Drive, not on Eddie's servers. We can only see files we created in a folder called /VR Eddie/. We never see anything else in your Drive. We never train any model on your files. We never make permanent copies. And you can disconnect anytime — within 60 seconds, every cached row is purged and we stop reading your files entirely.

What we ask permission for

When you click "Connect Drive," Google asks you to grant one OAuth scope:

https://www.googleapis.com/auth/drive.file

That's "Drive file" scope. It means we can only see files our app created. We cannot see your other documents, photos, spreadsheets, or anything else in your Drive. Ever. This is enforced by Google, not by us.

We explicitly do not request the broader drive or drive.readonlyscopes that would let us read your whole Drive. Those scopes are scary in OAuth consent for a reason — they're overreach, and we don't need them.

What we create in your Drive

A folder called /VR Eddie/ with this structure:

/VR Eddie/
├── README.md            ← explains what's in here
├── Profile/             ← your bio + Eddie tone overrides
├── Conversations/       ← your chat sessions (markdown)
├── Memory/              ← Eddie's notes about you
├── Pins/                ← wishlists, comparisons
├── Courses/             ← custom courses you build or save
├── Spaces/              ← room scans
├── Runs/                ← WebXR Labs scores
└── Library/             ← screenshots, exports

You can browse it, edit it, copy it, share parts of it, or delete it — it's your folder.

What we cache

For performance, we hold a copy of recently-read files in our own database (Neon, hosted on AWS). These copies:

Live at most 1 hourbefore they're invalidated and re-read from Drive
Are scoped to your user account; no other user can read them
Are purged within 60 seconds of you disconnecting Drive
Are never used as training data, never sold, never shared
Are not searchable or analyzable by Eddie staff

The cache is performance only. Drive is source of truth.

What we don't do

We don't train any model on your files. Ever.
We don't make permanent copies on our servers.
We don't share your files with anyone unless you do (via Drive's native sharing UI).
We don't look in any folder outside /VR Eddie/.
We don't log your file contents in our application logs.
We don't allow sponsors, advertisers, or partners to read your data.

What Eddie writes (and when)

Eddie's "Memory" feature writes structured notes about you (rigs you own, preferences, decisions you've made) to /VR Eddie/Memory/long-term.md. We NEVER do this silently:

Eddie asks before writing: "Should I remember that?"
Batch confirmations at session end by default
Explicit /remember <fact> command for in-session writes
You can edit or delete the memory file directly in Drive — Eddie will respect your version on the next session

How to disconnect

Open vreddie.com → Settings → Eddie → Storage → click Disconnect Drive.

Within 60 seconds:

Your OAuth token is revoked at Google
Every cached row of your data is purged from our database
Eddie stops reading your files entirely

Your /VR Eddie/ folder stays in your Drive. We just stop touching it. You can re-connect anytime and Eddie picks up where you left off.

How to export

Click Settings → Eddie → Storage → Download my data to get a ZIP of everything in /VR Eddie/. Or simply navigate to the folder in Google Drive and use Drive's built-in "Download" — same result.

Your data is in open formats (Markdown, glTF, JSON) so you can open it in any editor, any 3D viewer, any JSON tool.

Encryption

Google encrypts your Drive files at rest by default. For especially sensitive files (your Profile/persona.md may contain personal info), you can opt in to client-side encryption in /settings/eddie. This uses a passphrase only you know — Google holds ciphertext, Eddie never sees plaintext at rest.

Off by default. Optional, for the privacy-paranoid (or sensible).

Sharing

When you share a course or a room scan with someone, the sharing happens through Drive's native permission system — not through Eddie. Click the file in your Drive, choose "Share," set the permissions. Eddie has no role in sharing your data.

Cross-region data residency

Drive data physically lives where your Google account lives — typically your own region. Our ephemeral cache lives in AWS us-east-1. The cache holds at most 1 hour of read data; for users with strict data residency requirements, you can opt out of caching in /settings/eddie (slight performance penalty).

Account loss

If you lose access to your Google account, you lose access to your /VR Eddie/ folder. We have no way to recover it — we never held a copy. This is the trade-off for data sovereignty.

Mitigations:

Use Drive's built-in "Make a copy" to snapshot the folder periodically
Pro Plus members can opt in to mirror to a second cloud provider
"Download my data" produces a ZIP you can keep locally

Incident response

If your OAuth token is ever compromised:

Revoke it immediately at myaccount.google.com/permissions
Eddie's cache for your account is purged within 60 seconds of revocation
We will notify affected users within 24 hours of a known compromise

Contact

Questions? hello@vreddie.com. Security disclosures: security@vreddie.com.