Chordium Privacy Policy
The short version: Chordalia Systems does not collect, see, or store any of your data. Chordium is an on-premises product — it runs on your hardware (or your own cloud subscription), never on Chordalia infrastructure. Content ingested from your business systems stays under your control. If you choose to use Azure AI services, your content goes to your own Azure account — not ours. If you use local AI features, nothing leaves your environment at all.
On-premises only — never managed by Chordalia
Chordium is deployed via Docker on infrastructure you control:
- On your own hardware
(
docker-compose.local.yml) — typically a dedicated server, workstation, or NAS in your office. - In your own cloud subscription
(
docker-compose.cloud.yml) — for example, an EC2 instance in your AWS account or a VM in your Azure tenant.
In both cases, the infrastructure is yours and the data on it is yours. Chordalia Systems does not host Chordium for any customer. This is a deliberate decision so that data sovereignty is a concrete property of the product, not a contractual promise. We have no operational ability to access your Chordium instance because we don't run it.
The Symphony edition includes managed deployment as a service — meaning Chordalia staff configure Symphony on your infrastructure during onboarding, then hand over operations. It does not mean Chordalia hosts your instance.
What Chordium does with your data
Your knowledge base
Chordium ingests content from the business systems you connect (support tickets, internal documentation, chat history, etc.) and indexes it for search and AI question-answering. That index lives in a MariaDB database on the server you operate. Original source content (full ticket text, message bodies, document contents) is stored in that same database alongside the search index. Chordalia Systems has no read or write access to your database.
Your license
Your license is verified entirely on your server using a public key embedded in the application. Chordium makes no network connection to Chordalia Systems to check your license. We never receive your license file, your machine identifiers, or any telemetry about how the software is used.
Crash reports and telemetry
Chordium does not collect crash reports, usage statistics, or any telemetry. If Chordium errors or crashes, nothing is reported anywhere automatically. Logs are written to your server's filesystem under your control. You can report issues to us voluntarily by contacting support.
Content connectors
Chordium connects to third-party business systems to ingest content for indexing. The connectors currently available include Zendesk, Slack, Google Docs, Notion, Jira, Confluence, Freshdesk, Dropbox, and Shopify, with plugin support for custom internal systems.
When a connector is enabled:
- Authentication credentials you provide (API tokens, OAuth refresh tokens, service account keys) are stored on your Chordium server. They are encrypted at rest where the operating system credential manager is available; otherwise they are stored in a configuration file with restricted file permissions.
- Ingested content (tickets, messages, document contents, etc.) is downloaded from the source service into your Chordium MariaDB database. The original content stays in the source service; Chordium maintains its own indexed copy.
- Personally identifiable information that exists in your source content (customer names, email addresses, support ticket contents, message authors, etc.) is preserved in the Chordium index because it would otherwise make support search useless. This information is yours and stays on your infrastructure. It is never sent to Chordalia Systems.
- Your use of the source services is governed by their respective terms of service and privacy policies. Chordium is a data consumer of those services on your behalf.
Connector signing: Chordium verifies a cryptographic signature on the connector files before loading them, so an attacker cannot drop a malicious connector into the connectors directory and have it loaded silently. Signed connectors are issued by Chordalia Systems; customers running the open connector SDK to build custom connectors use their own developer signing key.
Azure services (optional, Ensemble and Symphony editions)
Chordium can connect to Microsoft Azure services that you configure using your own Azure account. When you do:
- Azure AI Search: Text content from your knowledge base is uploaded to a search index in your Azure account. This index lives in your Azure subscription and is not accessible to Chordalia Systems.
- Azure OpenAI: When a user asks a question, relevant text excerpts from your knowledge base are sent to Azure OpenAI along with the question. The AI generates an answer from that context. These requests go to your Azure deployment, not a shared Chordalia endpoint.
Key point: All Azure services are configured with credentials you provide. Data goes to your Azure tenant. Chordalia Systems has no access to your Azure account, your data, or your query history.
You can find Microsoft's privacy terms for Azure at microsoft.com/privacy.
If you do not configure Azure, none of your data is ever sent there.
Local AI features (optional, Ensemble and Symphony editions)
Chordium supports fully local alternatives to Azure:
- Ollama (AI question-answering): Questions and document excerpts are sent to a locally-running Ollama server on your own hardware. Nothing leaves your environment.
- ChromaDB (semantic search): The semantic search index is built and stored locally on your Chordium server. All searches run on your hardware.
Local AI is the appropriate choice for regulated industries (HIPAA, financial services, public sector) where data residency requirements forbid sending content to a cloud AI provider. When configured to use local AI, Chordium has no AI dependency outside your environment.
User accounts and sessions
Chordium supports multiple user accounts with role-based permissions (admin, editor, reader). User credentials and roles are managed entirely on your server:
- Passwords are stored as bcrypt hashes in your MariaDB database. We do not have, and cannot recover, any user's plaintext password.
- Session cookies are stored in the user's browser and validated against a Redis-backed session store on your Chordium server. Sessions are configured with HttpOnly, Secure, and SameSite=lax flags for defense against common web attacks. The default server-side session lifetime is 8 hours.
- Annotations and edits that users make to indexed content (corrections, notes, comments) are stored in your MariaDB database alongside the rest of the index.
User account data, session data, and annotations never leave your server.
Solo Edition
The Solo edition uses keyword search only — no AI, no vector search, no Azure dependency, no Ollama. Solo runs entirely on your hardware with no AI providers configured. Connector credentials, ingested content, user accounts, and session data behave the same as in Ensemble and Symphony, but no AI inference happens at any tier (cloud or local).
Audit logs (Symphony edition)
Symphony includes audit logging that records administrative actions (user creation, role changes, connector configuration, license events). Audit logs are written to your MariaDB database and are accessible to administrators through the admin UI. Audit logs never leave your server.
Children's privacy
Chordium is a business product not directed at children, and we do not knowingly collect information from anyone. Since we collect no data from anyone, this is straightforward: nothing about any user — child or adult — is ever transmitted to Chordalia Systems.
Changes to this policy
If we update this policy, the new version will be included in the next release of Chordium and posted on the Chordalia Systems website. We will note the updated date at the top of this document.
Contact
If you have questions about this policy, contact us at:
Chordalia Systems
support@chordalia.com