Privacy Policy

Privacy Policy.

The short version: we collect almost nothing, and we tell you exactly what the few exceptions are.

Last updated: 2026 · This is a plain-language policy, not legal boilerplate. If anything here ever conflicts with how the product actually behaves, the product's behavior is the source of truth and we'll fix the wording. The one-sentence version: we designed Searxly so there's almost nothing about you to collect in the first place.

1. Our approach

Searxly is private by architecture, not by promise. There are no accounts, no analytics SDKs, and no telemetry in the app. We don't build an ad profile of you, and we have no business model that depends on your data. Most of what the app does happens entirely on your own Mac, where we never see it.

2. What stays on your device

The following never leaves your machine and is never sent to a Searxly server:

  • Search queries & results — your searches run through a SearXNG instance running locally on your Mac and are aggregated on-device. We don't receive, store, or log them.
  • Browsing history & bookmarks — stored on your device. You can turn history off, and turn on encryption-at-rest (CryptoKit + your Keychain) for stored data.
  • Wallet keys — generated from a standard BIP-39 phrase and encrypted on your device. They never leave it. We cannot access your funds, see your phrase, or sign on your behalf.
  • Passwords — the optional password vault is local and encrypted; entries are not synced to us.
  • Agentic Tools — the local tool server your own AI connects to runs entirely on your Mac (loopback-only, off by default). Its tools touch only your own SearXNG and your own browser; nothing is sent to a Searxly server, and you can verify this with a network monitor.

3. Agentic Tools

Searxly no longer ships an AI of its own. It exposes its private browsing as tools your own local AI can call over the Model Context Protocol, through a small server that is off until you turn it on, bound to loopback, and protected by a token. Two things are worth knowing:

  • Runs on your machine: tool calls are handled locally — private search routes only through your own SearXNG, and page reads or browser actions happen on your own device. Every call is written to an activity log you can read.
  • Your model is your choice: connect a local model (Ollama, LM Studio) and the whole loop stays on-device. Connect a cloud model and whatever your client sends to that provider is between you and them — Searxly still runs the tools locally and sends nothing itself.

4. Normal browsing requests

Searxly is a web browser, so when you open a page or load a result's favicon, thumbnail, or a knowledge-card source (e.g. Grokipedia), your device contacts those third-party sites directly — exactly as any browser does. Those servers see a normal request and your IP. Built-in ad & tracker blocking reduces this; we don't sit in the middle of it or log it.

5. This website

The marketing site is static and ships no tracking scripts and no advertising cookies — fittingly, given where we stand on advertising. Your host may keep standard server access logs (e.g. IP, user-agent) for security and operations, as is normal for any website.

6. Third parties we touch

  • Base RPC node — public blockchain node, used to read your token balance (sees the read request + your IP, like any on-chain read).
  • Price feeds (e.g. DexScreener / CoinGecko) — for token prices and charts in the wallet.
  • Local search engine — the bundled SearXNG runs on your own machine as part of the app; it's local infrastructure, not a service we receive data from.

We do not sell, rent, or share your data with advertisers or data brokers. Ever.

7. Data retention

On-device data lives on your device for as long as you keep it — and clears when you delete it, run a panic-wipe, or enable strict privacy mode. There are no server-side accounts or records to retain.

8. Your controls

  • Turn history off, or encrypt stored data at rest.
  • Keep the AI off entirely, or local-only; require confirmation for any tool that touches the network.
  • Panic-wipe / strict privacy mode to clear local data and AI memory instantly.
  • The site itself ships no analytics, so it reads nothing about you.

9. Children

Searxly is not directed to children, and any token activity is intended for adults. Crypto involves legal and age requirements that vary by region — please don't route around them.

10. Contact & official channels

Questions, security reports, or deletion requests — reach the team here. These are the only official channels; anything else claiming to be Searxly isn't:

11. Changes

If this policy changes, we'll update the date above and post material changes on our official channels. We'll keep it short and honest.