Security & privacy
We store almost nothing, so there is little to steal.
Most security pages describe encryption around a database full of user data. Libre is built the other way around — and LibreSearch, our first product, is the proof.
Layer 1 · Data
We do not store your searches
- We process the query, return results, and discard the request. No log line, no IP link.
- We do not build profiles or keep search history.
- Your settings sit in your browser, not on our servers.
Layer 2 · Identity
No account required
- LibreSearch works without email, password, or a cookie that ties visits together.
- Libre does not assemble an identity graph because we do not collect the pieces.
Layer 3 · Code
Public under AGPL-3.0
- Anyone can read how requests are handled.
- Changes land in the public repo and changelog.
Layer 4 · Infrastructure
Protected without profiling you
- Rate limits and proof-of-work block abuse without tracking who you are.
- Every route sends strict security headers.
Read the source yourself.
The LibreSearch repo, privacy policy, and transparency record cover the claims on this page. Start with the repo if you want proof in code.
Found a vulnerability?
Describe the issue below. Include steps to reproduce if you can. Good-faith reports get priority — protected by Cloudflare Turnstile like our main contact form.