Skip to main content

Privacy & Security

Privacy & Data Ownership - ContentMK Docs

How ContentMK protects your data and respects your privacy.

ContentMK is built on a local-first architecture. Your data lives on your machine, not on our servers. This page explains how ContentMK handles your data, what stays local, and what controls you have.

Local-First Architecture

All ContentMK data is stored in a SQLite database at ~/ContentMK/data.db on your computer. The application runs an Express API server locally — your content data is queried and served from your own machine, not from a cloud service.

This means:

  • ContentMK works offline with full functionality
  • There is no internet dependency for core features
  • Your data is not stored on or transmitted to third-party servers
  • Performance is limited only by your local hardware, not network latency

No Telemetry by Default

ContentMK does not collect usage analytics by default. If you choose to help improve the product, you can opt in to anonymous analytics powered by PostHog. This is entirely voluntary — the app does not phone home unless you explicitly enable it.

No Cloud Account Required

You do not need to create an account or sign in to use ContentMK’s core features. The app works standalone on your desktop. An account is only needed if you choose to purchase a subscription and activate premium modules.

Data Storage

Your content database is stored at:

~/ContentMK/data.db

This is a standard SQLite file. You can back it up, copy it, or inspect it with any SQLite tool. Database size depends on your content volume — typically 50MB to 2GB.

Cloud Sync Is Optional

The Cloud Sync module (available on Professional and Premium plans) is the only feature that transmits your data to external servers. It is entirely opt-in. When enabled:

  • Data is encrypted with TLS in transit and AES-256 at rest
  • Field-level sync with conflict resolution
  • You can disable Cloud Sync at any time to return to local-only operation

If you never enable Cloud Sync, your data never leaves your machine.

WordPress Password Security

WordPress Application Passwords are encrypted at rest using your operating system’s secure credential storage via Electron safeStorage. They are stored locally in your SQLite database and are never transmitted to ContentMK’s servers. The API endpoint that checks credential status returns only a boolean flag — the actual password is never exposed.

Export Always Available

You can export all your data at any time in JSON, CSV, PDF, or HTML format. Export works regardless of your subscription status — even if your plan lapses and the app enters read-only mode, your data is always accessible. ContentMK will never lock you out of your own content.