Your memory. Your store. Your cloud.
Every note your agents build lives on Deeplake, in a store you own. Run it in your own cloud account, inspect it whenever you want, and never wonder who else has a copy. Only the local daemon talks to storage, and it was built that way on purpose.
DownloadWhat ownership actually means
A store you own
Memory lives on Deeplake, not inside a vendor's black box. You hold the account, so you hold the data. Nobody is renting it back to you.
Bring your own cloud
Deeplake can run in your own cloud account, on infrastructure your company already controls and already trusts. Your memory never has to leave a boundary you did not draw yourself.
Isolated at the storage layer
Org, workspace, and project are separated where the data is stored, not just hidden behind an app screen. Two companies, or two teams, never share a row.
Versioned and auditable
Every memory is versioned, so you can always see what was known and when. Nothing gets silently overwritten, and nothing disappears without a trace.
Secrets kept apart
API keys and credentials are stored separately from memory, encrypted, and never shown to an agent. A prompt injection cannot exfiltrate what an agent never held.
Only the local daemon talks to storage
The assistant itself never opens a connection to your store. One process, on your machine, is the sole path in, so the attack surface stays small and known.
Deeplake was built to be held, not rented.
Deeplake is the database built for AI. It stores your exact text and its meaning together, so recall works even when nobody used the right words, and it keeps a full version history behind every fact instead of overwriting the past. That is the store your memory lives in, and it is yours: run it hosted, or run it in your own cloud account, under your own billing and your own access policy. The choice belongs to you at any point, not just on day one.
Read the security modelWhy a store you own beats a vendor holding your data
A vendor that holds your memory is asking you to trust a promise: that it will not look, will not lose it, and will not change the terms later. A store you own removes the question, because the answer was never up to someone else. Bring your own cloud means your company's existing account, existing controls, and existing audit trail extend to your AI memory the same way they extend to everything else you run.
This is also why isolation happens at the storage layer instead of only in the application. Org, workspace, and project boundaries are enforced where the rows physically sit, so a bug in a dashboard or an API cannot leak across a line that was never drawn in code to begin with. Every memory is versioned, so an audit is a query, not an investigation.
What leaves your machine, and what does not
Your actual memories go only to the store you control. The only outbound traffic is the sign-in with Deeplake and, optionally, anonymous product-usage counts that help the makers understand adoption. That signal never includes your code, prompts, memories, file paths, or names, and you can turn it off entirely. Secrets never travel this path at all: they sit encrypted, apart from memory, and an agent can put one to work without ever seeing its value.
Common questions
Who actually owns the memory The Apiary builds?
You do. It lives on Deeplake, in a store under your account, not inside a vendor's black box. You can move it, inspect it, or run it in your own cloud, because it was never anyone else's to hold.
What does bring your own cloud mean here?
Deeplake can run in your own cloud account. Your memory sits on infrastructure your company already controls, under your own billing and your own access policy, instead of a shared multi-tenant service you have to trust blind.
How are different teams and projects kept apart?
Isolation happens at the storage layer, not just inside the app. Org, workspace, and project are enforced where the data physically sits, so a boundary cannot be crossed by an app bug.
Can an AI agent ever see my API keys?
No. Secrets are stored apart from memory and are never shown to an agent. An agent can use a secret to call a service without the value ever entering its context.
What actually leaves my machine?
Sign-in, plus optional, anonymous usage counts you can turn off. Your memory itself never leaves the store you control, because only the local daemon talks to storage.
Why does a store I own beat a vendor holding my data?
A vendor's store is a promise. A store you own is a fact. You keep the option to move, audit, or shut off access at any time, on your own schedule, not a vendor's.
Keep your memory on infrastructure you control.
Install the stack and point it at the cloud account you already run.
Windows (PowerShell): irm https://get.theapiary.sh/install.ps1 | iex
Download