Legal
Privacy Policy
Last updated: June 2, 2026
01 Overview
Loom is a free, open-source Minecraft launcher for Windows built by a solo developer (_jackoboy / ContiSupplu). We believe your data is yours. Loom is designed to keep as much information as possible on your local machine and to only send data to external services when you explicitly choose to use a feature that requires it.
The short version: Loom doesn't have its own backend or database. Your game data, settings, instances, mods, and worlds all live on your computer. The only time data leaves your machine is when you use features that connect to third-party services — and we'll tell you exactly what those are below.
02 Data We Collect
Authentication Data
When you sign in, Loom uses Microsoft Authentication to verify your Minecraft account. This involves exchanging OAuth tokens with Microsoft's servers. Loom stores your authentication tokens locally on your device so you don't have to sign in every time. These tokens are never sent to us or any server we control.
Chat Messages (Loomie AI)
If you use Loomie, our built-in AI assistant, your chat messages and any crash logs you share are sent to the Google Gemini API for processing. This happens only when you actively interact with Loomie — we don't send anything in the background.
- Messages you type or speak to Loomie
- Crash logs, but only when you ask Loomie to diagnose a problem
- Screenshots, only if you choose to share one with Loomie
Note: Google's Gemini API has its own privacy policy that governs how it processes the data Loom sends. We encourage you to review Google's privacy policy.
Spotify Data
If you connect Spotify, Loom communicates with the Spotify API to display now-playing information and control playback. Loom accesses your currently playing track, playback state, and basic profile info. This data is used solely for the in-launcher music experience and is not stored beyond the active session.
Discord Rich Presence
If enabled, Loom sends basic game activity info (like "Playing Minecraft 1.21") to Discord's local IPC on your machine. This data never leaves your computer — it communicates only with the Discord client running locally.
03 Third-Party Services
Loom connects to the following external services. Data is only sent when you use the corresponding feature:
- Microsoft Authentication — OAuth token exchange for verifying your Minecraft account ownership
- Google Gemini API — Processes Loomie AI conversations, crash diagnostics, and screenshots
- Spotify API — Retrieves playback status, track info, and controls music when you connect your account
- Modrinth API — Searches for and downloads mods, modpacks, and resource packs
- MCPEDL — Browses and downloads Bedrock addons
- Mojang/Microsoft APIs — Fetches skin data, Xbox profiles, and game version manifests
Loom does not sell, rent, or share your data with any party for advertising or marketing purposes.
04 What Stays on Your Machine
The following data is stored entirely on your local device and is never transmitted to any server:
- Game instances, worlds, saves, and screenshots
- Installed mods, resource packs, and shader packs
- Launcher settings and preferences
- Crash logs (unless you choose to share them with Loomie)
- File Sync data (syncs between local instances only, not over the internet)
- Recording and video editor files
- Authentication tokens (stored locally, encrypted at the OS level)
No backend, no database. Loom does not operate any servers that store your personal data. Everything lives in your Loom data folder on your computer.
05 Cookies & Local Storage
Loom is a desktop application (built with Electron), not a traditional website. It uses local storage and the system credential store rather than browser cookies. Specifically:
- Electron Local Storage — Stores user preferences, UI state, and session data
- System Credential Store — Securely stores authentication tokens using your OS's built-in credential manager
The Loom website (loommc.com) does not use tracking cookies or analytics services.
06 Privacy Mode
Loom includes a built-in Privacy Mode that gives you additional control over your data. When enabled, Privacy Mode:
- Disables Discord Rich Presence
- Limits or disables data sent to external APIs
- Adjusts features based on your region's privacy regulations
- Provides a clear summary of what data sharing is active
Privacy Mode settings are applied automatically based on region-based compliance rules, but you can also toggle them manually at any time from the launcher's settings.
07 Children's Privacy
We recognize that Minecraft has a large audience of younger players. Loom does not knowingly collect personal information from children under 13 (or the applicable age in your jurisdiction).
- Loom does not require an account with us — authentication is handled entirely through Microsoft
- Loomie AI conversations are processed by Google's Gemini API and are not stored by Loom
- We do not collect names, email addresses, or other personal identifiers
- Privacy Mode can be enabled to further restrict data sharing
If you are a parent or guardian and believe your child has provided personal information through Loom, please contact us so we can address your concern.
COPPA Note: Because Loom doesn't operate its own data collection backend, the primary third-party data interaction for minors would be through Microsoft Authentication (governed by Microsoft's Family Safety settings) and Loomie AI (governed by Google's terms). We encourage parents to review those services' policies.
08 Data Retention
Since Loom stores data locally on your device:
- Local data persists until you delete it or uninstall Loom
- Authentication tokens are refreshed automatically and can be removed by signing out
- Loomie conversations are stored locally for your session history. Data sent to Google's Gemini API is subject to Google's retention policies
- Spotify session data is cleared when you disconnect your Spotify account
You can clear all local data at any time by using the "Reset Loom" option in settings or by manually deleting your Loom data folder.
09 Regional Privacy Compliance
Loom's Privacy Mode includes region-based compliance that automatically adjusts data sharing behavior based on your location:
- European Union (GDPR) — Loom respects data minimization principles. Features that send data to third-party APIs require explicit user action. You may exercise your right to erasure by clearing local data and revoking third-party permissions
- California (CCPA) — Loom does not sell personal information. You can request deletion of any data by clearing your local Loom data
- Other Regions — Privacy Mode adapts to local regulations. If your region has specific data protection requirements, Privacy Mode will default to the most privacy-protective configuration
Because Loom does not maintain a central database of user data, most privacy rights (access, deletion, portability) can be exercised directly on your device.
10 Open Source Transparency
Loom is open-source software. You can inspect exactly what data the launcher collects, how it's processed, and where it's sent by reviewing the source code. We believe transparency is the best privacy policy.
- GitHub: ContiSupplu/Cobble
- You're welcome to audit the codebase, report issues, or suggest improvements
11 Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in Loom's features or applicable laws. When we make significant changes, we'll update the "Last updated" date at the top of this page and may notify users through the launcher's announcement bar.
We encourage you to review this policy periodically.
12 Contact
If you have questions about this Privacy Policy or how Loom handles your data, you can reach us at:
- Email: support@loommc.com
- GitHub: Open an issue on the Loom repository