Privacy Policy
Last updated: February 2026
Overview
CludCode is built with privacy by design. We collect only the minimum data necessary to provide the service. Your terminal traffic is end-to-end encrypted and we cannot read it. This policy explains exactly what data we collect, why, and how long we keep it.
Key Privacy Principles
- ✓Zero-knowledge encryption: All terminal traffic is encrypted on your device (browser or iOS app). We cannot read your commands or output. Per-session forward secrecy ensures past sessions cannot be decrypted even if your device key is later compromised.
- ✓Minimal collection: We only collect data required to operate the service.
- ✓No selling: We never sell your data to third parties.
- ✓Data deletion: Delete your account and all your data is permanently removed.
Data We Collect
User Profile
Subscription and billing information only. We do not duplicate your email or name.
| Field | Purpose | Example |
|---|---|---|
| id | Unique identifier (links to auth) | a1b2c3d4-e5f6-... |
| stripe_customer_id | Link to Stripe for billing | cus_abc123... |
| subscription_plan | Current plan (free, pro, team) | pro |
| created_at | Account creation timestamp | 2026-01-15T10:30:00Z |
Note: Your email, name, and avatar are stored by your OAuth provider (GitHub/Google) and accessed only during login. We do not duplicate this data.
Registered Devices
Information about machines you connect to CludCode.
| Field | Purpose | Example |
|---|---|---|
| id | Unique device identifier | d1e2f3g4-h5i6-... |
| name | Display name you choose | Home MacBook Pro |
| os | Operating system (for display) | darwin |
| arch | CPU architecture (for display) | arm64 |
| agent_version | Agent software version | 0.4.7 |
| status | Online/offline indicator | online |
| auth_token_hash | Hashed auth token (not plaintext) | e3b0c44298fc... |
| push_token | APNs token for iOS push notifications | a1b2c3d4e5f6... |
| token_revoked_at | JWT revocation timestamp | null |
Note: Your encryption key is NOT stored on our servers. It exists only on your device and in your browser or iOS app.
Session History
Connection metadata for usage tracking (not terminal content).
| Field | Purpose | Example |
|---|---|---|
| started_at | Session start time | 2026-01-22T14:00:00Z |
| ended_at | Session end time | 2026-01-22T15:30:00Z |
| duration_seconds | Session length | 5400 |
| client_ip | IP address for security/abuse | 203.0.113.xxx |
| client_user_agent | Browser info for debugging | Mozilla/5.0... |
Important: We do NOT log your terminal commands or output. Session data is connection metadata only.
Registration Tokens
Temporary tokens for device registration. Auto-deleted after use or expiry.
| Field | Purpose | Retention |
|---|---|---|
| token_hash | Hashed token (not plaintext) | 10 minutes or until used |
| expires_at | Expiration timestamp | 10 minutes after creation |
MFA Recovery Codes
Hashed backup codes for two-factor authentication recovery.
| Field | Purpose | Example |
|---|---|---|
| code_hash | Hashed recovery code (not plaintext) | a9f3e2d1c0... |
Note: Recovery codes are hashed with SHA-256. We cannot recover them for you.
Usage & Billing Metrics
Aggregated metrics for billing and plan enforcement.
| Field | Purpose | Example |
|---|---|---|
| session_minutes | Total session time this period | 1250 |
| commands_executed | Command count (not content) | 8432 |
| data_transferred_mb | Encrypted bytes transferred | 256.7 |
Note: Aggregated billing metrics. No individual command content is recorded.
Operational Data
Technical data for service operation, automatically cleaned up.
| Data | Purpose | Retention |
|---|---|---|
| Rate limit counters | Prevent API abuse | 1 hour |
| Webhook event IDs | Prevent duplicate processing | 30 days |
What We DON'T Collect
- ✗Terminal commands: Your commands and output are encrypted end-to-end. We cannot read them.
- ✗Encryption keys: Generated on your device, never transmitted to us.
- ✗File contents: We have no access to files on your connected devices.
- ✗Screen recordings: No visual capture of your terminal sessions.
- ✗Behavioral tracking: No user tracking, cookies, or fingerprinting. We use Vercel Speed Insights for anonymous performance metrics only.
- ✗Cross-device commands: Remote command execution flows directly between your agents via encrypted relay. No command data is stored on our servers.
Third-Party Services
We use the following third-party services:
Supabase
Database and authentication. Your data is stored in their US-based infrastructure.
Privacy PolicyVercel
Web hosting and performance analytics (Speed Insights). Collects anonymous page load metrics.
Privacy PolicyData Retention
| Data Type | Retention Period |
|---|---|
| Account data | Until you delete your account |
| Device registrations | Until you remove the device or delete account |
| Session history | 90 days (planned) |
| Registration tokens | 10 minutes or until used |
| MFA recovery codes | Until used or account deleted |
| Usage metrics | Until account deleted |
| Rate limit data | 1 hour |
| Webhook records | 30 days |
Your Rights
You have the right to:
- Access: Request a copy of all data we have about you
- Correction: Update inaccurate information via the dashboard
- Deletion: Delete your account and all associated data
- Export: Export your data in a machine-readable format
- Restrict: Request we limit how we use your data
To exercise these rights, contact us at privacy@cludcode.com
Contact
Questions about this policy? Contact us: