Legal

Privacy Policy.

What Clauge collects, why we collect it, where it's stored, and the choices you have.

Last updated: June 21, 2026

1. TL;DR

If you choose to sign in for cloud sync, we store your basic profile from GitHub or Google plus the gzipped JSON of your collections, connections, and saved queries on Cloudflare D1. We never receive your passwords, API keys, or private keys — those stay in your operating-system keychain on your device. We don't sell your data. We don't run third-party analytics inside the desktop app.

The desktop app sends anonymous usage counts once a day so we know which features get used. No URLs, no content. Off-switch in Settings → General → Privacy.

Using the Clauge mobile companion apps (iOS / Android)? They collect far less — no account, no sign-in, no cloud sync, no analytics. See section 2 below for exactly what the mobile apps touch.

2. Clauge mobile apps (iOS & Android)

The Clauge mobile apps are companions to the Clauge desktop app — they let you watch and control terminals running on your own desktop. There is no account and no sign-in on mobile, and the apps collect almost nothing.

What the mobile apps store or send:

  • Pairing details — your desktop's local address and a device token, created when you scan the QR code your desktop shows. These are stored encrypted on your phone (Android EncryptedSharedPreferences / iOS Keychain) and are never sent to us.
  • A push notification token — so your desktop can alert you (e.g. "approval needed", "task done"). Notifications are delivered through Google Firebase Cloud Messaging (FCM); the token and a short notification title/body (no terminal contents) pass from your desktop through our relay to FCM to reach your phone.
  • Camera — used only to scan the pairing QR code. Images are not stored, saved, or uploaded.

What the mobile apps do not do:

  • No account, no cloud sign-in, no cloud sync.
  • No analytics SDKs, no advertising, no behavioural tracking, no location, no contacts.
  • The terminal contents you mirror flow directly between your phone and your desktop over your own network (LAN or your private overlay) — they are not stored on our servers.

You can turn push notifications off, unpair a device, or simply uninstall the app at any time — pairing data lives only on your phone, so removing the app removes it. The only third party involved is Google (Firebase Cloud Messaging), used solely to deliver push notifications.

3. What we collect

Only when you sign in to the cloud sync Service:

Category Examples Source
Account profile Provider user ID, email, display name, given name, family name, avatar URL, your chosen handle (slug) GitHub or Google OAuth, at sign-in
Sync content Gzipped JSON of your REST collections, SQL/NoSQL connection metadata (without passwords), saved scripts, agent context notes, SSH profile metadata, file-explorer connection metadata. One blob per "domain" per user. Pushed by the app on auto-sync (debounced 5 seconds after a change)
Identity link Which provider(s) you have linked, last sign-in timestamp OAuth flow
Operational logs Request IP, timestamp, request path, response status — for rate-limiting and abuse prevention Cloudflare edge, retained briefly
Anonymous usage (opt-out) Device UUID, app version, OS, locale, and bucketed counts of which features were used. No URLs, no content. Desktop app, once a day. Toggle off in Settings → General → Privacy.

4. What we don't collect

  • Passwords for SQL / NoSQL / SSH / S3 / Azure / FTP connections. These are stored on your device in your OS keychain (macOS Keychain, Windows Credential Manager, GNOME Keyring / KWallet on Linux) and never sent to our servers.
  • Private keys. SSH private keys are read from disk paths you specify; their contents never touch our infrastructure.
  • The contents of the queries you run, the requests you send, or the SSH sessions you open. Only the saved templates / definitions are synced, not execution results.
  • Your code, your files, your worktrees. Clauge integrates with Claude Code sessions which live in ~/.claude/ on your device; we do not upload these.
  • Workspace mode data (notes, kanban cards, comments) — fully local. Not synced.
  • Third-party analytics, ad SDKs, crash dumps, or behavioural tracking. The optional usage heartbeat (see §2) is counts only.

5. Why we collect it

  • To sign you in and identify your data on subsequent visits (account profile)
  • To enable sync across your devices (sync content)
  • To prevent abuse and maintain the Service (operational logs, rate-limit metadata)
  • To respond to support requests if you contact us (your message + email)

We do not use your data to train AI models. We do not use it for advertising. We do not share it with marketing partners.

6. Where it's stored

Account and sync data are stored in Cloudflare D1, Cloudflare's serverless SQL database, with backups handled by Cloudflare. Cloudflare may replicate D1 data across its global network for availability. Operational logs are processed at Cloudflare's edge and retained per Cloudflare's standard policies.

Provider tokens that authenticate your sessions are stored on your device in your operating-system keychain, not on our servers.

7. Subprocessors we use

We do not sell your personal information. We do not share it with third parties for their own marketing purposes.

8. How long we keep it

  • Account profile and sync content: kept while your account is active. If you delete your cloud data via the in-app "Wipe my cloud data" action, your sync blobs are deleted from D1 immediately, and operational backups age out within Cloudflare's standard retention window.
  • Operational logs: retained briefly for rate-limiting and abuse-prevention purposes, then aged out.
  • Provider tokens: stored only on your device. They are deleted from your keychain when you sign out of the Service in the app.

9. Your rights

Regardless of where you are based, you can:

  • Access the data we hold about you — by signing in and viewing your account page in the desktop app
  • Correct your profile information by re-signing in or updating it at your OAuth provider
  • Delete all your cloud data via the in-app "Wipe my cloud data" button, or by emailing us
  • Port your data — the desktop app reads and writes a local SQLite database; you can copy that file at any time

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction that grants you additional data-subject rights (such as the right to object to processing or lodge a complaint with your local data-protection authority), you may exercise those rights by contacting us using the details below.

10. Cookies and analytics

The marketing site at clauge.in sets only strictly-necessary cookies. No third-party analytics or ad tags. The desktop app sends an optional anonymous usage heartbeat — counts only, no content (see §2).

11. Children

Clauge is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact us and we will delete it.

12. Security

We design for security in depth:

  • OAuth client secrets and Cloudflare keys are stored only as Worker secrets, never shipped in the binary or the open-source repository
  • Sensitive secrets on your device (database passwords, S3 keys, SSH credentials) are placed in your OS keychain, not the app's SQLite database
  • All connections to our infrastructure use TLS
  • Tokens validating your session are scoped to identity-only on GitHub (we do not request gist, repo, or other elevated scopes) and to profile + email on Google

No system is perfectly secure. If you discover a vulnerability, please email us so we can fix it before disclosure.

13. International data transfers

Cloudflare operates a global edge network. Your data may be processed in jurisdictions outside your country of residence. By using the Service you consent to such transfers, subject to the protections described in this policy and applicable law.

14. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date and, where appropriate, by notifying you through the application or by email. Continued use of the Service after a change takes effect constitutes acceptance of the updated policy.

15. Contact

Privacy questions, data-deletion requests, or to exercise any of the rights described above — email support@clauge.in.