LEGAL

Privacy Policy

UseAI is local-first by architecture, not just by policy. This document describes every field captured, where data is stored, what happens when you sync, and what controls you have.

Last updated: March 2026 · Effective immediately

CORE

Privacy by Architecture

The UseAI MCP server writes to disk and makes zero network calls during your coding sessions. When you authenticate and enable sync, session metadata is synced to your private cloud dashboard. You control what is included via granular sync toggles in Settings.

If you never authenticate (useai login), the MCP server operates entirely offline. All data stays in ~/.useai/ on your machine. Individual sessions and milestones are never publicly visible — only the authenticated owner sees them on their own cloud dashboard.

NO CODE ACCESS

UseAI never reads, transmits, or stores your source code.

NO PROMPTS SYNCED

Prompts are stored locally for your review but are never sent to the cloud.

LOCAL FIRST

All processing happens on your machine. No cloud dependency.

SYNC CONTROL

Sync is off by default. Enable it in Settings when you're ready. Without login, everything stays local.

TRACKED

What We Collect

SESSION_METADATA

FIELD	DESCRIPTION	SYNCED	PUBLIC
`session_id`	Random UUID identifying the session	Yes	No
`client`	Which AI tool (e.g. "claude", "cursor")	Yes	Yes
`task_type`	Category: coding, debugging, testing, planning, reviewing, documenting, learning	Yes	Yes
`model`	AI model ID (e.g. "claude-sonnet-4-6")	Yes	Yes
`started_at`	ISO timestamp when session began	Yes	Yes
`ended_at`	ISO timestamp when session ended	Yes	Yes
`duration_seconds`	Total session length in seconds	Yes	Yes
`project`	Project name (root directory name) — only synced if "Sync titles & milestones" is enabled	Yes	No
`languages`	Programming languages used	Yes	Yes
`files_touched`	Count of files modified (number only, never file names)	Yes	Yes
`title`	Generic public description (no project names)	Yes	Yes
`private_title`	Detailed description (may include project names) — only synced if "Sync titles & milestones" is enabled	Yes	No
`prompt`	Full verbatim prompt text (local-only)	No	No
`prompt_images`	Image descriptions attached to prompt (local-only)	No	No
`evaluation`	SPACE framework scores (always synced); improvement tips only synced if "Sync titles & milestones" is enabled	Yes	No

Evaluation Metrics

At the end of each session, the AI model self-assesses session quality using the SPACE framework. This includes scores (1-5) for prompt quality, context provided, independence level, and scope quality, along with improvement tips for any dimension scored below 5. Evaluation data is synced with session data but is never publicly visible.

Cryptographic Fields

Each session includes a SHA-256 hash chain anchor (chain_start_hash, chain_end_hash) and an Ed25519 seal_signature. These enable tamper evidence and are synced with the session data.

NEVER

What We Never Collect

UseAI never captures any of the following, regardless of whether you sync or not:

×Your source code, diffs, patches, or snippets

×Your prompts — stored locally only, never synced to the cloud

×AI responses — what the AI generates

×File names or paths — only the count of files touched

×Directory structure — no tree or layout information

×Git history — no commits, branches, or diffs

×Credentials — no API keys, tokens, passwords, or secrets

×Screen content — no screenshots or terminal output

You can verify this by auditing the open-source MCP tool handlers in packages/mcp/src/tools/.

LOCAL

Where Data Lives

All data is stored in ~/.useai/ on your machine. All files are plain JSON or JSONL that you can inspect with any text editor.

~/.useai/

keystore.json # Ed25519 key pair (private key encrypted)

config.json # Settings, auth token, sync preferences

daemon.pid # Running daemon PID

data/

active/ # In-progress session records (JSONL)

sealed/ # Completed session records (JSONL)

sessions.json # Session index

milestones.json # Milestone records

SYNC

Cloud Sync

Cloud sync is disabled by default. After logging in, you must explicitly enable sync in Settings. When enabled, sync runs on a configurable interval (15 minutes, 1 hour, 3 hours, daily, or weekly — default is every hour).

Sync has two tiers of data you control independently:

• Stats — Aggregate session metadata: hours, languages, task types, streaks, evaluation scores. Always included when sync is enabled.
• Titles & details — Session titles (public and private), project names, evaluation reasons, and milestones. Controlled by a separate “Sync titles & milestones” toggle (enabled by default, but can be turned off).

Prompts and prompt images are never synced, regardless of settings. You can disable sync entirely at any time, or simply don't log in to keep everything local. Sessions are deduplicated by session_id — syncing the same session twice will not create duplicates.

PUBLICLY VISIBLE

• Public title (never private_title)
• Category (bugfix, feature, etc.)
• Complexity (simple, medium, complex)
• Created date
• Aggregate stats: hours, streak, languages

SERVER-SIDE STORAGE

• PostgreSQL database
• Session records (private details only if “Sync titles & milestones” is enabled)
• Daily aggregates computed from sessions
• Data stored indefinitely (no automatic expiry)
• You can delete all cloud data from your account settings

CONTROLS

Your Controls

INSPECT

useai status

View a summary of all locally stored data. Or inspect raw JSONL files directly in ~/.useai/data/

EXPORT

useai export

Export all your data as JSON. Your sessions are plain JSONL files you can read with any text editor.

DELETE

useai purge

Delete all local data. You can also remove individual session files from ~/.useai/data/sealed/

DISABLE SYNC

Turn off sync in Settings, or simply don't log in. Without authentication, the MCP server makes zero network calls.

DELETE CLOUD DATA

Delete all synced data from your cloud account via the account settings page on useai.dev. Local data is unaffected.

WEBSITE

Website & Cookies

The UseAI website (useai.dev) uses minimal cookies required for authentication (JWT session token). We do not use advertising trackers, third-party analytics, or marketing cookies.

When you create an account and log in, we store your email address, display name, username, and avatar URL. Authentication uses OTP (one-time password) sent to your email — no passwords are stored.

The website may make requests to the GitHub API to fetch repository star counts for display purposes. No personal data is sent to GitHub through these requests.

TRANSPARENCY

Cloud Code Transparency

The UseAI MCP server, CLI, and all client-side code are open source and auditable under the AGPL-3.0 license.

The cloud API (useai.dev backend) is not open source. This means you cannot directly audit how the server processes your data after sync. To compensate:

• This document describes server behavior as accurately as possible
• The sync payload sections above show exactly what leaves your machine
• We commit to keeping this document updated when server behavior changes

CONTACT

Questions & Contact

If you have questions about this privacy policy or data handling, you can:

•Open an issue on GitHub
•Email us at privacy@useai.dev
•For security vulnerabilities, see our Security Policy

For full technical details, see the PRIVACY.md in our repository.