LEGAL

Privacy Policy

UseAI is local-first by architecture, not just by policy. This document describes every field captured, where data is stored, what happens when you sync, and what controls you have.

Last updated: February 2026 · Effective immediately

CORE

Privacy by Architecture

The UseAI MCP server writes to disk and makes zero network calls during your coding sessions. Data only leaves your machine when you explicitly choose to sync by running useai sync.

If you never authenticate (useai login), the MCP server operates entirely offline. All data stays in ~/.useai/ on your machine.

NO CODE ACCESS

UseAI never reads, transmits, or stores your source code.

NO PROMPTS

Your conversations with AI tools are never captured or stored.

LOCAL FIRST

All processing happens on your machine. No cloud dependency.

OPT-IN SYNC

Data only leaves your machine when you explicitly choose.

TRACKED

What We Collect

SESSION_METADATA

FIELD	DESCRIPTION	SYNCED	PUBLIC
`session_id`	Random UUID identifying the session	Yes	No
`client`	Which AI tool (e.g. "claude", "cursor")	Yes	Yes
`task_type`	Category: coding, debugging, testing, planning, reviewing, documenting, learning	Yes	Yes
`model`	AI model ID (e.g. "claude-sonnet-4-6")	Yes	Yes
`started_at`	ISO timestamp when session began	Yes	Yes
`ended_at`	ISO timestamp when session ended	Yes	Yes
`duration_seconds`	Total session length in seconds	Yes	Yes
`project`	Project name (root directory name)	Yes	No
`languages`	Programming languages used	Yes	Yes
`files_touched`	Count of files modified (number only, never file names)	Yes	Yes
`title`	Generic public description (no project names)	Yes	Yes
`private_title`	Detailed description (may include project names)	Yes	No

Evaluation Metrics

At the end of each session, the AI model self-assesses session quality using the SPACE framework. This includes scores (1-5) for prompt quality, context provided, independence level, and scope quality, along with improvement tips for any dimension scored below 5. Evaluation data is synced when you choose to sync but is never publicly visible.

Cryptographic Fields

Each session includes a SHA-256 hash chain anchor (chain_start_hash, chain_end_hash) and an Ed25519 seal_signature. These enable tamper evidence and are synced with the session data.

NEVER

What We Never Collect

UseAI never captures any of the following, regardless of whether you sync or not:

×Your source code, diffs, patches, or snippets

×Your prompts — what you ask the AI

×AI responses — what the AI generates

×File names or paths — only the count of files touched

×Directory structure — no tree or layout information

×Git history — no commits, branches, or diffs

×Credentials — no API keys, tokens, passwords, or secrets

×Screen content — no screenshots or terminal output

You can verify this by auditing the open-source MCP tool handlers in packages/mcp/src/tools/.

LOCAL

Where Data Lives

All data is stored in ~/.useai/ on your machine. All files are plain JSON or JSONL that you can inspect with any text editor.

~/.useai/

keystore.json # Ed25519 key pair (private key encrypted)

config.json # Settings, auth token, sync preferences

daemon.pid # Running daemon PID

data/

active/ # In-progress session records (JSONL)

sealed/ # Completed session records (JSONL)

sessions.json # Session index

milestones.json # Milestone records

SYNC

Cloud Sync

Cloud sync is entirely opt-in. When you run useai sync, full session records are sent to the UseAI server. This includes all metadata fields above, including private_title and project name.

Sessions are deduplicated by session_id — syncing the same session twice will not create duplicates.

PUBLICLY VISIBLE

• Public title (never private_title)
• Category (bugfix, feature, etc.)
• Complexity (simple, medium, complex)
• Created date
• Aggregate stats: hours, streak, languages

SERVER-SIDE STORAGE

• PostgreSQL database
• Full session records (including private_title)
• Daily aggregates computed from sessions
• Data stored indefinitely (no TTL policy yet)
• Deletion API planned but not yet available

CONTROLS

Your Controls

INSPECT

useai status

View a summary of all locally stored data. Or inspect raw JSONL files directly in ~/.useai/data/

EXPORT

useai export

Export all your data as JSON. Your sessions are plain JSONL files you can read with any text editor.

DELETE

useai purge

Delete all local data. You can also remove individual session files from ~/.useai/data/sealed/

NEVER SYNC

Simply don't run "useai login". The MCP server makes zero network calls unless you explicitly authenticate and sync.

WEBSITE

Website & Cookies

The UseAI website (useai.dev) uses minimal cookies required for authentication (JWT session token). We do not use advertising trackers, third-party analytics, or marketing cookies.

When you create an account and log in, we store your email address, display name, username, and avatar URL. Authentication uses OTP (one-time password) sent to your email — no passwords are stored.

The website may make requests to the GitHub API to fetch repository star counts for display purposes. No personal data is sent to GitHub through these requests.

TRANSPARENCY

Cloud Code Transparency

The UseAI MCP server, CLI, and all client-side code are open source and auditable under the AGPL-3.0 license.

The cloud API (useai.dev backend) is not open source. This means you cannot directly audit how the server processes your data after sync. To compensate:

• This document describes server behavior as accurately as possible
• The sync payload sections above show exactly what leaves your machine
• We commit to keeping this document updated when server behavior changes

CONTACT

Questions & Contact

If you have questions about this privacy policy or data handling, you can:

•Open an issue on GitHub
•Email us at privacy@useai.dev
•For security vulnerabilities, see our Security Policy

For full technical details, see the PRIVACY.md in our repository.