-
-
Notifications
You must be signed in to change notification settings - Fork 9
Privacy
Haveapp1 edited this page Aug 22, 2025
·
1 revision
Agentwise Privacy Policy - How we handle your data and protect your privacy.
At Agentwise, we are committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, and protect your information when you use Agentwise software.
Last Updated: January 15, 2025
- API Keys: Your Claude API key and other service credentials (stored locally)
- Project Code: Code and files you ask Agentwise to generate or modify
- Configuration: Your Agentwise configuration and preferences
- Usage Metrics: Basic usage statistics for system optimization
- Error Reports: Crash reports and error logs (if enabled)
- Performance Metrics: System performance data (if enabled)
- Feature Usage: Which features you use most often (if enabled)
- Code Generation: Process your requests to generate code and projects
- System Operation: Maintain and improve Agentwise functionality
- Optimization: Improve token efficiency and performance
- Support: Provide technical assistance when requested
- Product Improvement: Understand usage patterns to enhance features
- Research: Anonymous analysis of development patterns (with consent)
- Security: Detect and prevent misuse or security threats
Agentwise follows a local-first approach:
Your Machine Agentwise Servers External APIs
βββββββββββββββββββ ββββββββββββββββββββ βββββββββββββββββββ
β β’ Project files β β β’ No code β β β’ Claude API β
β β’ Configuration βββββββΊβ β’ No projects βββββββΊβ β’ MCP servers β
β β’ Generated codeβ β β’ Usage metrics β β β’ Optional APIs β
β β’ API keys β β β’ Error logs β βββββββββββββββββββ
βββββββββββββββββββ ββββββββββββββββββββ
(Your data) (Minimal data) (API requests)
- All project code and generated files
- API keys and credentials
- Project configurations and custom settings
- Personal data in your code or projects
- Task requests (temporarily, for processing)
- System metrics (anonymous usage data)
- Error reports (if you opt-in)
- Support requests (when you contact us)
- All API communications use TLS 1.3 encryption
- Certificate pinning for critical connections
- Perfect Forward Secrecy (PFS) enabled
- No unencrypted data transmission
// Example of secure API request processing
class SecureAPIHandler {
async processRequest(request) {
// Sanitize request data
const sanitizedRequest = this.sanitizeData(request);
// Encrypt sensitive parts
const encryptedRequest = await this.encrypt(sensitiveRequest);
// Process with external API
const response = await this.callExternalAPI(encryptedRequest);
// Clear sensitive data from memory
this.clearSensitiveData(sanitizedRequest, encryptedRequest);
return response;
}
}- Data Sent: Your prompts and context for code generation
- Purpose: AI-powered code generation and assistance
- Privacy: Subject to Anthropic's Privacy Policy
- Control: You control what data is sent through your requests
- Data Access: Depends on specific MCP server configuration
- Examples: File system access, GitHub operations, database queries
- Control: You control which MCP servers to enable and their permissions
- Security: Each MCP server operates with limited, specific permissions
Services you may choose to integrate:
- GitHub: Repository operations (requires your GitHub token)
- Cloud Providers: AWS, GCP, Azure (requires your credentials)
- Databases: PostgreSQL, MongoDB (local or your database)
- Other APIs: Various development tools and services
- Temporary Data: Processing data deleted immediately after use
- Cache Data: Automatically expired based on TTL settings
- Session Data: Cleared when session ends
- Log Data: Rotated and deleted based on retention policy
# Delete all cached data
npm run data:clear-cache
# Delete configuration (reset to defaults)
npm run config:reset
# Delete all project data
npm run data:clear-projects
# Complete data wipe
npm run data:wipe-all- Export Projects: Export all generated projects and code
- Export Configuration: Save your configuration for backup
- Export Metrics: Download your usage statistics
- Migration Tools: Tools to move between Agentwise installations
{
"privacy": {
"data_collection": {
"usage_metrics": false,
"error_reporting": false,
"performance_data": false,
"feature_analytics": false
},
"external_services": {
"claude_api": true,
"mcp_servers": true,
"optional_apis": false
},
"logging": {
"level": "error",
"include_code": false,
"include_personal_data": false
}
}
}- File System Access: Control which directories Agentwise can access
- Network Access: Control which external services can be contacted
- API Usage: Control which APIs are enabled
- Data Sharing: Control what data (if any) is shared for analytics
- GDPR Compliance: For European users
- CCPA Compliance: For California residents
- Privacy by Design: Built with privacy as a core principle
- Data Minimization: Collect only necessary data
- ISO 27001: Information security management
- SOC 2: Security, availability, and confidentiality
- OWASP: Web application security practices
- NIST: Cybersecurity framework compliance
Agentwise is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us so we can take appropriate action.
- Data Residency: Control where data is processed geographically
- Audit Logging: Comprehensive activity logging
- Access Controls: Role-based access to data and features
- Compliance Reporting: Regular compliance status reports
- Data Processing Agreements: Formal agreements for enterprise customers
For maximum privacy, enterprise customers can deploy Agentwise on-premises:
- Full Local Control: All processing happens on your infrastructure
- No External Data: Optional to disable all external API calls
- Air-Gapped Support: Operation in isolated environments
- Custom Compliance: Tailored to your regulatory requirements
In the unlikely event of a data breach:
-
Immediate Response (Within 1 hour):
- Identify and contain the breach
- Assess the scope and impact
- Begin forensic investigation
-
Short-term Response (Within 24 hours):
- Notify affected users
- Implement additional security measures
- Coordinate with law enforcement if necessary
-
Long-term Response (Within 72 hours):
- Submit required regulatory notifications
- Provide detailed breach report
- Implement preventive measures
We will notify affected users via:
- Email: Direct notification to registered email
- System Alerts: In-application notifications
- Website Notice: Public disclosure on our website
- Status Page: Real-time status updates
- Primary: Data processed locally on your machine
- API Calls: Processed in regions where API services operate
- Support: Support data may be processed in various jurisdictions
- Standard Contractual Clauses: For transfers outside your region
- Adequacy Decisions: Use of regions with adequate protection
- Privacy Shield: Where applicable
- Encryption: All transferred data is encrypted
- View Data: See what data we have about you
- Export Data: Download your data in portable format
- Usage Reports: Detailed reports of how your data is used
- Modify Settings: Change privacy preferences anytime
- Delete Data: Request deletion of specific data
- Restrict Processing: Limit how your data is used
- Object: Object to specific data processing activities
# Request data export
npm run privacy:export-data
# Delete specific data types
npm run privacy:delete --type=analytics
# Update privacy settings
npm run privacy:configureOr contact us at: privacy@agentwise.ai
Agentwise uses local storage mechanisms:
- Configuration Storage: Local settings and preferences
- Cache Storage: Temporary performance optimization
- Session Storage: Current session information
The desktop application does not use web cookies or browser tracking.
If you use the optional web dashboard:
- Essential Cookies: Required for functionality
- No Tracking: No advertising or analytics cookies
- Local Only: All data remains in your browser
We will notify you of material changes to this Privacy Policy:
- Email Notification: If we have your email address
- In-App Notice: Prominent notice in the application
- Website Update: Updated policy posted on our website
- Version History: Track of policy changes
When we update this policy:
- Continue Using: Acceptance of new terms
- Change Settings: Modify your privacy preferences
- Stop Using: Discontinue use if you disagree
For any questions about this Privacy Policy or our privacy practices:
Email: privacy@agentwise.ai
Subject Line: "Privacy Inquiry - [Your Topic]"
Name: Philip Ritmeester
Email: dpo@agentwise.ai
Response Time: Within 30 days
If you're not satisfied with our response, you can contact:
- Your local data protection authority
- The Information Commissioner's Office (ICO) (UK residents)
- Your state attorney general (US residents)
This Privacy Policy is effective as of January 15, 2025. We encourage you to review this policy periodically for any updates.
Your privacy is important to us. We're committed to protecting your data and being transparent about our practices.
Support
- Discord: @vibecodingwithphil
- GitHub: @VibeCodingWithPhil