Privacy Policy

Last updated: June 22, 2026

This Privacy Policy explains what personal data CodeAgentSwarm collects when you use the desktop application and this website, why we collect it, who we share it with, and the rights you have over it. We have written it to match exactly what our software actually does. If anything here is unclear, email us at hello@codeagentswarm.com.

1. Who is responsible for your data

The data controller is Arturo Garcia, an individual based in Ciudad Real, Spain (the "Provider", "we", "us"). You can contact us about anything related to your data at hello@codeagentswarm.com.

We process personal data in accordance with Regulation (EU) 2016/679 (GDPR) and Spanish Organic Law 3/2018 on Data Protection and Digital Rights (LOPDGDD).

2. The short version

CodeAgentSwarm is a desktop app that runs third-party AI coding tools (Claude Code, OpenAI Codex, Gemini CLI and similar) in terminals on your own computer. The code, files, prompts and AI responses inside those terminals travel directly from the CLI on your machine to the AI provider you chose, using your own account or API key. We do not sit in the middle of that and we do not receive or store that content.

What we do collect is limited to: anonymous usage and error information that helps us keep the app working; the account details you give us if you choose to sign in; the messages you send to our in-app help assistant or to our support, feedback and survey forms; and billing status if you ever subscribe to a paid plan. Each of these is described in detail below.

3. What we do NOT collect

To be explicit, we do not receive, store or have access to:

  • The contents of your terminals, your source code, your files or your project data.
  • The prompts you send to, or the responses you receive from, the AI CLIs you run (Claude Code, Codex, Gemini CLI, etc.). Those are governed by the privacy policy of the provider you use (Anthropic, OpenAI, Google).
  • Your AI provider API keys or credentials. They stay on your machine.
  • When the app generates a git commit message, it runs the Claude CLI that is already installed on your computer and passes it your local git diff. That happens on your machine; we never see the diff.

4. What we collect and why

a) Anonymous usage analytics (desktop app)

In production builds, the app records which in-app actions are used (for example, opening a terminal or pressing a button), together with the app version and a random session identifier stored locally on your device. This is sent to our own backend. It does not include your name, email, file paths, code or terminal content. If you are signed in, these events can be associated with your account.

b) Error and crash reports (desktop app)

In production builds, when the app hits an unexpected error it sends a report to our backend so we can fix it. A report contains the error message and technical stack trace (which may include file paths from your system), the app version, operating system, architecture and a random anonymous installation identifier. It does not include your account email. These reports are received by our backend and forwarded to our error-monitoring provider, Sentry, to help us diagnose and fix issues.

c) Account data (only if you sign in)

Signing in is optional and uses third-party OAuth providers (GitHub, Google or Discord). When you sign in we receive and store the profile data those providers share: your email address, name, username, avatar URL, the provider and provider user ID, and OAuth access and refresh tokens (used to keep you signed in). We also record your last login time and, for each session, your IP address and basic device information.

d) In-app AI help assistant ("Swarmi")

Swarmi is the AI help assistant built into the app that answers questions about how to use CodeAgentSwarm. When you ask it something, your question and a short recent history are sent to our backend, which generates a reply. We store the text of your questions and the assistant’s responses to operate the feature, monitor quality and prevent abuse. To enforce daily usage limits we also keep a hashed (non-reversible) form of your IP address and an anonymous identifier. Please do not paste secrets or sensitive personal data into the assistant.

e) Support, feedback, surveys and beta sign-up

If you contact us or submit a feedback form, a survey or a beta sign-up, we store what you send us: your email address, the message, title, description or answers, any screenshots you attach, and technical metadata such as your IP address, app version and platform.

f) Billing (only if you subscribe to a paid plan)

If we offer paid plans and you subscribe, payments are processed by Stripe. Stripe handles your card details directly; we never receive or store your full card number. We store your Stripe customer identifier, subscription status, plan and related dates so we can give you access to the features you paid for.

g) Update checks

To tell you about new versions, the app periodically asks our update server whether an update exists, sending only the current version, platform and architecture. No personal or device identifier is sent with update checks.

6. Who we share your data with

We do not sell your personal data. We share it only with the service providers ("processors") that help us run the product, and only as needed:

ProviderPurposeLocation
RailwayHosting of our backend and analytics serviceUnited States
SentryError and crash monitoring (receives the error reports described above)United States
SupabaseDatabase and file storage (accounts, support content, analytics)European Union / United States
StripePayment processing for paid plansUnited States / EU
GitHub, Google, DiscordOAuth sign-in (only if you choose to sign in)United States
Anthropic, OpenAI, GoogleThe AI CLIs you run connect to these directly with your own accountUnited States
Umami (self-hosted)Privacy-friendly, cookieless website analyticsHosted by us on Railway

We may also disclose data if required by law, to comply with a legal request, or to protect our rights, safety or property.

7. International data transfers

Some of our providers are located outside the European Economic Area, primarily in the United States. When personal data is transferred there, it is protected by appropriate safeguards such as the European Commission’s Standard Contractual Clauses or equivalent mechanisms offered by those providers.

8. How long we keep your data

  • Account data: while your account exists, and deleted when you ask us to delete it.
  • Support, feedback and survey messages: kept while needed to handle your request and for a reasonable period afterwards.
  • Anonymous analytics and error reports: kept in aggregate to improve the product.
  • Billing records: kept for as long as legally required for accounting and tax purposes.

When you exercise your right to erasure, we delete the personal data we hold about you unless we are legally required to keep part of it (for example, invoices).

9. Your rights and how to exercise them

You have the following rights over your personal data under the GDPR:

  • Access: get a copy of the data we hold about you.
  • Rectification: correct data that is inaccurate or incomplete.
  • Erasure ("right to be forgotten"): ask us to delete your data.
  • Restriction: ask us to limit how we use your data.
  • Portability: receive your data in a portable format.
  • Objection: object to processing based on our legitimate interest.
  • Withdraw consent: at any time, where processing is based on consent.
To exercise any of these rights, including deleting your account and data, email hello@codeagentswarm.com from the address associated with your account. We will respond and act within one month. There is no charge for this.

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Spanish Data Protection Agency (Agencia Espanola de Proteccion de Datos, www.aepd.es) or your local supervisory authority.

10. Security

We use reasonable technical and organisational measures to protect your data, such as encrypted connections (HTTPS), hashing of sensitive identifiers and access controls. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

11. Children

CodeAgentSwarm is intended for developers and is not directed at children. You must be at least 16 years old to create an account. If you believe a minor has provided us with personal data, contact us and we will delete it.

12. Changes to this policy

We may update this Privacy Policy as the product evolves or the law changes. We will update the "Last updated" date at the top and, for significant changes, provide a more prominent notice. Continued use after an update means you accept the revised policy.

13. Contact

For any privacy question or request, email hello@codeagentswarm.com.