Last updated: May 23, 2026
Privacy Policy
CAS runs on your machine. Your repositories, transcripts, events, and worktrees never leave your device unless you explicitly choose otherwise. This policy explains the small amount of account data we do hold, how we handle it, how local tool usage differs from anonymous aggregate popularity, and the choices available to you.
At a glance
- Your code stays local. CAS processes repositories, task data, transcripts, and worktrees entirely on your device. We do not receive or store any of it.
- Agents call providers directly from your machine. When CAS runs a coding agent, the connection goes from your device to your model provider. CAS does not proxy, log, or relay those calls.
- Your account holds identity and entitlement only. We store your GitHub user ID, email address, display name, avatar URL, and plan status — nothing about your projects.
- Telemetry is anonymous and opt-out. The app can send aggregate performance and crash data. It never includes code, prompts, file paths, or task identifiers. You can disable it any time.
- Tool usage has a local and aggregate split. CAS may keep a local project usage ledger for tool evidence and debugging. Public popularity and health signals use anonymous aggregate counters only.
- Cloud sync is opt-in per project. Sharing rules, skills, and routing configuration across devices or teammates requires you to turn it on explicitly for a project. Even then, repository contents are never synced.
What we collect
We collect data in the categories below. Each one is described with the exact fields and the scope of what is and is not included.
Account information
When you sign in with GitHub OAuth to access releases or manage your license, we receive and store the following fields from GitHub's identity response:
- GitHub user ID (numeric, permanent identifier)
- Primary email address associated with your GitHub account
- Display name (your GitHub profile name)
- Avatar URL (a link to your GitHub profile image)
- Account creation timestamp on cas.dev
- Last sign-in timestamp
- Plan and entitlement status (e.g., beta access, license tier)
We do not receive your GitHub password, private repositories, SSH keys, or any repository content through OAuth. The OAuth scope we request is limited to identity verification.
Local app data
The CAS application operates against a local database on your device. This database contains your missions, epics, tasks, worktrees, agent transcripts, event log, verification records, local tool usage ledger, policies, routing configuration, and project context.
None of this data is transmitted to or accessible by CAS unless you have opted into cloud sync for a specific project (see below). We have no server-side copy of your local data by default.
Telemetry
The application may send anonymous usage telemetry to help us understand performance, stability, and adoption. Telemetry is enabled by default and can be disabled in application settings at any time.
Telemetry events may include:
- Application version
- Operating system family (macOS or Linux — no version detail beyond major family)
- Crash reports and stack traces from the CAS application itself
- Performance counters (e.g., startup time, UI responsiveness)
- Feature usage signals (e.g., which views are opened)
- Tool catalog signals limited to safe tokens such as tool id, capability, platform, install method, outcome, duration bucket, artifact type, permission class, structured error code, and catalog channel
Telemetry events explicitly do not include:
- Repository contents, file paths, or directory names from your projects
- Source code, diffs, or patches
- Prompts, agent messages, or transcript content
- Task titles, descriptions, or acceptance criteria
- Task IDs or any project-level identifiers
- Local tool usage ledger records or task/session evidence links
- Raw tool commands, command arguments, command output, URLs, screenshots, videos, or artifact contents
- Model provider API keys or credentials
Tool usage and popularity
CAS may record local tool usage in your project database so the app can show task evidence, doctor results, permission decisions, artifact references, and debugging history. This local ledger stays on your device by default and is not the source of public popularity details.
Separately, if telemetry is enabled, CAS may send anonymous aggregate tool signals for catalog popularity and reliability. Those signals are restricted to safe metadata such as tool id, version, capability, install method, outcome, duration bucket, permission class, artifact type, and structured error code. They do not include repository names, paths, prompts, command text, command arguments, outputs, URLs, screenshots, transcripts, task ids, session ids, or artifact contents.
Cloud sync
CAS offers an optional cloud sync feature that allows you to share project configuration — rules, skills, agent routing templates, and hook settings — across your own devices or with teammates. Cloud sync is opt-in at the project level. Nothing is synced from a project unless you have explicitly enabled it.
When cloud sync is enabled for a project, we may store:
- Rules and policy definitions you have authored
- Skill and routing configuration objects
- Template definitions
- Your account ID and a project-scoped sync key
Cloud sync does not and will never include:
- Repository contents, source code, or diffs
- Worktree state or branch contents
- Agent transcripts or event logs
- Verification records
- Model provider credentials
Communications
If you contact us by email, we retain those messages and any information you include in them so we can respond and track issues. We do not use support communications for marketing purposes.
What we do not collect
To be explicit: the following data never reaches CAS servers under any normal operating condition:
- Repository contents, source files, or raw code
- File paths or directory structures from your projects
- Diffs, patches, or code changes
- Prompts you send to coding agents
- Agent responses, reasoning traces, or completion output
- Transcripts of agent sessions
- Task titles, descriptions, acceptance criteria, or demo statements
- Task identifiers or epic identifiers from your projects
- Model API keys or any credentials you configure locally
- The names, URLs, or identities of your repositories
- Local tool usage ledger records or task-linked tool evidence
- Tool command text, command arguments, outputs, URLs, screenshots, videos, or artifact contents
- Agent execution logs, including commands run, tool calls made, or errors produced during a task
CAS does not train models on your data. We will not use your data to train, fine-tune, or improve any machine learning model.
How we use information
We use the information we collect for the following purposes:
- Account and authentication. To verify your identity, manage your session, and associate your account with the correct entitlement and plan.
- License and release entitlement. To determine which releases, features, and plans you are authorized to access.
- Transactional communications. To send release notifications, account alerts, and security notices. We do not send promotional email unless you opt in.
- Debugging and reliability. To diagnose crashes, investigate support requests, and improve the stability of the application using anonymous telemetry.
- Product improvement. To understand aggregate usage patterns and prioritize development work. We use only anonymized, aggregated signals for this purpose — never individual project data.
- Tool catalog health and popularity. To rank, recommend, and diagnose catalog tools using anonymous aggregate counters and local-only project evidence, without sending local usage ledger details to CAS.
- Cloud sync operation. To store and deliver configuration objects when you have enabled sync for a project.
Sharing and subprocessors
We do not sell your data. We do not share your data with third parties for advertising. We share data only with the service providers necessary to operate cas.dev, and only to the extent required for that operation.
Current subprocessor categories:
- Authentication provider (GitHub). OAuth identity verification. GitHub receives the OAuth flow and returns identity claims. We do not share your project data with GitHub.
- Hosting and account database provider (Cloudflare). The cas.dev website and account database are hosted on Cloudflare infrastructure. Account records are stored in Cloudflare's managed database service.
- Email delivery provider. A transactional email service used to send release notifications and account-related messages. We share only your email address and the content of the specific message being delivered.
Each subprocessor is bound by a data processing agreement consistent with applicable privacy regulations. We do not add subprocessors without updating this policy.
We may disclose account information in response to a valid legal request, court order, or to protect the rights, property, or safety of CAS, our users, or the public. We will notify affected users when legally permitted to do so.
Retention
We retain data for the shortest period consistent with operating the service.
- Account data is retained while your account is active. After you request deletion, account records are purged within 30 days, except where we are required to retain records for legal or financial compliance purposes (e.g., purchase records, which may be retained for up to 7 years depending on jurisdiction).
- Telemetry is aggregated and individual event data is retained for up to 90 days. After aggregation, individual events are deleted. Aggregate statistics are retained indefinitely.
- Cloud sync data is retained until you delete the synced object or delete your account. Deleting a synced configuration object removes it from our servers immediately.
- Support communications are retained for up to 3 years after the issue is closed, or until you request deletion.
We are in beta. Retention windows may be refined as we formalize our data infrastructure. Any changes will be reflected in an updated version of this policy with notice to account holders.
Your rights
Depending on where you are located, you may have rights under applicable privacy law including GDPR, CCPA, or similar frameworks. Regardless of jurisdiction, we extend the following rights to all account holders:
- Access. Request a copy of the account data we hold about you.
- Correction. Request correction of inaccurate account data.
- Deletion. Request deletion of your account and associated data. See the Retention section for timelines.
- Export. Request an export of the account data we hold about you in a machine-readable format.
- Withdrawal of consent. Disable telemetry in the application at any time, or opt out of marketing communications via the link in any email we send.
- Objection. Object to processing of your data for specific purposes where we rely on legitimate interests.
To exercise any of these rights, email us at hello@cas.dev with the subject line "Privacy Request". We will respond within 30 days. We may need to verify your identity before processing the request.
Security
We apply industry-standard security practices to the data we hold:
- All data in transit between your device and cas.dev is encrypted using TLS 1.2 or higher.
- Account and cloud sync data at rest is encrypted by the hosting provider's managed database service.
- Access to account data within CAS infrastructure is restricted to the minimum required for operations, authenticated with scoped credentials, and logged.
- The CAS application itself stores its local database on your device. The security of local data is subject to your operating system's access controls.
No system is perfectly secure. If you discover a security vulnerability, please report it responsibly to hello@cas.dev.
International transfers
CAS operates globally. The account data and cloud sync data we hold may be processed and stored in data centers outside your country of residence, including in the United States and the European Union, depending on where our infrastructure providers operate.
Where we transfer personal data from the European Economic Area or the United Kingdom to countries that have not been deemed to provide an adequate level of protection, we rely on standard contractual clauses approved by the European Commission or equivalent mechanisms.
By using CAS and creating an account, you acknowledge that your account information may be transferred to and processed in these locations.
Children
CAS is not directed at or intended for use by individuals under the age of 16. We do not knowingly collect personal data from anyone under 16. If we become aware that we have inadvertently collected data from a person under 16, we will delete it promptly. If you believe we have received data from a minor, contact us at hello@cas.dev.
Changes to this policy
We may update this policy as the product evolves, particularly as we move out of beta and finalize our data infrastructure. We will notify account holders of material changes by email to the address on your account. The updated policy will be published at this URL with a revised "Last updated" date.
Non-material changes — such as clarifications, corrections, or formatting — will not warrant individual notification, but will still update the "Last updated" date.
Continued use of CAS after the effective date of a revised policy constitutes acceptance of the updated terms.
Contact
For privacy questions, data requests, or concerns about this policy, contact us at:
We aim to respond to all privacy inquiries within 30 days. For security-related disclosures, please use the same address and include "Security" in the subject line.