vndangkhoa/open-design
1
0
Fork 0
mirror of https://github.com/nexu-io/open-design.git synced 2026-06-01 03:14:35 +07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
open-design/PRIVACY.md
kami 30ad8b8ac3
improve privacy consent modal: policy link, clearer CTAs, mobile layout (#1921) 
The first-run consent banner had no link to a privacy policy, an
affirmative button ("Help improve") that didn't read as a consent
choice, and a fixed bottom-right card that crowded content on phones.

- Add a "Read the privacy policy" link (external-link icon, accent,
  underlined) above the actions, plus a root PRIVACY.md it points to
  documenting the telemetry behaviour the modal discloses.
- Rename the CTAs to "Share usage data" / "Don't share" so both name
  the action; they stay equal-prominence per the EDPB/GDPR comment.
- Stretch the banner to a bottom-edge bar under 540px with a
  safe-area inset so it clears mobile browser chrome.
- Add PrivacyConsentModal tests; sync the new i18n key to every
  locale and update the consent-label assertion in App.connectors.

Refs #1756
2026-05-17 20:24:15 +08:00

70 lines
3 KiB
Markdown
Raw Blame History

# Privacy
This page describes what data the Open Design desktop and web app collects,
when it collects it, and how you stay in control. It documents the behavior
shipped in the app — the same controls live under **Settings → Privacy**.
Open Design is **local-first**. Your projects, generated files, and BYOK API
keys stay on your machine. The app works fully offline; nothing in this page
applies unless you explicitly turn telemetry on.
## Telemetry is opt-in
Usage telemetry is **off by default**. On first run the app shows a privacy
consent banner asking you to make a choice — it never starts sending anything
before you do. You can change your decision at any time under
**Settings → Privacy**, where each category below has its own toggle.
## What is collected when you opt in
When telemetry is enabled, the app may send the following to the Open Design
team. Each category is independently controllable in Settings.
- **Anonymous metrics** — run counts, token usage, error rate, and duration.
No prompts and no project data.
- **Conversation and tool content** — your prompts, assistant responses, tool
inputs, and tool outputs (truncated before send). API keys, tokens, JWTs,
emails, IP addresses, and credit-card numbers are stripped automatically
before anything leaves your machine.
- **Project artifacts manifest** — filenames, types, and sizes of generated
files. The **contents** of those files are never sent.
## What is never collected
- The contents of your generated artifact files.
- Your BYOK API keys, tokens, or other secrets — these are redacted before
send and are never part of telemetry.
- Anything at all while telemetry is turned off.
## How telemetry is sent
Redacted telemetry batches are sent to a Cloudflare Worker relay operated by
the Open Design team, which forwards them to [Langfuse](https://langfuse.com)
for analysis. The relay holds the Langfuse write credentials server-side, so
packaged clients only ever ship a public relay URL — no secret keys. If the
relay is unavailable the app retries quietly and keeps working; telemetry
never blocks your workflow.
## Your anonymous ID
When telemetry is enabled the app generates a random, opaque installation ID
so related events can be grouped. It is not tied to your name, email, or
account, and it carries no personal information.
## Deleting your data
**Settings → Privacy → Delete my data** rotates your anonymous ID and stops
sending. Telemetry already received ages out under the team's retention
policy.
## Bring your own key
Open Design is BYOK at every layer. The API keys you configure for coding
agents and model providers are stored locally and used only to talk to those
providers directly. They are never sent to the Open Design team.
## Changes to this page
This document tracks the data handling of the shipped app. When the telemetry
behavior changes, this page is updated alongside it. For questions, open a
[GitHub Discussion](https://github.com/nexu-io/open-design/discussions).
Reference in a new issue View git blame Copy permalink