Privacy Policy

Codentium is built with a privacy-by-design philosophy. We believe that your source code, development workflows, and personal data should remain under your control. This Privacy Policy explains how we collect, use, process, and protect your information when you use the Codentium application.

2.1 Information You Provide Directly

• AI Provider Credentials: API keys for services like OpenAI or Grok (stored locally and encrypted)
• Configuration Settings: Editor preferences, keyboard shortcuts, theme selections
• Project Metadata: Workspace paths, recently opened files (stored locally only)
• Extension Data: Settings and data from installed extensions

2.2 Information Generated During Use

• Editor Sessions: Open files, cursor positions, selection ranges (local storage only)
• AI Interactions: Chat histories, code suggestions, refactoring requests (local unless sent to AI providers)
• Performance Data: Application crashes, error logs (when crash reporting is enabled)
• Usage Analytics: Feature usage patterns (only if telemetry is enabled, disabled by default)

2.3 Information We Do NOT Collect

3.1 Local Processing

The majority of Codentium's functionality operates entirely on your local machine:

• Code editing and navigation: All file operations remain local
• Syntax highlighting and LSP integration: Processed locally via language servers
• Git operations: Direct interaction with your local Git repositories
• Settings and preferences: Stored in local configuration files
• Session management: Workspace state saved locally in .codentium directories

3.2 Optional Cloud Processing

Only when you explicitly use AI features with cloud providers, limited data is sent:

• Code context: Only selected text or specified files
• AI prompts: Your questions or refactoring requests
• Project metadata: Language information, file types (not file contents unless specified)

4.1 Local AI Processing (Ollama)

4.2 Cloud AI Processing (OpenAI, Grok, etc.)

When you choose to use cloud-based AI providers, please be aware of their data handling practices:

6.1 Local Data Storage

All application data is stored locally on your device:

• Configuration files: ~/.codentium/config/ (Linux/macOS) or %APPDATA%\Codentium\ (Windows)
• Session data: .codentium/ folders in your project directories
• AI conversation history: Stored locally unless you choose to delete
• Extension data: ~/.codentium/extensions/
• Logs: Temporary logs rotated automatically (configurable retention)

6.2 Data Encryption

• API Keys: Encrypted using your system's credential manager (Keychain on macOS, Credential Manager on Windows, Secret Service on Linux)
• Sensitive Settings: Encrypted before storage
• Session Data: Stored in plain text locally (contains file paths and editor state)

6.3 Data Retention

• Configuration: Persists until manually deleted or application uninstalled
• Chat History: Retained locally until user deletion (configurable auto-cleanup available)
• Logs: Automatically rotated (default: 7 days retention)
• Telemetry: If enabled, aggregated locally and optionally shared (user controlled)

Codentium provides comprehensive privacy controls:

7.1 Data Transmission Controls

• Context Preview: Review all data before AI submission
• Provider Selection: Choose between local (Ollama) and cloud providers
• Scope Limitation: Restrict AI context to current selection, file, or project
• Manual Exclusions: Exclude sensitive files or directories from AI context

7.2 Application Settings

• Telemetry Control: Enable/disable usage analytics (disabled by default)
• Crash Reporting: Choose whether to send crash reports
• Auto-Updates: Control automatic update checks and downloads
• Network Access: Granular control over network permissions

7.3 Data Management

• Clear Chat History: Delete AI conversation history
• Reset Configuration: Return to default settings
• Export Settings: Backup your configuration
• Complete Uninstall: Remove all application data

8.1 Required Third-Party Services

• Operating System Services: File system access, credential storage, notifications
• Git Integration: Direct interaction with Git repositories (no external services)
• Language Servers: Local LSP processes for code intelligence

8.2 Optional Third-Party Services

• AI Providers: OpenAI, Grok, or custom API endpoints (user configured)
• Update Services: GitHub releases API for update checking (if enabled)
• Extension Registry: Optional extension marketplace (if used)
• Telemetry Services: Anonymous usage analytics (opt-in only)

8.3 Third-Party Data Processing

Codentium does not share your personal data with third parties except:

• When you explicitly choose to use cloud AI services
• When you opt-in to crash reporting or telemetry
• When required by law (we will notify you unless legally prohibited)

9.1 Data Protection

• Encryption at Rest: Sensitive data encrypted using system credential managers
• Encryption in Transit: All network communications use TLS/HTTPS
• Access Control: Application data protected by operating system permissions
• Secure Deletion: Sensitive data securely overwritten when deleted

9.2 Application Security

• Code Signing: All releases digitally signed for authenticity
• Sandboxing: Extensions run in isolated environments
• Regular Updates: Security patches delivered through automatic updates
• Vulnerability Reporting: Responsible disclosure program for security issues

9.3 AI Provider Security

• API Key Protection: Keys encrypted and never logged
• Request Isolation: Each AI request is independent
• Context Validation: Data sanitized before transmission
• Response Processing: AI responses processed securely

You have comprehensive rights regarding your data when using Codentium. Since most data is stored locally, you have direct control over your information.

10.1 Data Access and Portability

• Full Access: All your data is stored in accessible formats on your device
• Export Settings: Export your configuration and preferences
• Chat History Export: Export AI conversation histories in JSON format
• Project Data: Direct access to .codentium folders in your projects

10.2 Data Correction and Deletion

• Settings Modification: Change any application settings at any time
• Selective Deletion: Delete specific chat histories or session data
• Complete Reset: Reset application to factory defaults
• Uninstall Cleanup: Remove all application data during uninstallation

10.3 GDPR Rights (EU Users)

10.4 California Privacy Rights (CCPA)

For California residents, you have the right to:

• Know what personal information is collected and how it's used
• Delete personal information (available through app controls)
• Opt-out of the sale of personal information (we don't sell personal information)
• Non-discrimination for exercising your privacy rights

11.1 When We Update This Policy

We may update this Privacy Policy to reflect:

• Changes in our data processing practices
• New features that affect privacy
• Legal or regulatory requirements
• Industry best practices

11.2 How We Notify You

• In-App Notification: Prominent notice in the application
• Email Notification: If you've provided an email for updates
• Website Update: Updated policy posted at codentium.io/privacy
• Version History: Previous versions available for comparison

11.3 Material Changes

For material changes that affect your privacy rights, we will:

• Provide at least 30 days advance notice
• Clearly explain what's changing
• Allow you to opt-out of new data processing
• Maintain previous privacy settings until you choose otherwise

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us: