Privacy Policy
Full Policy
This page summarizes CommandLane's privacy practices. For the complete legal policy, see the GDPR Compliance Guide.
Core Principles
Local-First by Default
CommandLane is designed with privacy as a foundational principle:
- All data stored locally on your Windows machine by default
- No cloud synchronization unless you explicitly configure it
- No telemetry or analytics sent to external services
- No account required to use the application
Data You Control
| Data Type | Storage | Access |
|---|---|---|
| Captured entries | Local SQLite database | You only |
| Configuration | Local JSON files | You only |
| Classification models | Local filesystem | You only |
| Search indices | Local SQLite | You only |
Optional External Services
OpenAI API (Optional)
If you enable AI planning features:
- What's sent: Anonymized task summaries for planning assistance
- When: Only when you run
pkb plancommand - Control: Disable by not setting
OPENAI_API_KEYenvironment variable - Provider: OpenAI (see OpenAI Privacy Policy)
Stay Fully Local
Use TinyBERT classification (ai_classification_use_tinybert: true) to avoid any external API calls.
Data Security
Input Validation
All user inputs are validated:
- Text length limits (10,000 characters)
- Path traversal prevention
- SQL injection protection (parameterized queries only)
- Command injection prevention
Storage Security
- Atomic writes with recovery files prevent data corruption
- File permissions restrict database access to your user account
- No plaintext secrets in configuration files
Network Security
- No inbound connections accepted
- Outbound connections only if you enable AI features
- TLS encryption for all external API calls (when used)
Compliance
GDPR (General Data Protection Regulation)
- ✅ Right to Access - All data in local SQLite database
- ✅ Right to Erasure - Delete
pkb_data.dband config files - ✅ Right to Portability - SQLite and JSON export available
- ✅ Data Minimization - Only stores what you capture
- ✅ Purpose Limitation - Used only for knowledge management
CCPA (California Consumer Privacy Act)
- ✅ No Sale of Data - Nothing is sold or shared
- ✅ Disclosure - This policy describes all data practices
- ✅ Deletion Rights - You control all data files
What We Don't Collect
- ❌ Personal identifiable information (PII)
- ❌ Usage analytics or telemetry
- ❌ Crash reports (unless you manually submit)
- ❌ Location data
- ❌ Device identifiers
- ❌ Browsing history beyond window titles (if watcher enabled)
Sensitive Data Guidelines
What Not to Capture
Avoid capturing:
- Passwords or API keys
- Credit card numbers
- Social Security numbers
- Medical records
- Attorney-client privileged information
Your Responsibility
CommandLane does not automatically detect or filter sensitive data. You are responsible for what you capture.
If You Capture Sensitive Data
- Encrypt your drive using Windows BitLocker
- Set strong file permissions on
pkb_data.db - Don't enable cloud sync for sensitive databases
- Backup securely to encrypted external drives
Third-Party Dependencies
CommandLane uses open-source libraries:
- SQLite - Public domain database engine
- Python - PSF License
- Transformers (TinyBERT) - Apache 2.0
- Full dependency list in
requirements.txt
No dependencies collect telemetry or phone home.
Data Retention
You control retention:
- Data persists until you delete it
- No automatic expiration or cleanup
- Manual export/archive tools provided
Recommended practices:
- Monthly review and archive old entries
- Export important decisions to version control
- Backup database files regularly
Transparency
CommandLane is committed to transparency about data handling:
- ✅ Clear documentation of all data flows
- ✅ Explicit consent required for external integrations
- ✅ Local-first architecture you can verify
Last Updated: 2025-10-31