Privacy Policy
Last updated: March 2026
ClockOn is built on a zero-knowledge architecture. Your data lives on your device, not ours. This policy explains exactly what we collect, what we don't, and why.
What We Collect
When you purchase ClockOn, we store three things:
- Your email address (encrypted) — so we can help you recover your license key
- Your Stripe customer ID — so we can process refunds if needed
- A hash of your license key — so we can verify it's valid
When you use the app: nothing. Zero telemetry by default. We don't phone home, track usage, or collect analytics.
What We Don't Collect
We want to be explicit about this. ClockOn does not collect:
- Your API keys
- Agent data or configurations
- Chat logs or conversations
- Task outputs or results
- Office layouts or customisations
- Usage patterns or feature analytics
- IP addresses (we don't log them)
- Device fingerprints
- Machine identifiers
Where Data Lives
Your data lives on your device only, inside the ~/.clockon/ directory. This includes your API key vault, agent configurations, chat history, task logs, office layouts, and everything else you create in ClockOn.
Our data is limited to license records stored in a database (Turso). These records contain only hashed license keys and encrypted email addresses — the minimum needed to service your purchase.
We cannot access, read, or recover your local data. If you delete your ~/.clockon/ directory, that data is gone. We recommend using the built-in backup feature in Settings.
Third-Party Services
We use two third-party services on the server side:
- Stripe processes payments. Their privacy policy applies to payment data. We never see or store your card details.
- Resend delivers transactional emails — specifically license key delivery and license recovery emails. That's it. No marketing, no newsletters.
We use no analytics services, no advertising networks, and no data brokers. We don't sell, share, or trade your information with anyone.
Data Retention
License records are kept for the duration of the license. If you request deletion, we'll remove your record.
License recovery attempt logs auto-expire after 24 hours.
We store the minimum data required to service your purchase — nothing more.
Your Rights
You can request deletion of your license record and email at any time by contacting support@clockon.ai.
You can export all your local data at any time via Settings > Data Management > Export Backup in the ClockOn app.
Since your data lives on your device, you always have full control over it. No request needed to access what's already yours.
Security
We take security seriously at every level:
- AES-256-GCM encryption for your local API key vault
- Ed25519 digital signatures for license key verification
- HTTPS for all server communication
- No plaintext storage of sensitive data, anywhere
Your API keys are encrypted on your device before they're stored. Even if someone accessed your ~/.clockon/ directory, they couldn't read your keys without your passphrase.
Children
ClockOn is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, please contact us and we'll delete it.
Changes
We may update this privacy policy from time to time. Changes will be posted at clockon.ai/privacy with an updated date.
Contact
Questions about your privacy? Reach us at support@clockon.ai.