Privacy · Intent Panel v1.0

Your Data, Honestly

The panel only works if it is trustworthy enough to keep running. This page is the whole contract — read it, tune your consent, and keep the repository handy to verify the code matches the words.

What actually gets stored

An anonymous user id and session id generated on your first visit. Stored in your browser's localStorage, never linked across devices.
A SHA-256 hash of your prompt text (stable across redaction version bumps, used to de-duplicate).
A redacted copy of the prompt. Emails, phone numbers, credit cards, SSNs, API keys, JWTs, URLs are stripped before text hits disk.
Structural features (length, language, contains_code) and taxonomy labels (category, subcategory, domain, etc.).
The advisor's routing decision and whichever model you selected / copied / overrode.

We do not store IP addresses, device fingerprints, browser versions, saved passwords, autofill data, model completions, cross-device identifiers, or location.

What never happens

We never train a model on your prompts.

We never sell raw prompt text to third parties.

We never publish an individual prompt — only aggregates where n >= 100.

We never run any provider API call on your behalf.

We never auto-link prompts across users.

We never share browser version or fingerprint signals.

Your consent tier

This marks every consent grant for your anonymous id as revoked on the server and resets your local consent tier to 0.

If you want the ugly details, read the methodology page or inspect backend/app/core/redaction.py in the repository.