Privacy.

Schema is local-first. Almost everything runs on your machine — the extractor, codemods, test runner, and git operations all happen against a checkout you control. The page below describes the data we touch, when we touch it, and what we don't.

What stays on your machine

Your source code never leaves your machine. The graph representation lives in browser memory only; it is not persisted on a Schema server.

What we send out, and only on your action

When you set an LLM key (GEMINI_API_KEY or ANTHROPIC_API_KEY) and run a plan, we send a compact graph snapshot + your prompt to the configured vendor (Google or Anthropic). The snapshot contains node ids, names, kinds, file paths, and the active rule list. We do not send file contents.

When you import a GitHub repo, we use a token (your PAT or your Supabase-session provider token) to call the GitHub REST API and to clone the repo into a per-user cache directory on the Schema service host.

Cookies & analytics

We use a Supabase auth cookie when you sign in (otherwise no cookies). No third-party analytics are loaded today.

Contact

Questions about how we handle your data: privacy@schema.dev.

This page is a placeholder; the formal policy is in flight.