Privacy Policy

1. Overview

This Privacy Policy describes how NoToken ("the Software"), created and maintained by Dino Bartolome ("Author," "we," "us," or "our"), collects, uses, stores, and protects information when you use the NoToken CLI, desktop application, website (notoken.sh), and any associated services.

NoToken is designed with privacy as a core principle. The CLI and desktop application operate locally on your machine. We collect minimal data and never sell, rent, or share your personal information with third parties for marketing or advertising purposes.

2. Information We Do Not Collect

NoToken is built to work without collecting personal data. The Software does not collect:

• Personal identification information (name, email address, physical address, phone number)
• System commands you execute or their outputs
• File contents, directory structures, or filesystem metadata
• API keys, tokens, passwords, SSH keys, or other credentials
• Browsing history, search queries, or usage patterns
• Telemetry, analytics, crash reports, or diagnostic data from the CLI or desktop app
• Device identifiers, hardware serial numbers, or fingerprinting data
• Location data (GPS, IP-based geolocation, etc.)
• Conversation history or natural language inputs

3. Information Stored Locally

NoToken stores the following data locally on your machine only, in the ~/.notoken/ directory (or the path specified by the NOTOKEN_HOME environment variable):

• Configuration — User preferences, settings, and host definitions for remote server connections
• Adaptive Rules — Learned intent mappings that improve command recognition over time. These rules are generated locally or via opt-in LLM assistance
• Conversation History — Session logs stored per working directory or session UUID for context continuity
• Session Data — Session identifiers, token savings statistics, and LLM connection state
• Operation Logs — Local logs for debugging purposes, stored in ~/.notoken/logs/
• Plugin Data — Any data stored by third-party plugins you install
• Terms Acceptance — A flag indicating you have accepted these terms (desktop app only)

This data never leaves your machine unless you explicitly choose to share it, or unless you enable optional cloud LLM features (see Section 5). You have full control over this data and can delete it at any time by removing the ~/.notoken/ directory.

4. Network Connections

NoToken makes network requests only in the following specific cases:

Update Checks

The Software periodically checks for available updates by contacting:

• notoken.sh/api/version — our version API
• registry.npmjs.org — the npm registry (fallback)

Only the package name and your current version number are transmitted. No personal data, system information, or usage data is included in these requests. Update check results are cached locally for one hour.

Package Installation

When you install tools through NoToken (e.g., notoken install claude), packages are downloaded from npm, official project repositories, or other standard package sources. These downloads are subject to the privacy policies of the respective package registries.

SSH Connections

When you use NoToken to manage remote servers, SSH connections are established directly from your machine to the target server. NoToken does not proxy, log, or transmit SSH traffic through any intermediary service.

Docker Operations

Docker-related commands (pulling images, running containers) connect to Docker Hub or configured registries. These connections are made by Docker itself, not by NoToken.

5. Optional LLM / AI Data Transmission

If you opt in to enhanced AI mode, the following data may be transmitted to external services:

Local LLM (Ollama)

When using Ollama, all processing occurs on your local machine. No data is sent to any external service. The Ollama API runs on localhost only.

Cloud LLM Providers (Claude, OpenAI)

When you enable a cloud LLM provider and provide your API credentials:

• Your natural language input may be sent to the provider's API for processing
• Command context (such as the current intent being parsed) may be included
• Your API key is sent directly to the provider — we never see or store it
• The provider's response is received and processed locally

This feature is disabled by default. It requires explicit configuration and is clearly indicated in the interface when active. You can disable it at any time using the /offline command or by removing your API credentials.

When using cloud providers, your data is subject to their respective privacy policies:

• Anthropic (Claude): anthropic.com/privacy
• OpenAI: openai.com/policies/privacy-policy

6. Website (notoken.sh)

The notoken.sh website:

• Does not use cookies (no first-party or third-party cookies)
• Does not use tracking pixels, web beacons, or similar technologies
• Does not use analytics services (Google Analytics, Mixpanel, etc.)
• Does not use advertising networks or retargeting
• Does not collect visitor data or build user profiles

Our web server may temporarily record IP addresses in standard access logs for security and operational purposes (e.g., detecting abuse or denial-of-service attacks). These logs are:

• Not shared with any third party
• Not used for tracking, profiling, or marketing
• Automatically rotated and deleted on a regular schedule
• Only accessed if needed for security incident investigation

7. Version API

The /api/version endpoint on notoken.sh receives requests from NoToken installations checking for updates. These requests contain only the HTTP headers standard to any web request (User-Agent, etc.) and are not logged or stored beyond standard server access logs described in Section 6.

8. Email Communications

If you contact us via email at dino@notoken.sh:

• We retain your correspondence solely to respond to your inquiry and for record-keeping
• We do not add you to any mailing list, newsletter, or marketing campaign
• We do not share, sell, or distribute your email address to any third party
• You may request deletion of your correspondence at any time

9. Third-Party Software

NoToken can install and interact with third-party tools. Each tool has its own privacy practices:

• Claude Code (Anthropic) — Governed by Anthropic's privacy policy; may transmit data to Anthropic's servers
• Ollama — Runs entirely locally; no external data transmission by default
• OpenClaw — Governed by OpenClaw's privacy policy
• Docker — Governed by Docker's privacy policy; may pull images from Docker Hub
• Matrix/Conduit — Self-hosted; data stays on your server unless you federate
• Plugins — Third-party plugins may have their own data collection practices

We are not responsible for the data practices of third-party software installed through NoToken. We encourage you to review the privacy policies of any tools you install.

10. Data Security

We take reasonable measures to protect your data:

• All local data is stored with standard filesystem permissions
• API credentials you provide are stored locally and never transmitted to us
• The notoken.sh website is served over HTTPS with TLS encryption
• We do not maintain databases of user data that could be breached
• The Software's source code is open for public audit

However, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of data stored on your machine, as that depends on your system's security configuration.

11. Children's Privacy

NoToken is a developer tool not directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate action.

12. International Users

NoToken is developed and maintained in the United States. If you are accessing the Software or website from outside the United States, please be aware that any data you provide (such as in emails to us) may be transferred to and processed in the United States.

Since the Software operates locally on your machine and we do not collect user data, cross-border data transfer concerns are minimal. If you enable cloud LLM features, your data will be processed in the region where your chosen provider operates.

13. Your Rights

Because we collect minimal data, most data privacy rights are satisfied by default. You have the right to:

• Access — All your data is stored locally in ~/.notoken/ and is directly accessible to you
• Delete — Remove all local data by deleting the ~/.notoken/ directory
• Portability — Your local data is stored in standard JSON and text formats
• Opt out — Disable cloud LLM features at any time; uninstall the Software at any time
• Request deletion of correspondence — Email us to have any emails deleted

For residents of the European Union (GDPR), California (CCPA/CPRA), or other jurisdictions with specific privacy rights: since we do not collect, store, or process personal data beyond what is described in this policy, most regulatory requirements are inherently satisfied. If you have specific requests, please contact us.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated "Last updated" date. We will make reasonable efforts to notify users of material changes (such as via the CLI update message or on the website).

Your continued use of the Software after changes are posted constitutes your acceptance of the revised Privacy Policy. We encourage you to review this policy periodically.

15. Contact

For privacy-related questions, concerns, or requests, contact:

Dino Bartolome
Email: dino@notoken.sh
Website: notoken.sh