Back to Capella
Capella
Capella

Privacy Policy

Effective April 23, 2026

Capella is a local-first desktop application. Your source code, prompts, and agent activity live on your machine — not on our servers. This policy explains the limited information we do handle, and the boundaries between Capella, the third-party AI agents you choose to run, and the services you connect.

1. Who we are

“Capella,” “we,” “us,” and “our” refer to the independent operator of the Capella desktop application and the capella.dev website (collectively, the Service). Capella is operated by an individual based in British Columbia, Canada. For privacy questions, or to exercise any of the rights described below, contact our privacy officer at privacy@capella.dev.

2. Scope

This policy covers (a) the Capella desktop application (the App) and (b) the Capella marketing website (the Site). It does not cover third-party AI coding agents (such as Claude Code, Codex, Cursor, Gemini, Copilot, Amp, or others), third-party model providers, third-party tunneling services (Tailscale, Cloudflare Tunnel), or any other service you connect through the App. Those services are governed by their own privacy policies, and you are responsible for reviewing and accepting them.

3. What we collect

3.1 The App (local-first)

The App runs on your device. Source code, git history, diffs, agent prompts, agent responses, terminal sessions, mission plans, and skill configurations are stored locally on your machine (typically in a SQLite database and on disk). We do not transmit, collect, store, or have access to any of this content.

The App may make the following network requests on your behalf:

  • Update checks. The App may periodically contact our update endpoint to check for new versions. These requests may include your App version and operating-system version. No account, code, or prompt data is sent.
  • License validation. If you use a paid tier, the App may validate your license key against our servers. We store your license key, activation timestamp, and a hashed machine identifier.
  • Crash and error reports (opt-in). If you opt in, the App may send anonymized crash diagnostics (stack traces, App version, OS version). We make reasonable efforts to strip user content from these reports. You may disable this at any time in Settings.
  • Product analytics (opt-in).If you opt in, the App may send anonymized, aggregate usage events (e.g., “mission started,” “agent launched”) without the underlying content. Disabled by default.

Any request you make to a third-party AI agent, model provider, or remote service goes directly from your machine to that provider using your credentials. Capella does not proxy, intercept, or retain that traffic.

3.2 Remote access

If you enable Capella’s remote-access feature, traffic flows between your controller device and your dev machine over a connection you establish (LAN, Tailscale, Cloudflare Tunnel, or similar). Capella does not operate a relay server for this traffic. You are solely responsible for securing your tunnel, authorizing devices, and protecting the credentials involved.

3.3 The Site

When you visit the Site, we may collect:

  • Standard log data (IP address, user agent, referrer, pages viewed, timestamps) used to operate and secure the Site.
  • Privacy-preserving analytics to understand aggregate traffic. We do not sell this data.
  • Information you submit to forms (e.g., email address for a waitlist, download, or support request).

3.4 What we do not collect

  • We do not collect or transmit your source code.
  • We do not collect your prompts or agent responses.
  • We do not read your filesystem, git history, or SSH keys.
  • We do not sell personal information.

4. How we use information

We use the limited information we do collect to:

  • Operate, maintain, and secure the Service;
  • Deliver software updates and validate licenses;
  • Diagnose crashes and improve reliability (if you opt in);
  • Respond to support requests and communicate about the Service;
  • Detect, prevent, and investigate abuse, fraud, and security incidents;
  • Comply with legal obligations.

5. Legal bases for processing

Canada (PIPEDA and British Columbia PIPA). We collect, use, and disclose personal information only for purposes a reasonable person would consider appropriate in the circumstances, and we rely on your implied or express consent, as applicable. You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice, by contacting the address in Section 1.

EEA / UK. Where the GDPR or UK GDPR applies, we rely on: (a) performance of a contract for license validation and service delivery; (b) legitimate interests in securing and improving the Service; (c) consent for opt-in diagnostics and marketing communications; and (d) compliance with legal obligations.

6. Sharing

We share information only with:

  • Service providers that host our website, deliver updates, process payments, or send transactional email, under contractual confidentiality and data-protection obligations;
  • Law enforcement or regulators where required by valid legal process, after reviewing the request;
  • A successor entity in connection with a merger, acquisition, or sale of assets, subject to this policy;
  • Anyone you direct us to share with (for example, via an integration you configure).

We do not sell your personal information.

7. Retention

We retain Site logs for up to 90 days, license and billing records for as long as required to operate the Service and comply with tax and accounting law (typically up to 7 years), and support correspondence for up to 3 years. Opt-in diagnostics are retained in aggregated form.

8. Security

We take reasonable technical and organizational measures to protect the information we handle, including encryption in transit (TLS), restricted access, and hardened infrastructure. No system is perfectly secure; you use the Service at your own risk.

9. Your rights

Depending on where you live, you may have the right to access, correct, delete, port, or restrict the processing of personal information we hold about you, and to withdraw consent or object to certain processing. To exercise these rights, email privacy@capella.dev. We will respond within the timeframe required by applicable law and may need to verify your identity before fulfilling a request.

Canada. You have the right to access and correct personal information we hold about you, and to withdraw consent, under PIPEDA and (for British Columbia residents) the Personal Information Protection Act. If you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada ( priv.gc.ca) or the Office of the Information and Privacy Commissioner for British Columbia ( oipc.bc.ca).

California residents (CCPA/CPRA).You have the right to know, delete, correct, and limit the use of sensitive personal information, and to opt out of “sale” or “sharing” of personal information. We do not sell or share personal information as those terms are defined under the CCPA.

10. International transfers and storage

Capella is operated from Canada. Our service providers (for hosting, update delivery, payments, transactional email, and analytics) may be located in Canada, the United States, the European Union, or other jurisdictions. When you use the Service, your information may be transferred to, stored in, and processed in those jurisdictions and may be accessible to foreign courts, law enforcement, and national-security authorities under their laws. Where required, we rely on appropriate safeguards such as contractual protections and, for transfers subject to the GDPR, Standard Contractual Clauses.

11. Children

Capella is a developer tool intended for adults. It is not directed to children under 13 (or the equivalent minimum age in your jurisdiction), and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, contact us and we will delete it.

12. Third-party agents and services

Capella is designed to launch and coordinate third-party AI coding agents and services that you choose to install and authenticate. When you use those agents, your prompts, code context, and any other content you send go directlyfrom your machine to that provider under their terms and privacy policy. We are not a party to that relationship, do not control it, and are not responsible for the providers’ handling of your data.

13. Changes

We may update this policy from time to time. Material changes will be announced on the Site or in the App. The “Effective” date above reflects the latest revision. Continued use of the Service after an update constitutes acceptance of the revised policy.

14. Contact

Questions about this policy or your information can be sent to privacy@capella.dev.

© 2026 Capella

PrivacyTerms