Aglet — Privacy Policy

Effective date: 2026-05-18 · Last updated: 2026-05-18

Aglet is a local-first workflow application. We do not collect, transmit, share, or sell your personal data. This policy explains exactly what happens on your device and on our servers.

1. Who we are

"Aglet" refers to the host application available on Apple App Store, Mac App Store, Google Play, and at aglet.dev. The publisher is the team listed at github.com/agent-rt/aglet. Contact: [email protected].

2. Data Aglet collects

2.1 On your device

Aglet data (notes, reminders, calculations, etc.) is stored locally in an SQLite database under your operating system's application data directory.
Preferences (window size, theme, locale) are stored in OS-native preference stores (UserDefaults on Apple, SharedPreferences on Android, IndexedDB on web).
That data never leaves your device unless an aglet explicitly declares a network permission (see §3).

2.2 On our servers

Registry fetch logs — when Aglet downloads an aglet from registry.aglet.dev, our CDN (Cloudflare) logs the request URL and your approximate IP-derived region. We do not associate these logs with any user identity, do not retain them beyond Cloudflare's default 30-day rotation, and do not analyze them.
No telemetry. We do not run an analytics service. We do not phone home with usage data.
No accounts. Aglet has no sign-in, no account creation, no profile sync.

3. Data aglets may collect

Each aglet is a small tool that runs inside Aglet. Aglets are developed by AI agents or by people, then reviewed publicly via GitHub PR before being added to the catalog. Each aglet:

Runs in a sandboxed JavaScript interpreter with no implicit network access. To make any network call, an aglet must declare specific URL patterns in its manifest, visible to you at install time.
Has its own isolated data namespace; no aglet can read or write another aglet's data.
Cannot collect telemetry beyond what's declared in its manifest.

If a specific aglet performs network operations or collects data, its own privacy practices are declared in its manifest and reviewed during the GitHub PR process. See SECURITY.md for the full trust model.

4. Children's privacy

Aglet is not directed at children under 13 (or 16 in some jurisdictions), and we do not knowingly collect data from them. Since Aglet collects no personal data at all, this is by design rather than by policy.

5. Your rights

EU / UK (GDPR), California (CPRA), and similar regimes

Right of access / portability: all your data is in Aglet's local data directory on your device. You can copy or export it at any time without our involvement.
Right to erasure: uninstalling Aglet (or any individual aglet) removes the associated data from your device. We have no server-side copy to delete.
Right to object / opt out of sale: we don't sell personal data. There is no opt-out flow because there is no data collection to opt out of.

6. Third parties

Cloudflare hosts registry.aglet.dev (the aglet catalog) and applies its standard edge logging. See Cloudflare's privacy policy.
Apple / Google may collect their own analytics about Aglet via the App Store / Play Store delivery layer. We do not receive individually identifying data from them.
GitHub hosts the source code of Aglet and the aglet registry. Reviewing or contributing to PRs makes your GitHub handle public; this is your own GitHub account, not a Aglet account.

7. Security

Network communication to registry.aglet.dev is HTTPS only.
Local data is stored using the OS-native storage layer (SQLite + OS filesystem). If your device has full-disk encryption (default on modern iOS, macOS, and Android), Aglet data is encrypted at rest along with everything else.
Aglets run in a sandboxed interpreter with strict permission gating. See SECURITY.md.

8. Changes to this policy

We may update this policy. Material changes (e.g. introducing any form of data collection) will be announced in the Aglet release notes and in this document's "Last updated" date. Continuing to use Aglet after changes constitutes acceptance.

9. Contact

For privacy questions, requests, or complaints: [email protected]. We aim to respond within 7 business days.

Aglet — 隐私政策

生效日期：2026-05-18 · 最近更新：2026-05-18

Aglet 是本地优先的工作流应用。我们不收集、不上传、不分享、不出售你的个人数据。本政策说明你的设备上和我们服务器上具体发生了什么。

1. 我们是谁

"Aglet" 指通过 Apple App Store、Mac App Store、Google Play、 aglet.dev 提供的宿主应用。发布者团队信息见 github.com/agent-rt/aglet。联系方式：[email protected]。

2. Aglet 收集的数据

2.1 在你的设备上

Aglet 数据（备忘、提醒、计算结果等）以 SQLite 形式存在你操作系统的应用数据目录下。
偏好设置（窗口大小、主题、语言）存在 OS 原生 prefs （Apple 的 UserDefaults / Android 的 SharedPreferences / web 的 IndexedDB）。
除非 aglet 显式声明网络权限（见 §3），这些数据不离开你的设备。

2.2 在我们的服务器上

Registry 抓取日志 —— Aglet 从 registry.aglet.dev 下载 aglet 时，我们的 CDN （Cloudflare）会记录请求 URL 和你大致 IP 所在地区。我们不把这些日志关联到任何用户身份，不保留超过 Cloudflare 默认的 30 天轮换期，也不进行分析。
无埋点。 我们没有任何分析服务。Aglet 不会主动上报使用数据。
无账号。 Aglet 没有登录、注册、个人资料同步。

3. Aglet 可能收集的数据

aglet 是跑在 Aglet 里的小工具，由 AI agent 或人编写后，经过 GitHub PR 公开审核进入 catalog。每个 aglet：

跑在沙盒 JS 解释器里，默认无法联网。要发起任何网络请求，必须在 manifest 里显式声明 URL 模式，安装前你就能看到。
有自己隔离的数据空间，aglet 间不能互相读写。
不能收集 manifest 没声明的埋点。

如果某个 aglet 有网络行为或收集数据，其隐私实践会在 manifest 中声明并在 GitHub PR 审核时检查。完整信任模型见 SECURITY.md。

4. 儿童隐私

Aglet 不针对 13 岁以下儿童（部分司法管辖区为 16 岁），且我们不会主动收集儿童数据。因为 Aglet 根本不收集任何个人数据，这是设计上的保障，不只是政策上的承诺。

5. 你的权利

欧盟 / 英国（GDPR）、加州（CPRA）等

访问权 / 可携带权：你所有的数据都在 Aglet 本地数据目录下。你可以随时自行拷贝或导出，无需我们介入。
删除权：卸载 Aglet（或任一 aglet）会清除相关本地数据。我们服务器上没有副本可删。
反对 / 拒绝出售：我们不出售个人数据。没有 opt-out 流程，因为根本没有数据收集需要 opt-out。

6. 第三方

Cloudflare 托管 registry.aglet.dev （aglet catalog），按其标准 edge 日志记录请求。详见 Cloudflare 隐私政策。
Apple / Google 可能通过 App Store / Play Store 自身的分发渠道收集关于 Aglet 的统计数据。我们不接收来自他们的个人识别信息。
GitHub 托管 Aglet 和 aglet registry 的源码。在 PR 上 review 或贡献会公开你的 GitHub 用户名 —— 这是你自己的 GitHub 账号，不是 Aglet 账号。

7. 安全

与 registry.aglet.dev 的网络通信只走 HTTPS。
本地数据走 OS 原生存储层（SQLite + OS 文件系统）。如果你的设备开启全盘加密（现代 iOS、macOS、Android 默认开启），Aglet 数据与其他数据一同静态加密。
aglet 在带权限管控的沙盒解释器里运行。详见 SECURITY.md。

8. 政策变更

本政策可能更新。重大变化（例如引入任何形式的数据收集）会同步发布在 Aglet release notes 以及本文档的"最近更新"日期上。变更后继续使用 Aglet 视为接受新政策。

9. 联系

隐私相关问询、请求、投诉： [email protected]。我们承诺 7 个工作日内回应。