← Back

Privacy Policy

Last updated: April 11, 2026

This Privacy Policy explains how the Palmier platform ("Service"), operated by Palmier ("we", "us", or "our"), collects, uses, and protects your information.

1. What We Collect

1.1 Data stored on our server

When you use Palmier in server mode, our server stores the following minimal data:

• Host ID — a randomly generated UUID that identifies your host. It contains no personal information.
• Push notification subscriptions — your browser's Web Push endpoint URL and encryption keys, used solely to deliver push notifications to your devices.

We do not store your task data, prompts, execution outputs, file contents, client tokens, IP addresses, email addresses, names, or any other personal information on our server.

1.2 Data stored on your machine

The Palmier host daemon stores all task-related data locally on your machine, including:

• Task definitions, prompts, and execution plans
• Task execution results and reports
• Run history and timestamps
• Client tokens for paired devices
• Host configuration

This data never leaves your machine unless you explicitly use server mode, in which case task management commands (not task content) are relayed through our cloud server. Task results and report contents are transferred directly between your host and your paired devices.

1.3 Data in transit

When using server mode, the following data passes through our NATS message broker in real time:

• RPC messages between your PWA and host (task management commands, status updates)
• Task lifecycle events (started, finished, failed — used to trigger push notifications)

This data is ephemeral — it is not stored, logged, or retained by our server. The NATS broker forwards messages in real time and does not persist them.

1.4 Local mode

When using local mode, all traffic stays on localhost. No data leaves your machine and no pairing is required.

1.5 LAN mode

When using LAN mode, no data passes through our infrastructure at all. All communication occurs directly between your devices on your local network. Devices must pair with a one-time pairing code before they can access the host.

2. Third-Party AI Services

When you execute tasks, your prompts and related data are sent directly from your machine to the third-party AI provider you selected (such as Anthropic, Google, OpenAI, or others). This data is sent by the host daemon running on your machine — it does not pass through our server.

We have no control over how these providers handle your data. Please review their respective privacy policies. Common providers include:

• Anthropic (Claude Code)
• Google (Gemini CLI)
• OpenAI (Codex CLI)
• GitHub (Copilot CLI)

Palmier supports additional agents whose providers are not listed here. You are responsible for reviewing the privacy policies of any AI service you choose to use.

3. Web Push Notifications

If you enable push notifications, your browser provides a push subscription endpoint managed by your browser vendor (e.g., Google for Chrome, Mozilla for Firefox, Apple for Safari). We store this endpoint to deliver notifications. We do not control the browser vendor's handling of push delivery data.

4. How We Use Your Data

The minimal data we collect is used exclusively to:

• Route messages between your devices and your host
• Deliver push notifications you have opted into

We do not sell, share, or use your data for advertising, analytics, profiling, or any purpose other than operating the Service.

5. Data Retention

• Host registrations are retained until you remove your host from the PWA, which cascades deletion of all associated push subscriptions.
• Push subscriptions are automatically removed when the browser's push endpoint becomes invalid (HTTP 404 or 410).
• NATS messages are not retained — they are forwarded in real time and discarded.
• Local data on your machine is retained until you delete it. See the host daemon README for removal instructions.

6. Data Security

Communication between your devices and our server uses TLS encryption. NATS connections are authenticated with tokens. Client tokens authenticate paired devices to your host.

However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of data in transit or at rest.

7. Your Rights

You can at any time:

• Delete your host registration by removing the host from the PWA, which deletes all server-side data associated with it
• Revoke device access using palmier clients revoke-all
• Delete all local data by removing ~/.config/palmier and your Palmier root directory
• Use local or LAN mode to avoid sending any data through our infrastructure

8. Children's Privacy

The Service is not intended for use by anyone under the age of 13. We do not knowingly collect information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will indicate the date of the most recent revision at the top of this page. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

10. Contact

If you have questions about this Privacy Policy, contact us at legal@palmier.me or open an issue on the Palmier GitHub repository.