Legal / Privacy

Privacy Policy

This policy explains what Dorchestrator processes, what remains in your local workspace, and which service providers are involved when you purchase or use a license.

Effective July 11, 2026

Who this policy covers

This policy applies to the Dorchestrator website, desktop application, checkout and license services, and support communications. Dorchestrator is responsible for the personal data it processes for those services. Services you connect yourself, including model providers and command-line tools, apply their own privacy terms to data you send them.

Local-first application data

Dorchestrator stores workspace configuration, task boards, agent definitions, run history, templates, schedules, and related runtime records locally in your selected workspace, primarily under its .dorchestrator directory. Provider credentials are stored using the desktop application's secure settings. Offline voice transcription is processed on your device when you use it.

Dorchestrator does not automatically upload your local workspace to us. Data may leave your device when you direct an agent, CLI, or model provider to process it, according to that provider's settings and terms.

Information we process

  • Purchase and license data: name, email address, customer and order identifiers, selected plan, payment status, license key status, and device identifiers used to activate or protect a license.
  • Support data: your email address, message, attachments, and troubleshooting details you choose to send us.
  • Waitlist data: your email address, consent, subscription status, and waitlist segment membership when you request product and launch updates.
  • Security and service data: network address, request metadata, timestamps, and error or delivery records needed to operate, secure, and diagnose the website, checkout, license, and email services.

Payment card details are submitted to our payment provider, Creem. We receive the resulting transaction and customer records needed to fulfill and manage your purchase, rather than your complete card details.

Why we use this information

We process information to:

  • create checkout sessions, confirm payments, and deliver licenses;
  • activate, validate, recover, and protect paid access;
  • manage the waitlist and send the product updates you request;
  • respond to support requests and service notices;
  • prevent abuse, investigate failures, and keep the service reliable; and
  • meet tax, accounting, fraud-prevention, and other legal obligations.

Depending on the activity and your location, our legal basis is performing our contract with you, our legitimate interests in operating and securing the service, compliance with legal obligations, or consent where required.

Service providers and disclosures

We disclose only the information needed for these providers to perform their roles:

  • Creem processes checkout and payment activity. Its own privacy policy applies to the information it collects during checkout.
  • Supabase hosts purchase and license records.
  • Resend stores waitlist contacts and delivers product, license, and service emails.
  • Your selected AI and CLI providers process prompts, files, or other content only when you configure and direct Dorchestrator to use them.

We may also disclose information when required by law, to protect users or the service, or as part of a business transfer with appropriate safeguards. We do not sell personal data or share it for cross-context behavioral advertising.

Retention and security

We keep purchase and license records while your license is active and as needed afterward for support, fraud prevention, accounting, and legal compliance. Support and technical records are kept only as long as reasonably needed for the request, service operation, security, or applicable law. Local workspace records remain under your control until you delete them.

We use administrative and technical safeguards appropriate to the information we process. No storage or transmission method is completely secure, so we cannot guarantee absolute security.

International processing

Our service providers may process information in countries other than yours. Where required, we rely on contractual or other recognized safeguards for international transfers. Provider locations and safeguards may also be described in their own privacy notices.

Your choices and rights

Depending on your location, you may ask to access, correct, delete, restrict, or receive a copy of your personal data, object to certain processing, or withdraw consent. You may also have the right to complain to your local data protection authority. Some records must be retained where law or transaction integrity requires it.

You can opt out of waitlist or product emails through the unsubscribe link in any such email, or by contacting us.

To make a request, email [email protected]. We may need to verify that the request relates to you before responding.

Cookies and children

At the effective date, the Dorchestrator landing page does not use analytics or advertising cookies. A third-party checkout may use cookies or similar technologies under that provider's policy. Dorchestrator is not directed to children under 13, and we do not knowingly collect their personal data.

Changes and contact

We may update this policy as the product or legal requirements change. We will post the revised version here and update the effective date. Material changes may also be communicated through the product or by email when appropriate.

Questions or privacy requests can be sent to [email protected].

法律 / 隐私

隐私政策

本政策说明 Dorchestrator 会处理哪些信息、哪些数据保留在你的本地工作区,以及购买或使用许可证时会涉及哪些服务提供商。

生效日期:2026 年 7 月 11 日

本政策的适用范围

本政策适用于 Dorchestrator 网站、桌面应用、结账与许可证服务以及支持沟通。Dorchestrator 对其为这些服务处理的个人数据负责。你自行连接的模型 Provider 和命令行工具等服务,会按照各自的隐私条款处理你发送给它们的数据。

本地优先的应用数据

Dorchestrator 将工作区配置、任务看板、Agent 定义、运行历史、模板、定时任务和相关运行记录保存在你选择的本地工作区中,主要位于 .dorchestrator 目录。Provider 凭据通过桌面应用的安全设置保存。使用离线语音转写时,处理在你的设备上完成。

Dorchestrator 不会自动把你的本地工作区上传给我们。当你主动要求某个 Agent、CLI 或模型 Provider 处理数据时,相关数据可能按照该 Provider 的设置和条款离开你的设备。

我们处理的信息

  • 购买与许可证数据:姓名、邮箱、客户与订单标识、所选套餐、付款状态、许可证密钥状态,以及用于激活或保护许可证的设备标识。
  • 支持数据:你的邮箱、消息、附件,以及你主动发送的故障排查信息。
  • 候补名单数据:当你请求产品与上线更新时提交的邮箱、同意记录、订阅状态和候补名单分组信息。
  • 安全与服务数据:为运行、保护和诊断网站、结账、许可证及邮件服务所需的网络地址、请求元数据、时间戳、错误或投递记录。

支付卡信息会直接提交给支付服务商 Creem。我们接收用于履行和管理订单的交易与客户记录,而不会接收你的完整卡片信息。

我们为何使用这些信息

我们使用相关信息来:

  • 创建结账会话、确认付款并交付许可证;
  • 激活、验证、找回并保护付费访问;
  • 管理候补名单并发送你主动请求的产品更新;
  • 回复支持请求并发送服务通知;
  • 防止滥用、调查故障并保持服务可靠;
  • 履行税务、会计、反欺诈和其他法律义务。

根据具体活动和你所在地区,我们处理数据的法律依据可能是履行与你的合同、运行和保护服务的合法利益、遵守法律义务,或在需要时取得你的同意。

服务提供商与信息披露

我们只会向以下提供商披露其履行职责所需的信息:

  • Creem 处理结账和付款,其在结账过程中收集的信息适用 Creem 的隐私政策。
  • Supabase 托管购买与许可证记录。
  • Resend 保存候补名单联系人,并发送产品、许可证与服务邮件。
  • 你选择的 AI 和 CLI Provider 仅在你完成配置并要求 Dorchestrator 使用时,处理相应提示词、文件或其他内容。

法律要求、保护用户或服务,或在具有适当保障的业务转移中,我们也可能披露信息。我们不会出售个人数据,也不会为跨场景行为广告共享个人数据。

保留与安全

在许可证有效期间,我们会保留购买与许可证记录;之后也可能基于支持、反欺诈、会计和法律合规需要继续保留。支持与技术记录仅在处理请求、运行服务、保障安全或适用法律所合理需要的期限内保留。本地工作区记录由你控制,直到你自行删除。

我们采用与所处理信息相适应的管理和技术保障措施。但任何存储或传输方式都无法做到绝对安全,因此我们不能保证完全没有风险。

跨境处理

服务提供商可能在你所在国家或地区以外处理信息。在适用法律要求时,我们会依赖合同或其他认可的保障机制进行跨境传输。各提供商的处理地点和保障措施也可能在其隐私政策中说明。

你的选择与权利

根据你所在地区,你可能有权请求访问、更正、删除、限制处理或获取个人数据副本,反对特定处理,或撤回同意。你也可能有权向当地数据保护机构投诉。法律或交易完整性要求保留的部分记录可能无法删除。

你可以使用候补名单或产品邮件中的退订链接停止接收,也可以直接联系我们。

如需提出请求,请发送邮件至 [email protected]。回复前,我们可能需要验证该请求与你本人有关。

Cookie 与儿童

截至本政策生效日,Dorchestrator 落地页不使用分析或广告 Cookie。第三方结账页面可能按照其自身政策使用 Cookie 或类似技术。Dorchestrator 不面向 13 岁以下儿童,我们不会故意收集其个人数据。

政策变更与联系

产品或法律要求变化时,我们可能更新本政策。修订版会发布在本页面并更新生效日期。对于重大变更,我们也可能通过产品内通知或邮件告知你。

如有问题或隐私请求,请联系 [email protected]。