Who this policy covers
This policy applies to the Dorchestrator website, desktop application, checkout and license services, and support communications. Dorchestrator is responsible for the personal data it processes for those services. Services you connect yourself, including model providers and command-line tools, apply their own privacy terms to data you send them.
Local-first application data
Dorchestrator stores workspace configuration, task boards, agent definitions,
run history, templates, schedules, and related runtime records locally in your
selected workspace, primarily under its .dorchestrator directory.
Provider credentials are stored using the desktop application's secure settings.
Offline voice transcription is processed on your device when you use it.
Dorchestrator does not automatically upload your local workspace to us. Data may leave your device when you direct an agent, CLI, or model provider to process it, according to that provider's settings and terms.
Information we process
- Purchase and license data: name, email address, customer and order identifiers, selected plan, payment status, license key status, and device identifiers used to activate or protect a license.
- Support data: your email address, message, attachments, and troubleshooting details you choose to send us.
- Waitlist data: your email address, consent, subscription status, and waitlist segment membership when you request product and launch updates.
- Security and service data: network address, request metadata, timestamps, and error or delivery records needed to operate, secure, and diagnose the website, checkout, license, and email services.
Payment card details are submitted to our payment provider, Creem. We receive the resulting transaction and customer records needed to fulfill and manage your purchase, rather than your complete card details.
Why we use this information
We process information to:
- create checkout sessions, confirm payments, and deliver licenses;
- activate, validate, recover, and protect paid access;
- manage the waitlist and send the product updates you request;
- respond to support requests and service notices;
- prevent abuse, investigate failures, and keep the service reliable; and
- meet tax, accounting, fraud-prevention, and other legal obligations.
Depending on the activity and your location, our legal basis is performing our contract with you, our legitimate interests in operating and securing the service, compliance with legal obligations, or consent where required.
Service providers and disclosures
We disclose only the information needed for these providers to perform their roles:
- Creem processes checkout and payment activity. Its own privacy policy applies to the information it collects during checkout.
- Supabase hosts purchase and license records.
- Resend stores waitlist contacts and delivers product, license, and service emails.
- Your selected AI and CLI providers process prompts, files, or other content only when you configure and direct Dorchestrator to use them.
We may also disclose information when required by law, to protect users or the service, or as part of a business transfer with appropriate safeguards. We do not sell personal data or share it for cross-context behavioral advertising.
Retention and security
We keep purchase and license records while your license is active and as needed afterward for support, fraud prevention, accounting, and legal compliance. Support and technical records are kept only as long as reasonably needed for the request, service operation, security, or applicable law. Local workspace records remain under your control until you delete them.
We use administrative and technical safeguards appropriate to the information we process. No storage or transmission method is completely secure, so we cannot guarantee absolute security.
International processing
Our service providers may process information in countries other than yours. Where required, we rely on contractual or other recognized safeguards for international transfers. Provider locations and safeguards may also be described in their own privacy notices.
Your choices and rights
Depending on your location, you may ask to access, correct, delete, restrict, or receive a copy of your personal data, object to certain processing, or withdraw consent. You may also have the right to complain to your local data protection authority. Some records must be retained where law or transaction integrity requires it.
You can opt out of waitlist or product emails through the unsubscribe link in any such email, or by contacting us.
To make a request, email [email protected]. We may need to verify that the request relates to you before responding.
Cookies and children
At the effective date, the Dorchestrator landing page does not use analytics or advertising cookies. A third-party checkout may use cookies or similar technologies under that provider's policy. Dorchestrator is not directed to children under 13, and we do not knowingly collect their personal data.
Changes and contact
We may update this policy as the product or legal requirements change. We will post the revised version here and update the effective date. Material changes may also be communicated through the product or by email when appropriate.
Questions or privacy requests can be sent to [email protected].