Data & Privacy

TatsuCode is designed for local-first use with user-controlled provider access.

Privacy Principles

• No telemetry from the desktop app — TatsuCode itself sends nothing to Studio Tatsu about your usage. (The marketing website at tatsu.ai uses Google Analytics, disclosed in its privacy policy. The two surfaces are separate; the app does not piggyback on the website.)
• No TatsuCode server in the network path — there is no Tatsu Code server. Your prompts travel from your machine straight to the provider you've configured (Anthropic, OpenAI, GitHub, OpenRouter, your local Ollama, etc.).
• Data is sent only to providers you explicitly configure. Each configured provider sees what you send to it, the same as if you used that provider's own client.
• Local project / session state stays on your device. Sessions, projects, skills, and history live in %UserProfile%\.tatsu\. Credentials are encrypted at rest in credentials.enc.

What Is Stored Locally

TatsuCode stores only what is needed for operation and continuity, all under %UserProfile%\.tatsu\:

• App settings — config.json
• Provider connection state — which providers you've configured and which model is active
• Credential material — credentials.enc (encrypted at rest, ACL'd to your Windows account; an older credentials.json from earlier versions is auto-migrated to the encrypted form on first launch)
• Session and project history — kept locally as long as you keep it; clear with /clear or /remove-tatsu
• Skills, plugins, and runtime caches

This page intentionally avoids deeper storage-format internals to reduce unnecessary exposure.

What May Be Sent to AI Providers

When you use a hosted provider (Claude Pro / Max via the claude CLI, ChatGPT / Copilot via OAuth, OpenRouter, or any custom external API), the provider receives the request content required to answer your prompt — same as if you used that provider's own client. This is unavoidable for any tool that talks to a hosted model.

What's transmitted:

• Your prompts
• File content you reference (for example via @file.ts)
• Images, screenshots, or attachments you include
• Whatever conversation history TatsuCode forwards to keep the model in context for the current turn

What's not transmitted:

• Other files in your project that weren't referenced or read
• TatsuCode telemetry or metadata about you (TatsuCode adds none)
• Anything sent through a TatsuCode server (there isn't one)

If you want zero data leaving your machine, configure a local-only provider (Ollama, LM Studio, llama.cpp, or any OpenAI-compatible local endpoint) and avoid hosted ones.

For provider-specific data handling, follow each provider's own privacy policy. TatsuCode does not modify, weaken, or extend any provider's terms.

Credentials Security

• Credentials are stored locally in %UserProfile%\.tatsu\credentials.enc, encrypted at rest and ACL'd to your Windows account.
• For Claude Code specifically, your Anthropic OAuth tokens live in ~/.claude/ where the claude CLI itself stored them — TatsuCode never sees those tokens.
• Keep your machine account secured.
• Never share credential files.
• Rotate API keys periodically.
• Disconnect providers you no longer use.

Session and History Management

Use built-in commands to control retained data:

/session
/session-rename
/new
/clear
/remove-tatsu

Recommended:

• Delete old sessions you no longer need
• Use named sessions only when needed
• Start fresh sessions for unrelated tasks

DevBrowser Privacy Model

The built-in DevBrowser is isolated from your regular browser profile.

• Separate browsing context
• No access to your main browser extensions/profile
• Designed for development workflows, not personal browsing

Before Sharing Screens or Recordings

• Verify no sensitive code or secrets are visible
• Check provider/settings screens before demoing
• Sanitize logs or screenshots used in public channels

If You Need Full Data Cleanup

Use:

/remove-tatsu

Then verify local app data is removed according to your organization’s policy.

Standards and Governance

For instruction governance in projects:

• AGENTS.md reference: agents.md
• Skills reference: agentskills.io

These help teams define consistent behavior without exposing internal implementation details.

Next Steps

• Settings — user-facing configuration
• Providers — provider and access setup
• Troubleshooting — common issue recovery