TatsuCode Privacy Policy
Last Updated: January 21, 2026
At Studio Tatsu, LLC ("Studio Tatsu," "Company," "we," "us," or "our"), we are committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and protect information when you use the TatsuCode desktop application (the "Software" or "Application") and our website at https://tatsu.ai (the "Website") (collectively, the "Services").
By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services.
Table of Contents
- Our Privacy Commitment
- Information We Collect
- How We Use Information
- How We Share Information
- Third-Party AI Services
- Data Storage and Security
- Data Retention
- Your Rights and Choices
- Children's Privacy
- International Data Transfers
- California Privacy Rights
- European Union and UK Privacy Rights
- Changes to This Privacy Policy
- Contact Us
1. Our Privacy Commitment
TL;DR: The TatsuCode desktop application does not collect, transmit, or store your personal data on our servers. Your code, conversations, and data stay on your device.
Privacy is a core principle of TatsuCode. We believe your code and data belong to you. The TatsuCode desktop application is designed to operate with minimal data collection:
- No telemetry — We do not track how you use the Software
- No analytics in the app — The Software contains no usage analytics
- No code transmission to Studio Tatsu — Your code is never sent to our servers
- Local storage only — All your data remains on your device
The only network communications made by the TatsuCode application are:
- Update checks — To notify you when new versions are available
- Third-Party AI requests — When you choose to use external AI providers (sent directly to those providers, not through us)
2. Information We Collect
2.1. Information Collected by the Desktop Application
The TatsuCode desktop application collects virtually no information.
| What We Collect | Why | Where It's Stored |
|---|---|---|
| Update check requests | To notify you of new versions | Brief server logs only |
What We Do NOT Collect from the Application:
- Your source code or project files
- Your chat history or conversations
- Your prompts or AI interactions
- Your API keys (stored locally, encrypted on your device)
- Usage patterns or behavior analytics
- Personal identifiers or device fingerprints
- Crash reports (unless you explicitly submit them)
2.2. Information Stored Locally on Your Device
The following data is stored locally on your device only and is never transmitted to Studio Tatsu:
- Chat sessions and conversation history
- Project configurations and settings
- API keys and credentials (encrypted)
- User preferences and customizations
- Session data and caches
This data is stored in your user profile directory and you maintain full control over it.
2.3. Information Collected by the Website
When you visit https://tatsu.ai, we may collect:
A. Information You Provide:
- Contact information (if you reach out to us via email or social media)
- Feedback or bug reports you voluntarily submit
B. Automatically Collected Information:
- Google Analytics data, including:
- Pages visited and navigation patterns
- Download counts
- Referral sources
- General geographic location (country/region level)
- Browser type and device category
- Session duration and bounce rates
- Server logs, which may include:
- IP address
- Date and time of access
- Requested URLs
- HTTP status codes
C. Cookies and Similar Technologies:
Our Website uses cookies for:
- Essential cookies — Required for website functionality
- Analytics cookies — Google Analytics to understand visitor traffic
You can control cookies through your browser settings. Disabling cookies may affect website functionality.
2.4. Information We Do NOT Collect
We do not knowingly collect:
- Sensitive personal information (health, financial, biometric data)
- Social Security numbers or government identifiers
- Precise geolocation data
- Information from children under 13 years of age
3. How We Use Information
3.1. Desktop Application
The minimal information from update checks is used solely to:
- Determine if your version is current
- Provide software updates when available
3.2. Website
We use Website information to:
- Provide, maintain, and improve the Website
- Understand how visitors interact with the Website
- Analyze download trends and visitor demographics
- Respond to inquiries and support requests
- Detect and prevent fraud, abuse, or security issues
- Comply with legal obligations
3.3. We Do NOT Use Information For:
- Training AI models
- Selling to third parties
- Targeted advertising
- User profiling or behavioral tracking
- Any purpose not disclosed in this Privacy Policy
4. How We Share Information
4.1. We Do NOT Sell Your Information
Studio Tatsu does not sell, rent, or trade your personal information to third parties.
4.2. Service Providers
We may share limited information with trusted service providers who assist us in operating our Services:
| Provider | Purpose | Data Shared |
|---|---|---|
| Google Analytics | Website analytics | Anonymized usage data |
| Web hosting providers | Website hosting | Server logs |
| Stripe | Donation processing | Only if you donate (payment info handled by Stripe) |
These providers are contractually obligated to protect your information and use it only for the purposes we specify.
4.3. Legal Requirements
We may disclose information if required by law, regulation, legal process, or governmental request, or to:
- Protect the rights, property, or safety of Studio Tatsu, our users, or others
- Enforce our Terms of Service
- Respond to claims of content violation of third-party rights
- Detect and prevent fraud or security issues
4.4. Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.
5. Third-Party AI Services
5.1. How Third-Party AI Services Work
TatsuCode allows you to connect to various AI providers to power its features. When you use these services:
- Your data goes directly to the AI provider — Not through Studio Tatsu servers
- Studio Tatsu does not intercept, store, or process this data
- You are responsible for reviewing each provider's privacy practices
5.2. Third-Party AI Providers
TatsuCode supports integration with the following AI providers (among others):
| Provider | Privacy Policy | Terms of Service |
|---|---|---|
| OpenRouter | openrouter.ai/privacy | openrouter.ai/terms |
| Anthropic (Claude) | anthropic.com/privacy | anthropic.com/terms |
| OpenAI | openai.com/privacy | openai.com/terms |
| Google (Gemini) | policies.google.com/privacy | ai.google.dev/terms |
5.3. Local AI Models
If you use local AI models (Ollama, LM Studio, llama.cpp, etc.), your data is processed entirely on your own hardware and is never transmitted externally.
5.4. Your Responsibility
Before using any Third-Party AI Service, we strongly recommend:
- Reading their privacy policy and terms of service
- Understanding how they handle and retain your data
- Considering whether your code or data contains sensitive information
- Configuring appropriate privacy settings within each provider
Studio Tatsu is not responsible for the privacy practices of Third-Party AI Services.
6. Data Storage and Security
6.1. Local Data Storage
All application data (conversations, settings, API keys) is stored locally on your device in your user profile directory:
- Windows:
%UserProfile%\Documents\TatsuTech\TatsuCode\ - macOS:
~/Documents/TatsuTech/TatsuCode/ - Linux:
~/Documents/TatsuTech/TatsuCode/
API keys and credentials are encrypted before storage.
6.2. Security Measures
We implement commercially reasonable security measures to protect information:
- Encryption of sensitive local data (API keys, credentials)
- Secure HTTPS connections for all network communications
- Regular security reviews and updates
6.3. No Absolute Guarantee
While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
6.4. Your Responsibility
You are responsible for:
- Maintaining the security of your device
- Protecting your API keys and credentials
- Backing up your local data
- Installing security updates promptly
7. Data Retention
7.1. Desktop Application
- Local data: Retained until you delete it
- Update check logs: Retained briefly (typically less than 30 days)
7.2. Website
- Analytics data: Retained per Google Analytics default settings (typically 26 months)
- Server logs: Retained for up to 90 days
- Contact communications: Retained as long as necessary to respond and for our records
7.3. Deletion
You can delete local application data at any time by:
- Uninstalling the Software
- Manually deleting the data directory
For Website data deletion requests, please contact us at security@tatsu.ai.
8. Your Rights and Choices
8.1. Access and Control
You have the right to:
- Access — Request information about what data we have about you
- Correction — Request correction of inaccurate data
- Deletion — Request deletion of your data
- Portability — Request a copy of your data in a portable format
- Opt-out — Decline certain data collection practices
8.2. How to Exercise Your Rights
To exercise these rights, contact us at:
- Email: security@tatsu.ai
- X (Twitter): @TatsuCodeAI
We will respond to requests within the timeframe required by applicable law (typically 30-45 days).
8.3. Cookies
You can manage cookies through your browser settings. Most browsers allow you to:
- Block all cookies
- Accept only first-party cookies
- Delete cookies when you close your browser
- Receive alerts when cookies are set
8.4. Google Analytics Opt-Out
You can opt out of Google Analytics by:
- Installing the Google Analytics Opt-out Browser Add-on
- Using browser privacy features (e.g., "Do Not Track")
9. Children's Privacy
TatsuCode is not intended for use by children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at security@tatsu.ai. We will take steps to delete such information promptly.
10. International Data Transfers
Studio Tatsu is based in the United States. If you access our Services from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.
We take appropriate safeguards to ensure your information remains protected in accordance with this Privacy Policy and applicable law.
11. California Privacy Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
11.1. Right to Know
You have the right to know:
- Categories of personal information we collect
- Sources of personal information
- Business purposes for collection
- Categories of third parties with whom we share information
- Specific pieces of personal information we have collected
11.2. Right to Delete
You have the right to request deletion of your personal information, subject to certain exceptions.
11.3. Right to Opt-Out of Sale
We do not sell personal information. We have not sold personal information in the preceding 12 months.
11.4. Right to Non-Discrimination
We will not discriminate against you for exercising your privacy rights.
11.5. Exercising Your Rights
To exercise your California privacy rights, contact us at security@tatsu.ai. We may verify your identity before processing your request.
11.6. Authorized Agents
You may designate an authorized agent to submit requests on your behalf. We may require verification of the agent's authorization.
11.7. Shine the Light
California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing. We do not disclose personal information for direct marketing purposes.
12. European Union and UK Privacy Rights
If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and UK GDPR.
12.1. Legal Basis for Processing
We process personal data based on:
- Legitimate interests — Operating and improving our Services
- Contract performance — Providing Services you requested
- Legal obligations — Complying with applicable laws
- Consent — Where you have provided explicit consent
12.2. Your Rights
You have the right to:
- Access — Obtain a copy of your personal data
- Rectification — Correct inaccurate personal data
- Erasure — Request deletion ("right to be forgotten")
- Restriction — Restrict processing in certain circumstances
- Portability — Receive your data in a portable format
- Object — Object to processing based on legitimate interests
- Withdraw consent — Withdraw consent at any time (where applicable)
12.3. Data Controller
Studio Tatsu, LLC is the data controller for personal data collected through our Services.
12.4. Supervisory Authority
You have the right to lodge a complaint with your local data protection supervisory authority.
12.5. Contact for EU/UK Matters
For privacy inquiries related to EU/UK data protection, contact us at security@tatsu.ai.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.
When we make material changes, we will:
- Update the "Last Updated" date at the top of this policy
- Post the revised policy on our Website
- Where appropriate, provide notice through the Software
Your continued use of our Services after changes become effective constitutes acceptance of the revised Privacy Policy.
We encourage you to review this Privacy Policy periodically.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Studio Tatsu, LLC
- Privacy/Security Email: security@tatsu.ai
- X (Twitter): @TatsuCodeAI
- Website: https://tatsu.ai
- GitHub: TatsuAI/TatsuCode (for bug reports)
For privacy-related inquiries, please include "Privacy" in your subject line.
This Privacy Policy is effective as of January 21, 2026.