Privacy Notice

Effective Date: February 25, 2026 · Version 1.0

Welcome to pandō, made by human.software ("we," "us," or "the Company"). We built this tool for professional developers who demand precision, control, and honesty from their software. This document is an extension of that philosophy. It explains our data practices in plain English, without legal fluff.

Our Privacy Principles

Our commitment to you is built on these principles:

  • Local by Default: The core engine runs entirely on your machine. Your code is yours.
  • Clear Data Boundaries: We make an extremely clear distinction between local processing and any optional feature that sends data externally.
  • Explicit Consent: We will never send your code to a third-party service without your explicit configuration and consent.
  • You Are the Controller: You own and control your code and the data generated from it.

What We Will Never Do

  • We never sell your data to third parties.
  • We never share your source code without your explicit action and permission.
  • We never use your private code to train our own AI models.
how we handle data

Our Collection and Use of Data

We collect the minimum data necessary to provide and improve the tool.

1. Data Processed Entirely on Your Machine

The core functionality of pandō is fully local. All processing happens on your machine.

  • Code Analysis Data: Your source code and its structure.
  • Index Metadata: File paths and cryptographic hashes stored in a local database on your machine.
  • Operation Logs: A local history of transformations, errors, and performance metrics.

2. Optional Connections to Third-Party AI Services

All pandō tools run entirely on your machine. No source code, query results, or transformation output is sent to any external service by pandō itself. When you use pandō through an MCP-compatible AI client (such as Claude, Cursor, or Windsurf), the AI client itself may send code context to its own AI provider as part of its normal operation. That data flow is governed by the AI client's own terms and privacy policies, not ours — pandō does not control or intermediate those requests.

  • pandō's tools: All of them execute locally. Nothing is sent to any external service by pandō.
  • Your AI client: When you invoke pandō tools through an AI agent, the agent may include code context in its own prompts. This is standard MCP client behavior and is subject to your agreement with that client's provider.

3. Data We Collect Through Direct Interaction

  • Contact Information: If you email us (for example, to ask about an Organization license), we keep your name and email to reply and to manage any resulting licensing relationship.
  • Support Information: Bug reports, error logs, and code snippets you voluntarily share with us to resolve an issue.
  • Billing Information: If we enter into an Organization licensing agreement with you, we keep the billing details (company name, billing address, tax ID, invoice history) required to invoice you under that agreement.

4. Analytics, Cookies, and Tracking

We use analytics on our public marketing pages to understand aggregate traffic patterns, not individual behavior. Analytics sets first-party cookies to remember that you have visited the site before; it does not have access to your code.

  • What we measure: Page views, device types, approximate geography, and on-site interactions. We use this data to improve documentation and gauge interest in product updates.
  • What we do not collect: Personal identifiers, source code, or payment details. We do not combine analytics data with customer records.
  • How to opt out: You can disable analytics cookies through your browser settings or enable a privacy-focused browser that blocks analytics scripts.

How We Use Your Data

We use the data we collect for specific, legitimate purposes:

  • To Provide and Improve pandō: To execute code transformations, fix bugs, develop new features, and analyze performance (only with optional telemetry).
  • To Support You: To respond to support requests, send important service updates, and provide documentation.
  • For Security and Integrity: To verify license information, prevent abuse of our services, and maintain service availability.
  • For Business Operations: To process payments, comply with legal obligations, and enforce our Terms of Service.

How We Share Your Data

We do not share your data, except in these limited circumstances:

  • With Service Providers: We use trusted providers for essential business functions such as website hosting, analytics, and (where applicable to an Organization billing relationship) invoicing. Providers are bound by data protection agreements.
  • For Legal Reasons: If required by law, such as in response to a subpoena or court order.
  • In a Business Transfer: If we are involved in a merger or acquisition, your data may be transferred as part of that deal, but it will remain subject to the promises in this notice.

Data Retention

We have a clear policy for how long we keep your data:

  • Local Data: Remains on your machine until you delete it.
  • Contact Data: Retained while our correspondence or licensing relationship is active, and for a reasonable period after.
  • Support Data: Retained as needed to resolve your issue and for a limited time to track recurring bugs.
  • Billing Data: Retained as required by tax and accounting laws (typically 7 years) where an Organization billing relationship exists.
your control

Your Rights and Controls

You have complete control over your data.

  • Access and Deletion: You can delete your local databases at any time. You can request a copy of any contact or billing data we hold about you, or request its deletion.
  • Opt-out of Communications: You can unsubscribe from any non-essential emails from us.
  • Product Telemetry: The pandō CLI and MCP server do not send any product telemetry. Website analytics (covered in Section 4) are limited to the marketing pages and do not see your code or any product activity. If we introduce optional product telemetry in the future, it will be strictly opt-in.
  • Run Offline: You can disable all network features and run pandō in a fully air-gapped environment.

International Data Transfers

If you are located outside the United States, your account and payment information may be transferred to our servers in the U.S. We use standard contractual clauses and other appropriate safeguards to protect your data when it is transferred internationally.

Children's Privacy

pandō is a professional developer tool not intended for users under the age of 16. We do not knowingly collect data from children.

Privacy in Specific Jurisdictions

For European Users (GDPR):

  • You have the right to access, rectify, erase, and object to the processing of your data. Our legal basis for processing is typically to fulfill our contract with you (the Terms of Service) or for legitimate business interests.

For California Residents (CCPA):

  • You have the right to know what data we collect and to request its deletion. We do not "sell" your personal information as defined by the CCPA.

Changes to This Notice

We update this notice when we ship new features or respond to legal requirements. For material changes we will, where we hold a contact address for you (for example, through an Organization licensing relationship), email that address, and we will post a notice on this page at least 14 days before the update takes effect.

questions?

Get in Touch

For any privacy-related questions, we're here to help.

Contact