Privacy Policy

Last updated: 28 March 2026

1. Local-First Architecture

Sidereal is designed to run locally on your device. Your vault data, notes, credentials, and automation outputs remain on your machine. We do not operate servers that store or process your personal content.

2. What We Collect

We collect minimal data necessary to operate the marketplace and licensing system:

License validation: When the app checks your license status, it sends your license key to our registry API. No vault content or personal data is transmitted.
Marketplace browsing: Standard HTTP request data (IP address, user agent) when you browse the marketplace or fetch the plugin catalog. No tracking cookies or analytics scripts.
Purchases: Payment data is collected and processed by Paddle, our merchant of record. We receive transaction confirmations (amount, product, email) but never see card numbers or bank details.

3. What We Do Not Collect

Your vault or note contents
Your email messages, calendar events, or task data
Dispatch results or automation outputs
Credential store contents (API keys, passwords)
Fleet peer data or cross-machine sync content

4. Third-Party Services

Paddle (merchant of record) processes payments and manages subscriptions. Their privacy policy applies to payment data: paddle.com/legal/privacy.

Cloudflare hosts our registry API and marketplace website. Standard Cloudflare infrastructure logging applies.

MCP plugins you install may connect to external services (email providers, calendar services, etc.) as configured by you. Each plugin's data access is declared in its manifest and enforced by the Sidereal sandbox.

5. Data Storage

License tokens are stored locally on your device in the Secure Enclave (or software-equivalent encrypted storage). We store license records on our registry infrastructure (Cloudflare Workers KV) for validation purposes.

6. Your Rights

Under Australian Privacy Act 1988, you have the right to access, correct, or delete personal information we hold. Contact [email protected] to exercise these rights.

7. Changes

We may update this policy from time to time. Material changes will be communicated via the application or email.

8. Contact

For privacy inquiries, contact us at [email protected].