Privacy Policy
Last updated: July 2, 2026
threadctx (“threadctx,” “we,” “us”) provides shared memory for AI coding agents. This policy explains what we collect, why, and what we deliberately do not collect. The short version: our design goal is to touch as little of your data as possible, and local mode touches none of it.
Local mode sends nothing to us
The open-source threadctx-mcp package in local mode stores everything in a plain file on your own machine (~/.threadctx/local.json). It makes no network calls to threadctx, contains no telemetry, and requires no account. The only network calls local mode can make are to an LLM provider you configure (and only if you run the optional capture command, which is off by default). We never see any of it.
What cloud (Team) mode stores
When you use a hosted Team plan, we store:
- Memory entries your agents or team members write — the note content, any tags, and a repository identifier (e.g. your-org/your-repo). These are the short learnings your agents choose to save; they are not your source code.
- Account & billing data — your team name, a billing email, and the Stripe customer/subscription identifiers needed to run your subscription. Card and payment details are handled entirely by Stripe; we never receive or store them.
- An anonymous developer identifier — a random UUID generated on-device and sent only to count how many distinct seats are active on your plan. It contains no name, email, IP, or machine fingerprint.
- Operational logs — standard, short-retention request logs kept by our hosting provider for reliability and abuse prevention.
We do not sell your data, and we do not use your memory content to train models.
API keys, not passwords
threadctx has no username/password accounts. Your team API key is your credential; we store only a one-way hash of it, never the key itself. If you use the web dashboard, your key is kept in your own browser's local storage and sent only to the threadctx API — never to any third party.
Sub-processors
Cloud mode relies on a small set of infrastructure providers, each handling only what its function requires:
- Vercel — application hosting.
- Neon — the primary database (memory entries, tenant records).
- Upstash — the vector index for semantic search, which embeds memory text via an OpenAI embedding model to power recall.
- Stripe — payment processing and subscription management.
- Resend — delivery of contact-form and support email.
If you run the optional capture command, it calls the LLM provider you configure (e.g. Anthropic or OpenAI) directly with your own key — that traffic never passes through threadctx.
Retention & deletion
Memory entries are kept until you delete them (individually from the dashboard, or in bulk) or until your team asks us to remove them. If you cancel your subscription, recall stops and you can request full deletion of your team's data. To delete everything, email founders@threadctx.dev and we'll remove your records from our database and vector index.
Security
All traffic to the hosted service uses TLS. API keys are stored only as salted hashes. Memory is scoped per team and per repository, and every request is authenticated. No system is perfectly secure, but we keep the attack surface small by storing as little as possible.
Your rights
You can view, edit, export, and delete your team's stored memory at any time from the dashboard, and manage or cancel billing from the Stripe customer portal. For access or deletion requests we can't satisfy through those tools, contact us and we'll help.
Children
threadctx is a tool for professional software development and is not directed to anyone under 16. We don't knowingly collect data from children.
Changes to this policy
We may update this policy as the product evolves. Material changes will be reflected here with a new “last updated” date.
Contact
Questions about privacy? Email founders@threadctx.dev.