Category
Error reports
Data
Anonymous installation ID, violation codes, status summary, minimal diagnostic attachments
Purpose
Incident analysis and quality improvement
Privacy Policy
Privacy Policy
Effective date: 2026-02-19
SpecAnchor processes data under principles of minimization and purpose limitation.
1. Data Collected and Purpose
Category
Local settings
Data
Language preference, telemetry opt-out, local state files
Purpose
Service operation and UX
Category
Optional feature
Data
OpenAI API key (stored locally and encrypted only if user opts in)
Purpose
Enhanced AI explanation feature
2. Data Minimization and Anonymization
- Source code, SoT content, absolute file paths, API keys and tokens are excluded from transmission.
- Path data is hashed and sensitive patterns are masked.
- Telemetry targets error-centric events only by default, not broad behavioral tracking.
3. Transmission Security
- Default transport uses HTTPS (TLS).
- If a public key is configured, envelope encryption (AES-GCM + public key wrapping) is used.
- On encryption failure, plaintext fallback is blocked; the event stays queued for controlled retry.
4. Retention
Queued telemetry and failed items are cleaned after policy windows (for example, 7 days) or when no longer needed for operational purposes.
5. Third-party Sharing and Processing
Except where required by law, data is not shared beyond stated purposes. If external infrastructure/processors are introduced, this policy will be updated accordingly.
6. Your Rights
- You can opt out of telemetry from settings at any time.
- You can remove locally stored API keys with the Forget action.
- You can request policy and processing information through the contact channel.
7. Contact
Contact: support@specanchor.com