cairn

Privacy Policy

Last updated: June 20, 2026

cairn is a local-first desktop app that turns your daily development activity into a worklog published to Notion. This policy explains what data cairn handles and what — if anything — leaves your machine.

What stays on your device

Your worklogs, source code, diffs, file paths, commit messages, repository names, and the access tokens you connect (GitHub, Notion, Anthropic) stay on your computer. cairn never sends source code or diffs to us or to any third party beyond the services you explicitly configure.

Google Sign-In (optional)

Cross-device sync is optional. If you enable it, you sign in with Google. We receive your basic Google profile — name, email address, and profile picture — solely to identify your account across devices. We do not access your Google data beyond this.

What syncs across devices

When sync is enabled, only aggregate statistics are stored on our server: dates, category (daily/weekly/monthly), pull-request and commit counts, and a per-hour activity histogram — the same numbers already shown on your dashboard.

We never sync source code, diffs, file paths, repository names, commit messages, worklog contents, or any access tokens. These fields do not exist in the sync schema.

Where data is stored

Account and synced statistics are stored in a managed PostgreSQL database (Supabase). Authentication is handled by Better Auth on our web backend. Data is transmitted over HTTPS.

Anonymous usage telemetry

The desktop app sends anonymous telemetry (PostHog) to understand usage: a random install id, app version, OS/architecture, and event names (such as app launch and publish outcome). It contains no worklog content, titles, repository names, paths, or tokens. You can turn it off in Preferences → About.

Website analytics

This website uses privacy-friendly, cookieless analytics (Vercel Web Analytics) to count visits and page views. It sets no cookies and does not collect personal information or build cross-site profiles.

Third-party services you connect

cairn talks directly to Notion, GitHub, and Anthropic (Claude) using tokens you provide. That data flows according to your own configuration and those services' policies — not through us.

Retention and deletion

Signing out removes the local session. You can request deletion of your account and synced statistics at any time by contacting us; removing your account deletes the associated synced data.

No sale of data

We do not sell or rent your personal information.

Changes

We may update this policy; material changes will be reflected here with a new date.

Contact

Questions or deletion requests: cairnlog@gmail.com.