Privacy Policy
Archgate ("we", "us", "our") is an open-source CLI tool for enforcing Architecture Decision Records (ADRs) as executable rules. This Privacy Policy explains how we collect, use, and protect information when you use the Archgate CLI, our documentation site, or our website.
Our principles
- Minimal collection. We only collect what we need to improve the tool.
- No personal data. We do not collect names, emails, usernames, IP addresses, or any personally identifiable information through the CLI or websites.
- Full transparency. Our telemetry implementation is open source. You can inspect every data point we collect in the source code.
- Easy opt-out. A single command or environment variable disables all telemetry.
What the CLI collects
Usage analytics (PostHog)
When you run an Archgate command, we record anonymous usage data to understand how the CLI is used, prioritize features, and identify problems. This includes:
- Command name and flags used (flag presence only, never flag values)
- Exit code and execution duration
- Environment metadata: operating system, CPU architecture, Bun version, Archgate version, CI provider detection, TTY and WSL detection, shell type, and locale
- Install context: how the CLI was installed (binary, proto, npm, or local dev dependency)
- Project context: whether an Archgate project exists, number of ADRs and rules, and number of domains
- Repository context (non-identifying): whether a git repo exists, the hosting platform bucket (github/gitlab/bitbucket/azure-devops/other), a SHA-256 hash of the remote URL (truncated, not reversible), and the default branch name
- Coarse location: country and region only, resolved server-side from your IP address, which is then immediately discarded (see IP Anonymization below)
- Anonymous install ID: a random UUID generated on first run, not derived from any personal data
Specific commands send additional context: check sends aggregate
rule counts, init sends the editor choice, and upgrade sends version transition info. No file paths, source code, ADR content,
or AI prompts are ever included.
For public repositories confirmed via an unauthenticated API probe, a
one-time project_initialized event on archgate init may include the remote URL, owner, and repository
name. Private, self-hosted, or unconfirmed repositories never have this
information shared.
Error tracking (Sentry)
When the CLI crashes (exit code 2), we send:
- Error type, message, and stack trace (file paths stripped to relative paths)
- Runtime context: operating system, architecture, Bun version, Archgate version
- Anonymous install ID (same random UUID as analytics)
What the CLI does NOT collect
- No source code or file content
- No ADR content, rule output, or violation details
- No AI prompts, agent interactions, or generated code
- No flag values, API keys, tokens, or credentials
- No browsing history, cookies, or cross-site tracking
Archgate Plugins Service
The Archgate Plugins Service (plugins.archgate.dev)
handles plugin distribution and user authentication. Unlike the CLI
telemetry described above, this service does collect personal information when you create an account.
Account creation (signup)
When you sign up via archgate login, we collect:
- Email address — provided by you during signup or prefilled from your GitHub account
- GitHub username — retrieved from the GitHub API after you authorize via OAuth (GitHub Device Flow)
- Editor choice — which editor you plan to use (Claude Code, VS Code, Cursor, or Copilot CLI)
- Use case description — a short free-form text you provide describing how you plan to use Archgate
This data is stored in our database and used to provision your account, send you a welcome email, and understand how Archgate is being adopted.
Authentication tokens
When you log in, we issue an authentication token for plugin downloads. We store:
- Token hash — a SHA-256 hash of your token (the raw token is returned once and never stored on our servers)
- GitHub username — used as your user identifier
- Usage metadata — download count, last used timestamp, creation date, and expiration date (90 days by default)
On your machine, the token and GitHub username are stored in your operating system's credential manager (macOS Keychain, Windows Credential Manager, or Linux libsecret) — never as plain-text files.
Email communications
We send a one-time welcome email when you sign up. Emails are delivered via Resend. We do not send marketing emails, newsletters, or promotional content unless you explicitly opt in.
What the Plugins Service does NOT collect
- No real names or physical addresses
- No payment or billing information
- No source code, repository content, or ADR content
- No IDE telemetry or editor usage data beyond the initial editor choice at signup
- No IP addresses are stored — request IPs are used only for rate-limiting and discarded
Account deletion
To delete your account and all associated data, run archgate login logout to revoke your token locally, then contact
us at [email protected] to request
deletion of your signup data from our database.
IP anonymization
Archgate uses PostHog's built-in IP anonymization. The CLI sends
events with $ip: null. PostHog resolves your IP to a
country and region server-side, then discards the IP address entirely.
It is never stored.
For Sentry, the project has "Prevent Storing of IP Addresses" enabled. IP addresses are stripped before storage.
How to opt out of CLI telemetry
You can disable all CLI telemetry (both analytics and error tracking):
Environment variable:
export ARCHGATE_TELEMETRY=0
Accepted values: 0, false, no, off (case-insensitive). Add to your shell profile for permanent
opt-out.
CLI command:
archgate telemetry disableThe environment variable takes precedence. When set, telemetry is disabled regardless of the CLI config.
What the websites collect
archgate.dev (marketing site)
The Archgate website uses Cloudflare Web Analytics, a privacy-first analytics service that:
- Does not use cookies
- Does not track individual visitors
- Does not collect personal information
- Provides only aggregate page-view and performance metrics
We also use PostHog for anonymous web analytics on
this site. PostHog is configured with person_profiles: "identified_only", meaning no user
profiles are created for anonymous visitors. Only aggregate page-view
and interaction data is collected.
No other third-party advertising or tracking services are used on this site.
cli.archgate.dev (documentation site)
The documentation site uses Cloudflare Web Analytics with the same privacy properties described above.
Cookies
The Archgate CLI does not set or read cookies.
The archgate.dev and cli.archgate.dev websites do not use cookies for analytics or tracking. If cookies are present, they are solely from infrastructure providers (such as Cloudflare) for operational purposes like bot protection, and contain no personal data.
Data storage and retention
| Service | Data | Region | Retention |
|---|---|---|---|
| PostHog Cloud | Anonymous usage analytics | EU | Per PostHog's standard retention policy |
| Sentry Cloud | Crash reports | EU | 90 days |
| Turso | Signup data and token hashes (Plugins Service) | EU | Until account deletion is requested |
| Cloudflare | Aggregate web analytics | Global (edge) | Per Cloudflare's retention policy |
All data is transmitted over HTTPS.
Third-party services
We use the following third-party services:
- PostHog — Anonymous CLI and web usage analytics. PostHog Privacy Policy.
- Sentry — CLI crash reporting. Sentry Privacy Policy.
- Cloudflare — Website hosting and privacy-first web analytics. Cloudflare Privacy Policy.
- GitHub — Source code hosting, binary releases, and CI/CD. GitHub Privacy Statement.
- npm — Package distribution. npm Privacy Policy.
- Resend — Transactional email delivery for welcome emails. Resend Privacy Policy.
- Turso — Database hosting for the Plugins Service (signup and token data). Turso Privacy Policy.
We do not sell, rent, or share any data with third parties for advertising or marketing purposes.
Open-source transparency
Archgate is open source under the Apache-2.0 license. You can verify every privacy claim in this policy by reading the source code:
Children's privacy
Archgate is a developer tool and is not directed at children under the age of 13. We do not knowingly collect any information from children.
Changes to this policy
We may update this Privacy Policy from time to time. Changes will be reflected by the "Last updated" date at the top of this page. Since we do not collect personal data, we have no way to notify individual users of changes. We encourage you to review this page periodically.
Contact
If you have questions about this Privacy Policy or Archgate's data practices, please open an issue on GitHub or contact the maintainers at [email protected].