Locus

Legal

Privacy Policy

Last updated: February 24, 2026

1. Introduction

Locus AI ("Locus", "we", "us", or "our") develops the Locus CLI tool and this website (locusai.dev). This Privacy Policy explains how we handle your information. Locus is a local-first, GitHub-native tool — it has no cloud backend, no user accounts, and no server-side data storage.

2. Information We Do Not Collect

Locus is designed to be fully local. The following data never passes through any Locus server:

  • Your source code and repository contents
  • AI provider credentials (Anthropic API keys, OpenAI API keys)
  • AI prompts and AI-generated responses
  • GitHub tokens or authentication data
  • Local file system contents accessed by agents
  • Git diffs, patches, or code review content
  • Your GitHub issues, milestones, labels, or pull requests

3. Information We May Collect

Website Analytics

We may use Google Analytics on this website (locusai.dev) to collect aggregated, anonymous usage statistics such as pages visited, referral sources, and general traffic patterns. This data does not identify individual users.

npm Download Statistics

The CLI is distributed via npm. npm collects its own download statistics, which are publicly available. We do not control or have access to individual download data.

4. Third-Party Services

When you use Locus, your data flows directly between your machine and these third-party services:

  • AI Providers (Anthropic Claude, OpenAI Codex) — Your code and prompts are sent directly from your machine to your chosen AI provider. Locus does not intermediate these requests.
  • GitHub — Issues, milestones, labels, and pull requests are managed via the GitHub CLI (gh) directly from your machine.
  • Google Analytics — We use Google Analytics on this website for aggregated usage statistics.

5. Local Data Storage

Locus stores configuration and session data locally in the .locus/ directory within your project. This includes project settings, REPL session history, execution logs, and run state. All of this data stays on your machine. The .locus/ directory is gitignored by default for sensitive files like config.json.

6. Open Source

Locus is fully open source under the MIT License. You can audit every line of code to verify exactly what data is accessed and where it goes. There is no telemetry, no analytics SDK, and no phone-home behavior in the CLI.

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

8. Contact

If you have questions about this Privacy Policy, please reach out via GitHub Issues.