|
| 1 | +# Privacy Policy |
| 2 | + |
| 3 | +**Last updated: 2026-03-20** |
| 4 | + |
| 5 | +## Overview |
| 6 | + |
| 7 | +The Spec-Driven Development Plugin runs entirely on your local machine. It does not collect, transmit, or store any personal data or telemetry. |
| 8 | + |
| 9 | +## Data Handling |
| 10 | + |
| 11 | +### What the plugin accesses |
| 12 | + |
| 13 | +- **Local files** -- The plugin reads and writes files within your project directory, specifically under `.claude/specs/` for spec artifacts (requirements, design, tasks, progress logs). |
| 14 | +- **Git repository** -- The plugin uses git commands to create worktrees, branches, and commits within your local repository. |
| 15 | +- **Claude CLI** -- The plugin invokes the `claude` CLI for autonomous execution. All interactions with the Claude API are handled by the Claude CLI itself, subject to Anthropic's privacy policy. |
| 16 | + |
| 17 | +### What the plugin does NOT do |
| 18 | + |
| 19 | +- Does not collect analytics or telemetry |
| 20 | +- Does not phone home or make network requests (other than through the Claude CLI) |
| 21 | +- Does not access files outside your project directory |
| 22 | +- Does not store data outside your project directory (except git worktrees under `.claude/specs/.worktrees/`) |
| 23 | +- Does not read or access credential files, environment variables, or secrets |
| 24 | +- Does not send your code or spec contents to any third-party service |
| 25 | + |
| 26 | +## Third-Party Services |
| 27 | + |
| 28 | +The plugin delegates to the Claude CLI for AI-powered tasks (requirements writing, code generation, testing). These interactions are governed by [Anthropic's Privacy Policy](https://www.anthropic.com/privacy) and your Claude account terms. |
| 29 | + |
| 30 | +The optional `gh pr create` suggestion uses the GitHub CLI, which is governed by [GitHub's Privacy Statement](https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement). |
| 31 | + |
| 32 | +## Data Storage |
| 33 | + |
| 34 | +All plugin-generated data is stored locally in your project: |
| 35 | + |
| 36 | +| Data | Location | Purpose | |
| 37 | +|------|----------|---------| |
| 38 | +| Spec files | `.claude/specs/<name>/` | Requirements, design, tasks | |
| 39 | +| Progress logs | `.claude/specs/<name>/progress.md` | Session history | |
| 40 | +| Worktrees | `.claude/specs/.worktrees/` | Isolated implementation branches | |
| 41 | +| Generated docs | `.claude/specs/<name>/docs/` | API refs, user guides | |
| 42 | + |
| 43 | +No data is stored outside your project directory or transmitted externally by the plugin. |
| 44 | + |
| 45 | +## Changes to This Policy |
| 46 | + |
| 47 | +Updates to this policy will be reflected in this file with an updated date. Check the [git history](https://github.com/Habib0x0/spec-driven-plugin/commits/main/PRIVACY.md) for changes. |
| 48 | + |
| 49 | +## Contact |
| 50 | + |
| 51 | +For questions about this privacy policy, open an issue at [github.com/Habib0x0/spec-driven-plugin](https://github.com/Habib0x0/spec-driven-plugin/issues). |
0 commit comments