Privacy Policy

1. Who We Are

LeanCTX is an open-source project maintained by Yves Gugger. The CLI tool, MCP server, Chrome extension, and this website are all part of the lean-ctx project. Source code is publicly available at github.com/yvgude/lean-ctx.

Contact: privacy@leanctx.com

2. lean-ctx CLI & MCP Server

The lean-ctx binary and MCP server run entirely on your local machine. All compression, caching, and AI tool orchestration happens locally. There are two optional network features:

2a. Version Check (on by default, disableable)

Once per day, lean-ctx fetches leanctx.com/version.txt in a background thread to check if a newer version is available. This request sends only the current version as a User-Agent header - no identifying information, no telemetry, no project data. The result is cached locally in ~/.lean-ctx/latest-version.json for 24 hours.

To disable: Set update_check_disabled = true in ~/.lean-ctx/config.toml or set the environment variable LEAN_CTX_NO_UPDATE_CHECK=1.

2b. Anonymous Compression Stats (opt-in, off by default)

During lean-ctx setup, you are asked whether you want to share anonymous compression statistics. The default is No - you must explicitly type y to enable this.

If enabled, lean-ctx periodically sends anonymized compression stats to api.leanctx.com:

• File type (e.g. .rs, .tsx) and size bucket (e.g. 2k–10k)
• Compression mode used and compression ratio achieved
• Token counts (input/output)

Never sent: file names, file contents, code, prompts, project names, hostnames, usernames, or any personally identifiable information.

To disable after enabling: Remove or set contribute_enabled = false under [cloud] in ~/.lean-ctx/config.toml.

2c. Local Data

Data stored locally in ~/.lean-ctx/:

• Session state - current project root, recent tool calls. Stored in sessions/. Never transmitted.
• Knowledge store - facts you explicitly save via ctx_knowledge remember. Stored in knowledge/. Never transmitted unless you use lean-ctx team push.
• Compression statistics - aggregated counts of tokens saved. Stored in stats.json. Only transmitted if you opt in (see 2b).
• Cache - file content cache for faster reads. Stored in cache/. Auto-expires. Never transmitted.
• Index files - code search indices (BM25, graph). Stored in index/. Never transmitted.

No crash reporting, no usage analytics, no tracking. The two network features described above are the only outbound requests lean-ctx ever makes.

3. Chrome Extension

The lean-ctx Chrome extension compresses text locally before it is pasted or sent in AI chat interfaces (ChatGPT, Claude, Gemini, etc.).

Data accessed:

• Clipboard content - read during paste events to compress text before inserting it into the chat input. The original and compressed text never leave your device.
• Active tab content - the extension reads and modifies the chat input field on supported AI sites. No other page content is read.

Data stored (local only):

• Settings - enable/disable toggles. Stored in chrome.storage.local. Never synced or transmitted.
• Usage statistics - total tokens saved and compression count. Stored in chrome.storage.local. Never transmitted.

Native messaging: When the lean-ctx binary is installed, the extension communicates with it via the Chrome Native Messaging API over a local pipe. Text is sent from the browser to your local binary for compression and returned. No external network requests are made during this process.

The extension does not collect, store, or transmit: your code, prompts, chat history, browsing history, personally identifiable information, or any other user content.

4. leanctx.com Website

The website is a static site hosted on a dedicated server. Standard web server access logs are kept for up to 30 days for security and operational purposes. These logs contain IP addresses, browser user-agent strings, and requested URLs.

The website does not use: Google Analytics, tracking pixels, advertising cookies, or any third-party analytics. It uses Pagefind for local full-text search - all search processing happens in your browser.

5. lean-ctx Cloud (Optional)

Cloud features are entirely opt-in. They are activated by running lean-ctx login <email>. If you never run this command, no data is ever sent to our servers.

What we collect if you opt in:

• Email address - used for account identification and to send you your API key. Not sold or shared with third parties.
• Anonymized compression statistics - file type (e.g. .rs, .tsx), file size bucket (e.g. 2k–10k), compression mode used, and compression ratio achieved. Never file names, file contents, code, prompts, or project names.
• Team knowledge - only if you explicitly run lean-ctx team push. Only the key/value pairs you have explicitly saved via ctx_knowledge remember are uploaded.

What we never collect: your code, file contents, file names, project names, prompts, chat history, or any other content from your projects.

Credentials are stored locally in ~/.lean-ctx/cloud/credentials.json. You can delete your account and all associated data at any time by contacting privacy@leanctx.com.

6. Data Retention

• Local data - stored indefinitely until you run lean-ctx uninstall or manually delete ~/.lean-ctx/.
• Cloud account data - retained until you request deletion.
• Web server logs - retained for 30 days.

7. Third-Party Services

lean-ctx does not embed or call any third-party analytics, advertising, or tracking services. GitHub is used for source code hosting and release distribution. When you install lean-ctx via Homebrew, Cargo, or npm, standard package manager network requests are made to the respective registries.

8. Children's Privacy

lean-ctx is a developer tool not directed at children under 13. We do not knowingly collect data from children.

9. Changes to This Policy

If we make material changes to this policy, we will update the "Last updated" date at the top of this page and note the change in the CHANGELOG.

10. Contact

Questions or requests regarding your data:
privacy@leanctx.com
GitHub Issues