cmd

Privacy Policy

Effective May 22, 2026

This policy covers cmdapp.io, CMD account services, release downloads and updates, and the cmd mail, cmd voice, and cmd bar Mac apps.

Overview

cmd builds native Mac apps for focused work. We do not operate a hosted mailbox service, sell personal information, run advertising profiles, or use website or product data for cross-context behavioral advertising.

The CMD account dashboard provides identity, workspace, entitlement, connected-account, and read-only subscription surfaces. Product content remains product-owned and is not displayed in the dashboard.

Information We Process

  • Standard hosting logs and request metadata, such as IP address, browser or app user agent, requested URL, and time of request.
  • CMD Platform profile data from Supabase Auth, such as email, display name, avatar URL, workspace membership, entitlement rows, connected-account metadata, and read-only subscription metadata.
  • Release and update data needed to serve downloads, Sparkle appcasts, release notes, checksums, OAuth callback pages, and product download gates.
  • Support data you choose to send us, such as emails, feedback, screenshots, or diagnostics exports.

cmd mail

cmd mail connects to email providers you authorize, such as Gmail or iCloud, so you can read, triage, search, compose, and manage email from the Mac app.

  • Mailbox data may include message metadata, subjects, snippets, message bodies, mailbox or label state, attachment metadata, attachment bytes you fetch, local drafts, scheduled sends, and queued actions.
  • Gmail OAuth tokens and iCloud app-specific passwords are stored in account-scoped macOS Keychain entries, not in cmd mail's SQLite database or the cmd website.
  • The Mac app stores mailbox cache data locally in Application Support using SQLite, along with settings, sync cursors, undo state, diagnostics summaries, and recent operation state.

Google User Data

When you connect Gmail, cmd mail requests Gmail permissions needed for the app's email features. Gmail data is used only to provide or improve user-facing email functionality in cmd mail, including sync, rendering, local search, attachments, compose, and mailbox actions you initiate or schedule.

cmd mail's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We do not sell Google user data, use it for advertising, use it to determine creditworthiness, or allow humans to read it except when you ask for support, when necessary for security or abuse investigation, or when required by law.

CMD Voice

CMD Voice is a native macOS dictation app. Dictation history, diagnostics, settings, and local recovery files are stored on your Mac.

  • CMD Voice uses your CMD account for identity, workspace access, Voice entitlements, authenticated included-usage requests, and metadata-only usage or billing records.
  • When OpenAI cloud transcription is selected, microphone audio may be streamed to OpenAI while dictation is active. If realtime transcription fails, a saved WAV fallback may be sent to OpenAI for transcription.
  • Optional cloud cleanup can send transcript text and limited edit context to the selected provider. Selected text and custom vocabulary prompts are sent only when the matching Voice entitlement is available.
  • Local usage scaffolding stores metadata only, such as dictation event count, provider kind, duration, feature key, status, workspace id, and platform user id. It does not store raw audio, transcripts, selected text, cleanup prompts, API keys, recovery audio paths, or app/window titles.

cmd bar

cmd bar is a native macOS launcher app. Clipboard history, snippets, quick links, settings, and command content are stored on your Mac.

  • cmd bar uses your CMD account for identity, workspace access, Bar entitlements, and metadata-only usage records.
  • cmd bar does not upload clipboard text, snippet bodies, quick-link URLs, search queries, app/window details, or command content to CMD Platform.
  • Local usage scaffolding stores metadata only, such as event id, timestamp, product key, feature key, platform user id, workspace id, command provider id, command category, result, and optional non-content failure code.

How We Use Information

  • To operate account sign-in, workspace visibility, product access status, and billing-readiness surfaces.
  • To provide app features you request, including mail sync, local search, rendering, dictation, transcription, text insertion, launcher actions, clipboard history, snippets, and quick links.
  • To provide downloads and updates through product release sites, Sparkle appcasts, release metadata, checksums, and release notes.
  • To respond to product access, support, security, or feedback requests.
  • To operate, secure, troubleshoot, and improve the website and product access flow.

Sharing

We share information only in the limited ways needed to operate cmd:

  • Email providers, such as Google or Apple iCloud, receive requests needed to sync mail and perform actions you authorize.
  • Infrastructure providers, such as Vercel for hosting and Supabase for CMD account services, process website and account data for us.
  • AI providers, such as OpenAI, receive audio, transcript, or edit-context data only when you use Voice features that depend on those providers.
  • Support or security reviewers may receive information you intentionally send to us.
  • Authorities, courts, or other parties may receive information if required by law or needed to protect rights, safety, and security.

We do not sell personal information and do not share it for cross-context behavioral advertising.

Storage And Security

The Mac apps store product content locally where possible. App credentials and CMD Platform session tokens are stored in macOS Keychain. Data may also be included in local backups or device sync services depending on your macOS settings.

We use reasonable administrative, technical, and organizational safeguards, including HTTPS for network requests, Keychain-backed credential storage, redacted diagnostics, and release checks intended to keep secrets out of bundled artifacts. No system can be guaranteed perfectly secure.

Your Choices

  • You can disconnect or remove connected accounts in the apps. For Gmail, you can also revoke access from your Google Account security settings; for iCloud, you can revoke an app-specific password from your Apple Account settings.
  • You can delete local app data through macOS by removing the app's Application Support data and Keychain items.
  • You can ask us to delete support data you sent us by emailing frank@oftring.io.

Children

cmd is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child provided personal information, contact us and we will take appropriate steps.

Changes

We may update this policy as cmd changes. If we make material changes, we will update the effective date and provide notice appropriate to the change.

Contact

Questions or privacy requests can be sent to frank@oftring.io.