Privacy, by design

Your data never leaves your Mac.

From the logins you connect to the live data your widgets show — the whole journey happens on your device. Not on our servers. Not where the AI can see it. Only yours, start to finish.

How your data stays on your Mac

Everything stays on your Mac

The tools you connect

SStripe

OOdoo

GitHub

Your private vault

Logins are sealed here the moment you add them.

Your widget

Live data is shown here, on your screen — and nowhere else.

We can't see it

Nothing reaches our servers

The AI can't see it

It never receives your data

Four walls, not one promise.

Privacy here isn't a policy you have to trust — it's four separate things the app is built to make impossible. Here's each one, and how it's held in place.

01 · Your logins

A login never becomes text.

You only ever type a key or password into the app's own native fields — never into a widget, never into a chat. It goes straight into the macOS Keychain, encrypted, in a store kept well away from any code.

Stored encrypted in the Keychain — not in a file, not in the widget.

The app and the AI only ever see the label — which service, which fields. Never the value.

A widget is handed a value only while it runs, and only if it was granted that exact connection.

How it's enforced

Values live in a separate, Keychain-encrypted store. Generated code can't contain them, and the local build history has no field they could ever land in.

Kept in the KeychainEncrypted

SStripe · secret key••••••••

OOdoo · API key••••••••

All the AI ever receives

service: stripe
fields: secret_key (value hidden)

02 · Every widget

A widget can't phone home.

Each widget runs locked in a sandbox with no access to your Mac and no internet of its own. The only way it can reach the outside world is one gateway inside the app — logged, time-limited and size-capped — so every request is accounted for.

No file access, no system access — generated code never runs with real privileges.

It can't load outside scripts and has no direct connection to the internet at all.

One widget can never read another's data — the app tags each request by its own window.

How it's enforced

Widgets run fully sandboxed with isolation on; a strict content policy blocks all direct network access; the request bridge derives a widget's identity from its own window, so it can't be claimed or spoofed.

Sandbox

Your widget

no internet of its own

Direct connection to the internet — blocked

One audited gateway

logged · timed · size-capped

03 · Logging in

Sign in once. We keep the session, never the secret.

Some services have no public way in — just a login. So you sign in once, yourself, in a window that belongs to the app. We keep only the resulting session, fenced to that service. Your password is never stored, and never seen.

You do the password, 2FA and OAuth — the app only watches for the door to open.

Each connection is fenced to an allow-list of addresses; anything else is refused.

Anything that could change your data — not just read it — asks you first, and defaults to No.

How it's enforced

Only the session lives on, in an isolated store per connection. Requests are matched against the allow-list; any write action triggers a native confirmation that defaults to “Deny”. The widget only ever acts as you, with your nod.

allowed · dashboard.stripe.comallowed · api.stripe.comeverywhere else

Allow this change?

“Habit Streak” wants to post an update to your account on stripe.com. This will change data on your behalf.

DenyAllow once

Default is Deny · reads never ask

04 · The AI

It builds the widget, then steps away.

This is the part people ask about most, so plainly: the AI helps make the widget. It never sees what's inside it. It works from your description and the names of your fields — your real numbers are fetched and shown on your Mac long after its job is finished.

It sees your words and your field names — never a single value, never your data.

The live data only flows after building is done — entirely on your device.

When it needs to learn a service, it watches in a strictly read-only window and treats what it sees as untrusted.

How it's enforced

The AI is only ever given connection metadata, never values — and by design there is no path for a credential to reach the build at all. Runtime data fetching happens after its turn, behind the gateway it never touches.

The AI sees

“a tracker for my revenue this quarter”odoo · field: api_key

The AI never sees

api_key: 7c2f9a…e1b4revenue: €48,210.00

Anatomy of one refresh

What actually happens when a widget asks for data.

Not the principles — the mechanics. Here is every step a single number takes, from the widget asking for it to the moment it's on your screen.

The widget asks — but can't fetch it itself

A widget never has a line to the internet. When it needs fresh numbers it hands the request to the app's gateway and waits — it can't reach anything on its own.

The gateway checks it's allowed

Before anything leaves your Mac, the gateway confirms this widget was granted this connection and that the address is on its allow-list. A request to anywhere else is simply refused.

It's sent from your Mac, with the sealed session

The gateway makes the call straight to the source, attaching the encrypted login or session from the Keychain — and quietly re-unlocks it if it had expired. The credential is used, never revealed, and the trip never passes through us.

It's drawn on screen, then it's gone

The reply comes straight back to the widget and is drawn onto it. Nothing is copied off, nothing is logged with its values, nothing is sent on. Next refresh, the exact same path runs again — all on your Mac.

At no point — not while a widget is being made, not while it's running — can we or the AI read your logins or your data. There's no moment where it's exposed, because it never goes anywhere it could be.

Straight answers.

No. They're encrypted into the macOS Keychain the moment you add them, kept in a separate store from any code. We only ever see which service a connection is for and the names of its fields — never the values, and there's no field in our logs they could ever land in.

Built to keep your world yours.

Make something useful without handing your data to anyone — including us.

Download for Mac Back to home