Privacy Policy

cmdHalo is designed with privacy as a core principle. We collect minimal data and process everything locally on your Mac by default. Your keyboard activity, search text, screen content, and shortcut data are never transmitted to any server.

• Keystrokes or keyboard input
• Application usage content or history details
• Screen content or screenshots
• Personal files or documents
• Email content, document names, or message bodies

The following data is stored exclusively on your Mac and never leaves your device:

• User preferences — trigger key, hold duration, theme, and display settings stored in a local SQLite database
• Shortcut cache — cached keyboard shortcuts for recently used applications to improve performance
• License key — stored securely in the macOS Keychain, never in plain text
• Optional local usage statistics — overlay opens and shortcut executions remain stored on-device unless you clear them

cmdHalo requires macOS Accessibility permission to detect keyboard shortcuts from application menus. This permission is used solely to read menu items and their associated keyboard shortcuts. We do not log, record, or transmit any information obtained through this permission.

When you activate your license, cmdHalo contacts the Gumroad API to verify your license key. The verification occurs:

• Once during initial activation
• Periodically (every 30 days) for revalidation
• An offline grace period ensures the app works without internet access

License verification transmits only the data required to validate and activate the license for your device. It does not transmit keystrokes, search text, screenshots, or document content.

If you explicitly enable Share anonymous product analyticsinside the app, cmdHalo may send a small set of product events to our backend to help improve reliability and product decisions.

• App launch
• Overlay shown
• Shortcut executed
• Settings section opened
• License activation success or failure
• Update check result

These events are anonymous and optional. They never include keystrokes, search text, shortcut titles, terminal commands, file names, email content, screenshots, or document content. We do not sell or share this product analytics data with third parties.

The cmdHalo website asks for consent before enabling analytics. If accepted, we use Vercel Analytics for aggregate traffic metrics. Sentry is used for essential error monitoring and stability diagnostics. The license verification API endpoint processes only the license key you submit and does not store personal browsing profiles.

Website base URL: https://www.cmdhalo.app.

• Gumroad — handles payment processing and license management. Their privacy policy applies to purchase transactions. Visit gumroad.com/privacy for details.
• Vercel Analytics — enabled only after consent for anonymous web analytics.
• Sentry — used for essential error monitoring and stability diagnostics.

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date. Continued use ofcmdHalo after changes constitutes acceptance of the revised policy.

For privacy-related questions, contact us at support@cmdhalo.app.