Privacy Policy

Last updated:

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Password (encrypted)

Usage Information

We automatically collect:

  • Session activity: Connection timestamps, session duration
  • Device information: Browser type, operating system
  • Error logs: Technical errors and debugging information

Cookies

We use strictly necessary cookies for authentication:

  • auth_token: httpOnly JWT for authentication
  • loggedin: Flag for UI enhancement (no data)

No cookie consent banner is required as these cookies are essential for the service. They are exempt under ePrivacy Directive Article 5(3).

2. Terminal Session Data

What We Transmit

klaas transmits terminal output from your Claude Code sessions to your connected devices:

  • Terminal text output is streamed in real-time
  • Data is encrypted in transit (TLS/WSS)
  • We do NOT store terminal session content - it is only relayed

What We Do NOT Collect

  • The content of your code or projects
  • Commands you type into Claude Code
  • File contents from your system
  • Any data from your local environment

3. How We Use Your Information

We use collected information to:

  • Provide and maintain the service
  • Authenticate users and maintain account security
  • Connect your terminal sessions to your devices
  • Enforce rate limits and prevent abuse
  • Analyze usage patterns to improve the service
  • Send service-related emails (verification, notifications)

4. Data Sharing and Disclosure

We do NOT sell or rent your personal information to third parties.

We may share data with:

  • Service Providers: Cloudflare (hosting, real-time infrastructure)
  • Legal Requirements: If required by law or to prevent fraud/abuse

5. Data Retention

We retain data as follows:

  • Account data: Until account deletion
  • Session metadata: 30 days (timestamps, duration only)
  • Terminal content: NOT retained - streamed only
  • Logs: 30 days

6. Your Rights (GDPR/CCPA)

You have the right to:

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Erasure: Delete your account and data
  • Portability: Export your data
  • Objection: Object to data processing

To exercise these rights, contact us at [email protected].

7. Security Measures

We implement security measures including:

  • Encryption in transit (HTTPS/TLS/WSS)
  • Encrypted password storage (bcrypt)
  • httpOnly cookies to prevent XSS attacks
  • Device authorization flow (no passwords on disk)
  • Rate limiting to prevent abuse

8. Third-Party Services

We use the following third-party services:

9. Children’s Privacy

Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

10. International Data Transfers

Your data may be processed in data centers worldwide. We ensure appropriate safeguards are in place for international transfers.

11. Changes to Privacy Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated “Last updated” date.

12. Contact Us

For privacy-related questions or concerns, contact us at:

Email: [email protected]