Last updated: April 19, 2026
BossMode is local-first: the CLI, daemon, and agent harnesses run on your machine, and the control plane at bossmode.ing is the synchronized mirror. We process customer account data, operational telemetry, connected-system metadata, and customer-provided business context in order to deliver the service. Where GDPR applies, we act as processor for customer content and as controller for account, billing, security, and product-improvement data.
Standard retention keeps customer operational records for up to one year unless a shorter verified deletion request applies. Enterprise customers may negotiate a custom retention profile. Verified deletion requests trigger a 30-day grace period before hard deletion.
Subject to applicable law, you may request access, correction, export, deletion, restriction, or objection. BossMode supports NDJSON export and account deletion workflows for owner users. Additional processing details are described in the DPA.
We rely on infrastructure providers including Convex, Vercel, Stripe, Resend, Sentry, Cloudflare, WorkOS, and LLM providers (Anthropic, OpenAI, Google, xAI) selected by the customer. See the live list at /subprocessors.
Privacy requests can be sent to privacy@bossmode.ing.
We use consent-gated PostHog product analytics to understand feature adoption, Pilot Training progress, approval actions, connection setup, and Trust Pack outcomes. Autocapture of keystrokes, input values, rage clicks, and session recording is disabled by default.