Legal

Privacy Policy

This Privacy Policy explains what personal data we process across YeePilot website and CLI, why we process it, and what rights you have.

Last updated: March 1, 2026

Legal contact: admin@yee.to

This page is currently available in English only for your selected language.

1. Controller, Scope, and Contact

This Privacy Policy applies to YeePilot website, dashboard, authentication flows, support interactions, and platform-facing CLI authentication endpoints.

The controller for these services is YeePilot.

For privacy requests, use the legal contact listed on this page.

2. Data Categories We Process

Depending on product usage, we process the following categories of personal data:

  • Account and identity data, such as email address and account identifiers.
  • Authentication and security data, such as login/session records, token metadata, and verification events.
  • CLI device metadata, such as hostname, operating system, architecture, distribution, client version, and last-seen timestamps.
  • Technical request metadata, such as IP-related signals, user-agent information, country hints, and security/rate-limit events.
  • Usage and analytics data, including pseudonymized page-view identifiers, active attention-time aggregates, CTA interaction events, and optional viewer IDs in authenticated dashboard flows.
  • Communication and support data you choose to send us.
  • Local CLI data stored on your device, such as session files, command history, audit logs, vault data, and optional portable exports.

3. Purposes and Legal Bases

We process data to run, secure, maintain, and improve YeePilot.

  • Contract performance (for account and service delivery).
  • Legitimate interests (for security, abuse prevention, and reliability).
  • Legal obligations (where processing is required by law).
  • Consent (where legally required and obtained).

4. Cookies and Security Mechanisms

We use essential cookies and equivalent mechanisms for localization, authentication/session continuity, and core security controls.

We do not require optional advertising trackers for basic product access.

We use bot and abuse protection controls, including challenge-response verification where required.

5. Processors and Third-Party Services

We use selected processors and service providers under contractual safeguards and access restrictions.

  • Cloudflare Turnstile for bot-protection and abuse prevention during login flows.
  • Resend for transactional authentication emails (for example magic links).
  • OpenAI, Anthropic, and OpenRouter when CLI users choose those providers for model requests.
  • Hosting and infrastructure providers for web runtime, PostgreSQL database, and optional Redis-backed controls.
  • Telegram for operational alerts only when explicitly enabled by configuration.

6. International Data Transfers

If personal data is transferred internationally, we apply safeguards required by applicable law, such as standard contractual clauses where appropriate.

7. Retention (Concrete Periods and Limits)

We retain personal data only as long as necessary for product operation, security, contractual obligations, and legal compliance.

  • CLI authorization and device-code records are deleted after expiry.
  • Revoked CLI device records are deleted after 30 days.
  • Authentication sessions are retained until expiry under configured session lifetime (currently up to 30 days).
  • Rate-limit keys are short-lived (typically one to ten minutes), and health-transition status keys are retained for up to 24 hours.
  • Pseudonymized web analytics, active attention-time aggregates, CTA interaction event metadata, and install/download event metadata are generally retained for up to 12 months unless longer retention is required for security, incident response, or legal reasons.
  • Local CLI session storage keeps up to 20 sessions, and local command history keeps up to 500 entries.
  • Local credentials, vault data, audit logs, and optional portable exports remain on your device until you delete them or uninstall the client.

8. CLI-Specific Privacy Notice

The YeePilot CLI runs locally and stores part of its data on your own device.

When configured by you, the CLI sends prompts, contextual inputs, and operation-related content to selected model providers (such as OpenAI, Anthropic, or OpenRouter) to generate responses.

The CLI also exchanges platform authentication and device-heartbeat data with YeePilot backend endpoints to maintain account/device access.

The CLI does not include hidden advertising trackers. You remain responsible for deciding which sensitive content you submit.

9. Security and Service Limits

We implement technical and organizational safeguards and continuously improve them.

No system is completely secure or always available, and we cannot guarantee absolute protection or uninterrupted operation.

Please avoid submitting unnecessary sensitive data and maintain your own backups and access hygiene.

10. Your Rights

Depending on applicable law, you may have rights to access, rectify, erase, restrict, object, or request portability of your personal data.

You may also withdraw consent where processing is based on consent and file complaints with a competent supervisory authority.

11. Updates to This Policy

We may update this Privacy Policy to reflect legal, technical, or operational changes.

The latest version and last-updated date are always shown on this page.

For legal notices, data rights requests, or contract questions, use this address. admin@yee.to.

Analytics Preference

You can opt out of privacy-focused analytics collection for this browser at any time.

Current status: Enabled