Privacy

Last updated: 2026-05-15.

Local-first by design

CodeVetter is a Tauri desktop app. Reviews run on your machine. The repo you point it at, the diff being reviewed, your notes, and the review history all live in a local SQLite database in the app data directory. None of that goes to a CodeVetter-owned server — there isn't one.

What hits third parties

• The LLM provider you configure. When you run a review, CodeVetter sends your code + the review prompt to whichever provider (Anthropic, OpenAI, Cerebras, your own gateway) you've picked. Their privacy policy applies.
• Auto-updater. The app checks GitHub Releases for new versions. That request includes your platform string and the current version. Disable in settings if you prefer.

API keys

Provider keys are stored in your OS keychain (macOS Keychain, Windows Credential Manager, libsecret on Linux). They never leave your machine except when included in the Authorization header of a request you initiate to your chosen provider.

Crash + usage telemetry

None by default. The first launch does not phone home; there is no anonymous usage analytics endpoint baked into the app.

Deletion

Uninstall the app and delete the data directory (~/Library/Application Support/CodeVetteron macOS) to remove all local state.