PostMessage
Discover
MarketplaceBlog / NewsSetu Health
Get it on Google Play
UrgentLocal NeedsNewsGo BusinessDeliveryCartSetu PromotionMac Software
HomeTeleHealthPostLoginRegister
Privacy Policy

Terminal Auto Pilot — Privacy Policy

Effective April 24, 2026 · Last updated April 24, 2026

The short version

  • You bring your own LLM key. Terminal Auto Pilot does not proxy or store the conversations you have with Claude or GPT. Requests go from your Mac directly to the provider you chose.
  • Your terminal commands stay local. Commands you ask the agent to run, their output, your shell history, and the contents of files in your working directory are never sent to SetuCare servers. The only thing the LLM provider sees is what you type in the prompt and the context the agent quotes back to you.
  • We collect what we need to validate your license. When the app activates or validates your license, we receive your license key, a one-way hash of your machine identifier, the app version, and the request timestamp.
  • Payments are handled by Stripe. Card numbers never touch our servers. We see only the metadata Stripe returns: your billing email, the tier you bought, and the Stripe identifiers needed to issue refunds and respond to chargebacks.
  • You can ask us to delete everything. Email privacy@setucare.com and we will erase your account, license, and activation records within 30 days.

1. Who we are

Terminal Auto Pilot ("the app", "TAP") is a native macOS application published by SetuCare ("we", "us", "our"). This privacy policy explains what data the app and our associated cloud services at setucare.com collect, what we do with it, who else sees it, and what choices you have. It applies to the desktop app itself, the activation and update endpoints it calls, and the marketing pages on setucare.com.

2. What the app collects on your Mac

The Terminal Auto Pilot app stores the following on your Mac, locally, in macOS UserDefaults and the macOS Keychain. None of this is transmitted to us unless explicitly noted in the section below.

  • Your selected model and provider (Claude or GPT) and any provider preferences such as temperature or max tokens.
  • Your LLM provider API key, stored in the macOS Keychain. The Keychain encrypts the key with your account password / Touch ID / Secure Enclave; SetuCare cannot read it and the key never leaves your machine except in Authorization headers on requests you trigger to the provider.
  • Your saved Playbooks, run history, agent memory, and any tool configurations you have created.
  • Application logs in ~/Library/Logs/TerminalAutopilot. Logs include the outline of agent actions (which steps were planned, which succeeded, error messages) but do not contain your prompts, file contents, or LLM responses.

3. What the app sends to SetuCare

The app contacts setucare.com only for the following four reasons:

License activation and validation

When you first paste your license key, the app calls /api/software/licenses/validate/ with the license key, a SHA-256 hash of your machine identifier (a stable per-Mac value derived from system info — not your username, hostname, or hardware serial), the product slug, and the app version. This lets us confirm the key is real, has not been revoked, and that you are within the seat count you paid for. We re-validate periodically while the app is running so a revoked license stops working without a restart.

Update checks

The app polls our Sparkle appcast at /software/terminal-autopilot/appcast.xml roughly once a day to learn whether a newer version is available. The request carries the standard User-Agent Sparkle generates (which includes the app version and macOS version) and your IP address as visible to any HTTPS request. We do not log this data beyond standard web-server access logs which are retained for 30 days.

Crash reports (opt-in)

If the app crashes, you may be asked whether to send the crash report to us. The report contains the macOS-generated stack trace, the app version, and the OS version. It does not contain your prompts, files, license key, or LLM API key. Reports are never sent without your explicit click.

Optional integrations

If you connect a third-party service (e.g. a webhook destination) to receive run summaries, the app sends those summaries directly to the URL you configured. SetuCare servers never see the summary content. The integration credential you supplied is stored locally in your Keychain only.

4. What we never collect

  • The text of your prompts to Claude / GPT.
  • The model's responses.
  • The shell commands the agent runs on your Mac.
  • Stdout, stderr, or file contents from those commands.
  • Your shell history or terminal scrollback.
  • Your LLM provider API key.
  • Source code, secrets, environment variables, or anything else inside your repos.

These never leave your Mac. The only exception is the prompt context the LLM provider requires to respond — that travels straight from your Mac to Anthropic or OpenAI under your own API key, governed by Anthropic's privacy policy or OpenAI's privacy policy respectively.

5. Payments

All purchases are processed by Stripe, Inc., a PCI-DSS Level 1 service provider. Card details are entered on a Stripe-hosted checkout page and SetuCare servers never receive them. After a successful purchase, Stripe forwards a signed webhook event to /api/software/stripe/webhook/ containing your billing email, the tier you purchased, the Stripe customer / subscription identifiers, and the amount charged. We store this metadata against your license row so we can issue refunds, respond to chargebacks, and let you manage your subscription via the Stripe Customer Portal. Stripe's privacy policy is at stripe.com/privacy.

6. SetuCare account (optional)

You can use Terminal Auto Pilot without a SetuCare account — a license key is enough. If you do create or sign in to a SetuCare account (for example via the Billing tab on the website), we additionally store your email, full name, profile photo, and authentication identifiers from your sign-in provider (Google). Account creation and management are governed by the broader SetuCare privacy policy.

7. Data sharing

We do not sell your personal information. We share data only with the categories of recipients listed below, and only to the extent needed for them to perform their stated function:

  • Stripe — payment processing, refunds, chargeback handling.
  • Anthropic / OpenAI — only when you trigger a request, under your API key, with the prompt content you submitted. SetuCare is not in the request path.
  • Amazon Web Services (us-east-1) — our application hosting, database (RDS), and object storage (S3) provider. AWS sees only data we store with them and does not access it.
  • Vercel, Inc. — hosts the marketing pages on www.setucare.com. They see standard request metadata (IP, user agent, referrer) for visits to the website.
  • Law enforcement — only if compelled by valid legal process. We will push back on overbroad requests and notify affected users where legally permitted.

8. Data retention

  • License records — kept for the lifetime of your license plus seven years after revocation, to satisfy tax record-keeping obligations on the underlying purchase.
  • Activation records — kept for the lifetime of the license; deleted when the license is deleted.
  • Web access logs — 30 days, then automatically purged.
  • Crash reports — 90 days, then automatically purged.

9. Your rights

Regardless of where you live, you can ask us to:

  • Access the data we hold about you (your license rows, activation rows, billing metadata).
  • Correct any of it that's wrong.
  • Delete your account, license, and activation records. We will comply within 30 days. Records we are required to retain by law (e.g. invoice data for tax) will be retained for the minimum period required.
  • Export your data as a JSON file.
  • Opt out of marketing email. We send transactional emails (license key, receipt, refund confirmation) regardless; we do not send marketing email unless you have explicitly opted in.

To exercise any of these rights, email privacy@setucare.com from the address on file. Residents of the European Economic Area, the United Kingdom, and California (CCPA / CPRA) have additional statutory rights — those rights are honoured automatically; the email path above is sufficient to exercise them.

10. Children

Terminal Auto Pilot is not directed at children under 16, and we do not knowingly collect personal information from anyone under 16. If you believe a child has provided us with personal information, email privacy@setucare.com and we will delete it.

11. Security

All traffic to setucare.com is served over HTTPS with TLS 1.2 or higher. License keys are stored hashed at rest. The macOS Keychain encrypts your LLM API key locally. Stripe webhook payloads are verified with HMAC signatures using a per-endpoint secret rotated on every endpoint creation. Backend secrets are stored as encrypted environment variables; only on-call engineers can read them, and access is audited.

No system is perfect. If you discover a vulnerability, please email privacy@setucare.com with the subject [security]. We will acknowledge within 72 hours.

12. International transfers

SetuCare's servers are located in the United States. By using Terminal Auto Pilot you consent to the transfer of your account and license metadata to the United States. We do not transfer the contents of your prompts, files, or shell sessions — those never leave your Mac and SetuCare's servers, and your LLM provider's data handling is governed by their own policy linked above.

13. Changes to this policy

When we change this policy in a way that meaningfully affects what we collect or how we use it, we will:

  • Update the "Last updated" date at the top of this page.
  • For material changes that affect existing customers, send a one-time notification email at least 30 days before the change takes effect.
  • Keep the previous version available on request for at least 24 months.

14. Contact

SetuCare
Privacy: privacy@setucare.com
General support: support@setucare.com

Last updated April 24, 2026.

Back to Terminal Auto PilotContact Privacy