Privacy

Digitorn runs in three configurations and each one carries a different privacy footprint. Digitorn Cloud (digitorn.ai) is the in-browser version: we host the agents, store the data and run the LLM calls for you. The local install with Gateway is the default desktop setup: the client runs on your machine, your data stays there, but the LLM and tool calls route through Digitorn Gateway so a single Digitorn account unlocks every supported provider. The local install with BYOKturns the Gateway off: the client still runs on your machine, and the LLM calls go straight to the provider with your own keys and we don't see that traffic at all. This page is the inventory of what we hold under each setup.

What we collect

Account.When you sign in with Google, Microsoft or Apple, we receive your email address, display name and avatar from the provider. We store those plus a rotating session token. We don't ask for, see, or store your provider password.

Hub activity. If you install or publish a package on the Hub, we record the action, the package ID, and the time, so the marketplace can show install counts and so you can track your own publishing history.

Cloud agents. On Digitorn Cloud we host your agents and store the data they produce: conversation history, attachments you upload, workspace artefacts the agent generates, and the credentials you choose to save with us.

Gateway calls.Whenever an LLM or tool call goes through Digitorn Gateway (on Cloud, or on a local install where the Gateway is on), we keep an accounting record of that call: model name, token counts, latency. The request body and the response are forwarded to the underlying provider and aren't persisted by us once the call has completed. With the Gateway turned off (local + BYOK), the call doesn't reach us at all.

Diagnostics. Unhandled errors and minimal performance metrics from the cloud services are captured to help us fix bugs. We strip request bodies and user content before storage.

What stays on your machine

On a local install, every agent definition, conversation history, file attachment, workspace artefact and credential lives in ~/.digitorn/on your computer. We can't read any of it. In the BYOK setup the LLM traffic stays out of our reach as well; with the Gateway on, only the per-call accounting metadata reaches us, not the prompt or response payloads.

Third parties we use

OAuth providers (Google, Microsoft, Apple) authenticate you and return the identity payload above.

LLM and tool providers(Anthropic, OpenAI, DeepSeek, etc.) receive whatever you send through them. Their privacy policies apply to that traffic. We don't enrich or copy it.

Infrastructure providers(the hosting and CDN providers behind digitorn.ai, hub.digitorn.ai and the Gateway) handle traffic in transit and cloud-mode storage at rest. They're under contractual confidentiality obligations and never see plaintext outside their TLS terminators.

Cookies and browser storage

The website sets one essential cookie to remember your session and to drive the public/anonymous routing on the home page. We don't use third-party advertising or analytics cookies. Auth state, your preferred language and theme are stored in your browser's localStorage so the app feels the same between visits.

Retention

Account records and Hub activity stay as long as the account exists. Cloud-agent data (conversations, attachments, workspace artefacts) follows the retention you set on each agent; if you set none, it stays as long as the agent does. Gateway call accounting summaries are kept for thirteen months for billing reconciliation. Diagnostic logs roll over after thirty days. Deleting your account drops the account record and the cloud-agent data tied to it, and signs you out everywhere; published Hub packages only disappear when you remove them.

Your rights

You can request a copy of the data tied to your account, ask us to correct it, or ask us to delete the account entirely. We'll honour the request within thirty days. If you live in a jurisdiction that grants additional rights (the EEA, the UK, California, Brazil, and others), those rights apply on top of these.

International transfers

Our cloud surfaces are hosted in Europe (Paris) and the metadata above stays there. When an OAuth or LLM provider is based outside your region, the contract we sign with them covers cross-border transfers under the relevant data protection framework.

Children

Digitorn is not intended for people under 16. We don't knowingly collect data from anyone in that age range.

Changes

If we change anything material on this page, we'll notify you by email or in-product before the new version takes effect.

Reaching us

Privacy questions or rights requests: privacy@digitorn.ai. You can also write to us at the postal address on the company's corporate page.