Privacy
Local by default.
Dear User reads your Claude Code files on your machine. Nothing leaves your computer — unless you explicitly ask it to. Here's what that means, concretely.
Short version
- Reads: your Claude Code config files (CLAUDE.md, memory, skills, hooks) and session metadata.
- Writes: one SQLite file at
~/.dearuser/dearuser.db - Transmits: nothing, unless you explicitly call
share_reportorfeedback - No sign-up, no API keys, no telemetry.
What Dear User reads
The scanner reads these locations:
| What | Where | Why |
|---|---|---|
| Project instructions | CLAUDE.md | Score collaboration rules, check for conflicts |
| Global instructions | ~/.claude/CLAUDE.md, ~/.claude/memory/** | Same |
| Skills | ~/.claude/skills/** | Overlap detection, orphan check |
| Hooks | ~/.claude/hooks/** | Structural health checks |
| MCP config | ~/.claude.json, ~/.claude/mcp.json | Verify CLAUDE.md claims against actual config |
| Session metadata | ~/.claude/projects/**/sessions/*.jsonl | Counts, timestamps, prompt lengths — not content |
Dear User never reads session message content. It parses .jsonl session logs for length and structural signals only — not the words you typed or the words the agent said back.
What Dear User writes
One file: ~/.dearuser/dearuser.db (SQLite, WAL mode).
Four tables:
du_agent_runs— timestamp, tool name, summary (no file contents)du_recommendations— each recommendation we've surfaced + whether you implemented itdu_score_history— your score over timedu_findings— scan-driven findings with stable hashes for lifecycle tracking
Dear User does not modify your CLAUDE.md, memory, skills, hooks, or any other file — unless you explicitly call implement_recommendation, which has a preview step and tells you exactly what will change before it does.
What leaves your machine
Two tools, and only when you call them.
share_report
Uploads an anonymized copy of a report to dearuser.ai and returns a URL like dearuser.ai/r/<token>.
Before upload, the report is passed through a sanitizer that:
- Collapses absolute filesystem paths to basenames (
/Users/jane/secret-project→secret-project) - Strips email addresses
- Redacts anything matching our secret-scanner patterns: OpenAI, Anthropic, GitHub, AWS, Stripe, Slack, Google, Supabase, Vercel tokens, private keys, generic env secrets, bearer tokens
feedback
Sends a message to our Supabase inbox. That's the whole point of the tool.
What's attached:
- The text you wrote
- Dear User version number
- Nothing else — not your scans, not your files, not your identity
What Dear User does not do
- No keychain access — we scan config files for leaked tokens. We never touch your system keychain or credential helper.
- No network calls during scans —
collab,health,security,onboard,wrapped,historyare pure filesystem operations. You can verify withlsofor Little Snitch. - No conversation content — session metadata only (counts, lengths). Not message bodies.
- No telemetry from the MCP tool or dashboard — the terminal tool and the localhost dashboard never phone home.
- Website analytics are cookieless —
dearuser.aiuses Vercel Analytics (aggregated, no cookies) plus PostHog EU configured without cookies or localStorage. No identity, no session replay, no heatmaps, no IP addresses. - No background scans — Dear User runs only when the agent calls a tool.
Contact and privacy requests
For privacy concerns, GDPR requests (access, deletion, complaints), or any other formal inquiry: use the contact form with the "Privacy / GDPR" category. A human reads every message.
For product feedback, bugs and suggestions: use the feedback form or the feedback tool from inside Claude.
We take this seriously — Dear User is a tool about trust, and a leak would undo the whole thing.