Privacy Policy

Last updated: 31 May 2026 · Effective for Token Gauge desktop app and tokengauge.app

1. Who we are

Token Gauge is operated by Kieran Hartley, a sole trader based in the United Kingdom. In this policy, "we", "us", and "our" refer to the operator of Token Gauge. "You" means the person using the app or this website.

Contact for privacy questions: support@tokengauge.app

2. Scope

This policy covers:

the Token Gauge desktop application for Windows;
this marketing website (tokengauge.app); and
license purchase and validation handled through Lemon Squeezy when you buy the paid tier.

It does not govern the AI coding tools themselves (Claude Code, Codex, Cursor, Copilot, Gemini, etc.). Those services have their own privacy policies.

3. What the app does

Token Gauge is a local tray utility that aggregates usage statistics from AI coding agents you already use — for example, percentage used in a rolling window, reset timers, token counts, and cost estimates where the provider exposes them.

To do this, the app may read:

Local CLI and session files already on your machine (e.g. logs and metadata written by Claude Code or Codex under your home directory).
Credentials you already have — OAuth tokens or session cookies stored by those tools or that you paste into Settings (e.g. a Cursor session token). Token Gauge reads these locally to authenticate outbound usage API calls; it does not upload raw tokens to our servers.
Your preferences — which agents appear in the menu bar, notification thresholds, and similar settings.

4. What we do not collect

Token Gauge is designed not to access, store, or transmit:

your source code or repository contents;
prompts, chat transcripts, or conversation logs;
terminal command history unrelated to usage metadata;
API keys or tokens to our own servers (we have no account backend at launch).

If a provider's usage endpoint returns only aggregate numbers, that is all we keep.

5. Network activity

When refreshing usage, the app may connect to:

Provider usage endpoints — authenticated HTTPS requests to each vendor's own API (Anthropic, OpenAI, Anysphere/Cursor, GitHub, Google, etc.) to ask "how much has this account used?" We send only what is required for that request (typically an authorization header derived from credentials on your device). Your use of those endpoints remains subject to the provider's own terms of service and privacy policy.
Lemon Squeezy — when you activate or validate a paid license key, the app calls Lemon Squeezy's license API with your key and a device fingerprint (one-way hash). This is used only for the 3-device activation limit; Lemon Squeezy processes payment data at checkout; we do not receive your card number.
Software updates — if you use the built-in updater, the app may check a release manifest (e.g. GitHub Releases) for new versions. That check does not include usage data.

There is no Token Gauge cloud service at launch that receives your usage snapshots.

6. Future opt-in sync (not available at launch)

We may later offer optional sync to a phone companion. If we do, it will be:

opt-in — off by default;
limited — numeric usage snapshots only (percentages, counts, reset times); never code, prompts, or tokens;
described separately before release, with an updated privacy policy.

7. Local storage and retention

Data stays on your computer unless you delete it:

What	Where	Contents
Usage cache	`{app_data}/usage.db` (SQLite)	Aggregated token counts, models, timestamps, and cost estimates used for charts and history.
Settings	`{app_data}/settings.json`	UI preferences, agent visibility, notification thresholds, first-run flag.
License cache	`{app_data}/license_cache.json`	Last successful Lemon Squeezy validation response (for up to 14 days offline).
Device id	`{app_data}/device_id`	Random id (hashed as device fingerprint) for Lemon Squeezy activation limit (3 devices per key).
License key	OS credential store	Your paid license key (`service = "tokengauge-license"`).
Provider credentials	OS credential store / existing CLI files	Read from Claude Code's existing storage or values you enter in Settings (e.g. Cursor token). Token Gauge does not re-home these to its own cloud.

{app_data} is the per-user application data directory provided by the OS (e.g. %APPDATA% on Windows).

We retain local data until you delete it or uninstall the app. Cached usage may grow slowly over time as new events are deduplicated into SQLite; it is usage metadata only.

8. How to delete your data

You can remove Token Gauge-related data at any time:

In the app: Settings → License → remove your license key (if any). Clear provider-specific entries in Settings if you added them manually.
Delete local files: quit the app and delete the Token Gauge app data folder (contains usage.db, settings.json, license_cache.json, and device_id).
Remove stored secrets: delete the tokengauge-license entry from the Windows Credential Manager if present. Provider credentials (e.g. Claude Code) remain under those tools' own storage unless you remove them separately.
Uninstall: remove the application via Windows Settings. Uninstalling does not automatically delete app data — delete the folder in step 2 if you want a clean removal.

Lemon Squeezy may retain purchase records as merchant of record; contact them or us for purchase-related deletion requests.

9. Analytics and tracking

App: no third-party analytics, crash reporting, or advertising SDKs are included at launch.

Website: this landing page does not load Google Analytics, Meta Pixel, or similar trackers by default. Basic server or CDN logs (IP, user agent) may exist depending on your host — we do not use them to profile visitors.

10. Purchases and Lemon Squeezy

Paid licenses are sold through Lemon Squeezy, which acts as merchant of record for tax and payment processing. When you buy, Lemon Squeezy collects billing information under their privacy policy. We receive your license key and enough purchase metadata to support activation and refunds — not your full card number.

11. Legal bases (UK / EEA visitors)

Where GDPR applies, we process data as follows:

Contract — to provide the app and validate licenses you purchased.
Legitimate interests — to operate a local-first utility with minimal network use, prevent license abuse, and improve stability.
Consent — for any future optional sync or analytics, which will be off by default.

12. Children

Token Gauge is a developer tool not directed at children under 16. We do not knowingly collect personal data from children.

13. International transfers

Your usage data stays on your device. License validation and checkout involve Lemon Squeezy and AI providers, which may process data in the United States or other countries under their own terms.

14. Changes

We may update this policy. Material changes will be reflected in the "Last updated" date above and, where appropriate, in-app or on this page. Continued use after changes constitutes acceptance of the updated policy.

15. Contact

Privacy questions or requests: support@tokengauge.app

Plain English summary