Privacy Policy

Effective June 22, 2026

act101, LLC ("act101", "we", "us") operates the act command-line interface and the act101.ai website. This policy explains what data we collect, why, and how we protect it.

1. Your Source Code Stays on Your Machine

The act CLI processes your code locally. We do not transmit, collect, or store your source code, file contents, project structure, or repository data. Your code never leaves your machine in the ordinary course of using the Software.

2. Leaderboard & Online Scanner Data

The canonical rule: act101 NEVER ships your code off-site. We ship only opt-in usage metrics. The single exception to "your code stays on your machine" is the opt-in public surface below — and it holds aggregate counters, never code.

For the act101 online scanner (GitHub Action) and the act101 leaderboards, we hold exactly the following, and nothing else:

Why: the leaderboard is a "receipts, not vibes" surface — instrumented, signed, third-party proof of AI-assisted development. The data held is the minimum required to publish a rank and a profile, and it is published only for enrolled users and board-eligible public repos. Read paths serve from precomputed cache; viral traffic never touches the ingestion path.

Leave at any time. Deleting ~/.act/arena.json stops further uploads. DELETE /api/arena/me (linked from your profile page) deletes your account, your usage-counter rows, and your achievements — a clean exit that removes your profile and its sitemap entry at the next nightly rebuild. arena: false removes a public repo from boards without affecting its own badge or score history.

3. What We Do Collect

We collect the minimum data necessary to operate the licensing and payment system:

4. What We Do Not Collect

5. How We Use Your Data

6. Third-Party Processors

Each processor handles data under their own privacy policies and applicable data-protection agreements.

7. Data Retention

License validation data is retained for the duration of your subscription plus 30 days. Payment records are retained as required by tax and accounting regulations. Support correspondence is retained for up to 3 years. You may request deletion of your data at any time by emailing info@act101.ai.

8. Your Rights

You may request access to, correction of, or deletion of your personal data by contacting us at info@act101.ai. We will respond within 30 days. If you are located in the European Economic Area, the United Kingdom, or California, you have additional rights under the GDPR, UK GDPR, or CCPA respectively — contact us and we will honor them.

9. Children

The Software is not directed at children under 16. We do not knowingly collect personal data from children under 16.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be noted on this page with an updated effective date. Continued use of the Software after changes constitutes acceptance.

11. Contact

Questions about this policy may be sent to info@act101.ai.