Data Privacy
Transparency into what we collect and access to deliver SpecStory
Services we use to collect data
We use PostHog to collect product analytics. When you install the SpecStory Extension tracking is turned on by default. You may turn it off in settings via: specstory.helpUsImprove
.
-
We log events including: when the extension is activated, when an auto-save occurs, when a manual save occurs, when a share occurs, when a custom rule is derived and when errors occur.
-
We use this telemetry to calculate total installs, active user counts and to understand other patterns like user retention.
We also use PostHog to collect web analytics, both on Specstory.com and share.specstory.com.
-
We use log events to understand time on site, improve usability in our share experience and monitor our own traffic and traffic to shares.
-
If you turn off
specstory.helpUsImprove
in the Extension settings it will not apply to the web analytics we collect.
In SpecStory v0.7.0
and later for the optional and Derived Rules feature, we use:
-
Clerk.com: for authentication and user management.
-
Helicone.com: for LLM observability.
What data is accessed and collected in the SpecStory extension (by feature)
Auto-saves and manual saves
Usage of these features never transmits your prompts or code in assistant responses to SpecStory.
Each of these features read from your local chat history stored in a sqlite3 state.vscdb
, chat.jsons
, or Claude Code session files in different folders depending on your OS on your machine.
-
Windows:
%APPDATA%\Cursor\User\globalStorage\state.vscdb
-
MacOS:
~/Library/Application Support/Cursor/User/globalStorage/state.vscdb
-
Linux:
~/.config/Cursor/User/globalStorage/state.vscdb
-
Windows:
%APPDATA%\Cursor\User\globalStorage\state.vscdb
-
MacOS:
~/Library/Application Support/Cursor/User/globalStorage/state.vscdb
-
Linux:
~/.config/Cursor/User/globalStorage/state.vscdb
-
Windows:
%APPDATA%\Code\User\workspaceStorage\{hash}\chatSessions
-
MacOS:
~/Library/Application Support/Code/User/workspaceStorage/{hash}/chatSessions
-
Linux:
~/.config/Code/User/workspaceStorage/{hash}/chatSessions
The SpecStory CLI wrapper for Claude Code reads session files from:
- All platforms:
~/.claude/projects/
(JSONL format)
The CLI wrapper runs Claude Code while capturing conversations locally. No data is transmitted to SpecStory servers.
These saves are then stored in your project’s .specstory
folder.
Shares
Usage of this features transmits prompts and code in assistant responses to SpecStory.
This feature allows you to publish your local chat history to share.specstory.com. We store shares in Cloudflare R2 Object Storage.
-
Shared content is anonymous in the sense that we do not require authentication to share. But it is public.
-
We generate a non-guessable UUID for every share at the time of creation.
-
When you share your history, the request includes a
device_id hash
from your machine. This allows us to allow you to uniquely edit it without being authenticated. -
As an editor, you can delete sensitive information in the share. You may also request full deletion of the object by e-mailing support the URL of the share.
Derived Rules
Usage of this features transmits prompts, code in assistant responses, markdown header information you supply and your project’s metadata to SpecStory.
This feature allows you to save time and improve code generation quality.
-
When you authenticate into the Extension and turn on the feature, as you prompt we send your prompt history, prior derived rules, file headers and project directory metadata to an LLM.
-
We log these requests via Helicone by user to track cost, response quality, error rates and prevent abuse.
-
We conduct aggregate analysis on the requests made by users of this feature to improve it.
What data is accessed and collected in BearClaude Alpha
BearClaude never captures or transmits your actual conversations with Claude Code to SpecStory.
During the Alpha phase, BearClaude collects usage analytics to help us improve the product and understand how users interact with the application.
Usage Analytics
We collect telemetry data for project and document management actions, including:
- Project creation, opening, and switching
- Document creation, editing, and saving
- Application launch and usage patterns
- Feature usage and interaction events
- Error occurrences and crash reports
User Identification
- We capture your registration email address during account creation
- Usage events are associated with your email to enable user-specific analytics
- This helps us understand user behavior patterns and improve the product experience
Data Storage and Processing
- Usage data is processed through our analytics infrastructure
- Data is used exclusively for product improvement, bug fixes, and feature development
- We do not sell or share personal usage data with third parties
Opt-Out During Alpha
During the Alpha phase, the only way to opt out of data collection is to uninstall BearClaude.
We plan to add granular privacy controls and opt-out options before the full product launch.