Data Privacy

​

Services we use to collect data

We use PostHog to collect product analytics. When you install the SpecStory Extension tracking is turned on by default. You may turn it off in settings via: specstory.helpUsImprove.

• We log events including: when the extension is activated, when an auto-save occurs, when a manual save occurs, when a share occurs, when a custom rule is derived and when errors occur.

• We use this telemetry to calculate total installs, active user counts and to understand other patterns like user retention.

We also use PostHog to collect web analytics, both on Specstory.com and share.specstory.com.

• We use log events to understand time on site, improve usability in our share experience and monitor our own traffic and traffic to shares.

• If you turn off specstory.helpUsImprove in the Extension settings it will not apply to the web analytics we collect.

In SpecStory v0.7.0 and later for the optional and Derived Rules feature, we use:

• Clerk.com: for authentication and user management.

• Helicone.com: for LLM observability.

​

What data is accessed and collected in the SpecStory extension (by feature)

​

Auto-saves and manual saves

Each of these features read from your local chat history stored in a sqlite3 state.vscdb, chat.jsons, or Claude Code session files in different folders depending on your OS on your machine.

These saves are then stored in your project’s .specstory folder.

​

Shares

This feature allows you to publish your local chat history to share.specstory.com. We store shares in Cloudflare R2 Object Storage.

• Shared content is anonymous in the sense that we do not require authentication to share. But it is public.

• We generate a non-guessable UUID for every share at the time of creation.

• When you share your history, the request includes a device_id hash from your machine. This allows us to allow you to uniquely edit it without being authenticated.

• As an editor, you can delete sensitive information in the share. You may also request full deletion of the object by e-mailing support the URL of the share.

​

Derived Rules

This feature allows you to save time and improve code generation quality.

• When you authenticate into the Extension and turn on the feature, as you prompt we send your prompt history, prior derived rules, file headers and project directory metadata to an LLM.

• We log these requests via Helicone by user to track cost, response quality, error rates and prevent abuse.

• We conduct aggregate analysis on the requests made by users of this feature to improve it.

​

What data is accessed and collected in BearClaude Alpha

During the Alpha phase, BearClaude collects usage analytics to help us improve the product and understand how users interact with the application.

​

Usage Analytics

We collect telemetry data for project and document management actions, including:

• Project creation, opening, and switching
• Document creation, editing, and saving
• Application launch and usage patterns
• Feature usage and interaction events
• Error occurrences and crash reports

​

User Identification

• We capture your registration email address during account creation
• Usage events are associated with your email to enable user-specific analytics
• This helps us understand user behavior patterns and improve the product experience

​

Data Storage and Processing

• Usage data is processed through our analytics infrastructure
• Data is used exclusively for product improvement, bug fixes, and feature development
• We do not sell or share personal usage data with third parties

​

Opt-Out During Alpha

We plan to add granular privacy controls and opt-out options before the full product launch.