Privacy Policy

Effective: March 2, 2026

1. Overview

ChartDB, Inc. ("we", "us", "our") operates OneCLI, including the oc command-line tool, the cloud dashboard at app.onecli.sh, and the marketing site at onecli.sh. This Privacy Policy explains what data we collect, how we use it, and your choices.

2. What We Collect

  • Account information: email address when you sign up for OneCLI Cloud.
  • Authentication tokens (CLI): stored locally on your machine by the CLI; never sent to our servers.
  • OAuth credentials (Cloud): when you connect a third-party service through OneCLI Cloud, we store an encrypted OAuth refresh token on our servers to maintain your connection.
  • Usage and telemetry: anonymous command frequency, plugin usage counts, and error reports (opt-out available).
  • Cloud dashboard analytics: page views, feature usage, and session metadata.
  • Plugin connection metadata: which services you connect, connection status, and timestamps. We do not store the content flowing through plugins.

3. How We Use Your Data

  • Operate and maintain the service.
  • Authenticate you across CLI and cloud dashboard.
  • Improve OneCLI based on aggregate usage patterns.
  • Send product updates and security notices (you can unsubscribe).
  • Detect and prevent abuse or unauthorized access.

4. Data Storage and Security

The OneCLI CLI stores authentication tokens and plugin credentials locally on your machine. OneCLI Cloud stores encrypted OAuth refresh tokens on our servers to maintain service connections on your behalf. All data transmitted to our servers is encrypted in transit (TLS) and at rest. We follow industry-standard practices to protect your information, but no system is 100% secure.

5. Google User Data

OneCLI Cloud's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

When you connect a Google service (such as Gmail, Google Drive, Google Calendar, or Google Sheets) through OneCLI Cloud:

  • We store an encrypted OAuth refresh token on our servers solely to maintain your connection.
  • We access only the Google API scopes you explicitly grant during the connection flow.
  • Google user data retrieved by agents is used solely to provide and improve the user-facing features you requested.
  • We do not use Google user data for advertising, and we do not sell it to third parties, advertisers, data brokers, or information resellers.
  • We do not use Google user data for credit assessment, lending, or any purpose unrelated to the core functionality of OneCLI.
  • Our employees do not read your Google user data unless (a) you provide explicit consent, (b) it is necessary for security or abuse investigation, (c) it is required by law, or (d) it is used in aggregated, de-identified form for internal operations.
  • You can revoke access to your Google data at any time from the OneCLI Cloud dashboard, which deletes the stored refresh token and disconnects the service.

6. Third-Party Services and Plugins

OneCLI acts as a gateway to third-party services through plugins. When you use a plugin, data flows directly between your machine and that service. We do not store, inspect, or log the content passing through plugins. Each third-party service has its own privacy policy, and we encourage you to review them.

7. Data Sharing

We do not sell your personal data. We may share information with:

  • Service providers: hosting, analytics, and email providers that help us operate OneCLI, bound by confidentiality agreements.
  • Law enforcement: only when required by valid legal process.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, with notice to you.

8. Data Retention

We retain your account data for as long as your account is active. Anonymous telemetry data is retained for 12 months. You can request deletion of your data at any time by contacting us.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate information.
  • Delete your account and associated data.
  • Opt out of telemetry collection in the CLI.
  • Export your data in a portable format.

To exercise any of these rights, contact us at privacy@chartdb.io.

10. Cookies and Tracking

  • Website: basic analytics cookies to understand traffic and improve the site.
  • CLI: no cookies. The CLI does not use browser-based tracking.
  • Cloud dashboard: session cookies for authentication only.

11. Changes and Contact

We may update this policy from time to time. Changes will be posted on this page with an updated effective date. For questions or concerns, contact us at privacy@chartdb.io.