Privacy Policy
Effective date: May 1, 2026
This Privacy Policy explains how Grid Heap, Inc. handles personal information for Cmdless. It is written specifically for Cmdless and does not combine policies for other Grid Heap products.
Cmdless is a voice-first intent palette for macOS that can process spoken requests, selected text, local context, AI prompts, shortcuts, scripts, files, notes, snippets, calendar data, windows, and connected channels when you enable those features.
1. Information We Collect
Depending on your settings and usage, Cmdless may process account details, subscription status, voice audio, transcript text, selected text, prompt context, active-app metadata, shortcut definitions, snippet and note metadata, connected-channel configuration, provider routes, support messages, and operational diagnostics.
Some desktop features may run locally. Cloud transcription, model routing, billing, support, or connected-channel features may require sending relevant data to Grid Heap infrastructure or selected providers.
2. Voice Audio and Transcription
When you use voice input, Cmdless may capture audio from your microphone and send it to the configured transcription route. Audio is processed to produce a transcript and related command context. We do not use voice audio to train foundation models unless a separate setting or written agreement clearly says so and you choose to enable it.
3. AI Input and Output
When you use AI features, Cmdless may process prompts, selected text, transcript text, relevant app context, tool metadata, and generated output. We process this information to provide, secure, troubleshoot, and improve the requested feature.
Third-party model providers may process prompts and context under their own terms and privacy commitments when you route a request through them.
4. Local Tools, Scripts, and Connected Channels
Cmdless may help preview or invoke local tools, scripts, files, notes, snippets, windows, calendar actions, and connected channels. We process metadata and content necessary to show the preview or complete the action you chose.
5. Account and Billing
Paid access may be handled by app stores or payment processors. We do not store full payment card numbers. We may receive billing status, plan, entitlement, renewal, cancellation, and invoice information needed to operate paid features.
6. Cookies and Similar Technologies
Cmdless websites and product surfaces may use essential cookies, local storage, and similar technologies for authentication, security, billing state, fraud prevention, and preferences. Website analytics, if used, do not include voice audio, transcripts, prompts, or local desktop content.
7. Logs and Security
We may collect limited operational logs such as request time, route, status code, provider route, device or browser class, and error diagnostics. We avoid logging message bodies, audio, transcripts, secrets, tokens, and script output unless needed for a user-requested support investigation.
8. Sharing
We do not sell personal information. We may share information with service providers that help us operate Cmdless, with third parties you choose to connect, with authorities when legally required, during a business transaction, or when needed to protect users, rights, safety, or security.
9. Retention
Voice audio and prompt context are retained only as needed to provide the requested feature, operate safety and reliability controls, support billing, troubleshoot issues, or comply with law. Account, billing, support, and security records may be retained longer where necessary.
10. Your Choices and Rights
You may request access, correction, export, or deletion of personal information by contacting us. We may need to verify your identity. Some records may be retained where required for security, billing, legal compliance, or legitimate operational needs.
11. Children
Cmdless is not directed to children under 13, and we do not knowingly collect personal information from children under 13.
12. International Processing
We may process information in countries where we or our providers operate, including the United States. We use reasonable safeguards appropriate to the product and processing activity.
13. Changes
We may update this Privacy Policy from time to time. Material changes will be posted on this page or communicated through Cmdless when appropriate.
14. Contact
For privacy questions, email legal@gridheap.com. For general company contact, email contact@gridheap.com. For Cmdless support, email support@cmdless.com.