This Privacy Policy describes how Tanagram, Inc. ("Tanagram," "we," "us," or "our") collects, uses, and shares your personal information when you use Lore, our shared thread library for coding agent sessions (the "Services"). If you have a separate Data Processing Agreement or Addendum with us, those terms supersede.
Information We Collect
Information you provide: account information (name, email via our authentication provider, organization, and profile metadata), payment and billing details (through our payment processor), communications when you contact support, and feedback.
Information collected automatically: usage data, CLI telemetry (command name, version, duration, environment, OS username and hostname), device and log information (browser, IP address, access times, referring URLs), and cookies to keep you signed in and understand usage.
Information from your use of the Services: coding agent transcripts you upload (prompts, responses, tool calls and results, thinking/planning blocks), session metadata (working directory, repository origin, file paths touched, skills invoked, timestamps), AI-generated artifacts (summaries, titles, decision extracts, cover images), comments, mentions, favorites, and data from integrations you connect.
How We Protect Your Data
Lore is built around the assumption that coding agent transcripts contain sensitive material, and gives you controls over what is collected and who can see it:
- Private by default. New threads upload as private (visible only to you) unless you opt in to share with your workspace by default.
- Per-thread visibility. Change any thread between private, workspace, and public at any time. Only public threads are exposed to unauthenticated visitors.
- Consent-first directory allowlist. The daemon never auto-uploads by default; you opt in to specific directories. Sessions outside your upload paths never leave your machine.
- Client-side upload filters. Include or exclude uploads by repository or skill; filtered sessions are not uploaded.
- Soft delete. Delete threads at any time; deleted content is hidden immediately and permanently removed through our administrative process.
- Encryption in transit and at rest. Data is transmitted over TLS and stored in encrypted object storage and managed databases.
No storage system is completely secure; these controls reduce risk but do not eliminate it. Use the upload filters and redaction tools to keep secrets out of your uploads.
How We Use Your Information
We use the information to provide, maintain, and improve the Services; generate thread titles, summaries, decision extracts, and cover images; process transactions; respond to support requests; send technical and administrative messages; analyze usage; detect and prevent abuse; personalize your experience; develop new features; and comply with legal obligations.
Information Sharing and Disclosure
We share information with your consent (including when you set a thread to workspace or public), with service providers (authentication, payments, AI summarization and image generation, object storage, error monitoring, analytics, support), in business transfers, when legally required, to protect rights and safety, and as aggregated or de-identified data.
Machine Learning and AI
We do not develop or train foundation AI models, and we do not use your transcripts or Customer Content to train third-party AI models. We use third-party AI providers to generate per-thread summaries, titles, and images; under our contracts those providers do not retain that content for training.
Data Retention
We retain your information for as long as your account is active or as needed to provide the Services and meet legal obligations. On request we delete account-level information within 60 days, subject to legal and operational requirements. Deleted threads are removed from visible surfaces immediately and purged from storage periodically.
International Data Transfers
Your information may be transferred to and processed in countries other than your own, including the United States. By using the Services you consent to these transfers.
Your Rights and Choices
Depending on your location you may have rights to access and port, correct, delete, object to processing, restrict processing, and withdraw consent. EEA, UK, and Swiss users have additional GDPR rights (including the legal bases for processing and the right to lodge a complaint with a supervisory authority). California residents have CCPA rights, including the right to know, delete, and opt out of sale (we do not sell personal information), and non-discrimination for exercising them. To exercise any of these, email founders@lore.link.
Changes to This Privacy Policy
We may update this policy from time to time and will post the new version here with an updated "Last updated" date.
Contact Us
Questions about this Privacy Policy? Contact us at:
Tanagram, Inc.
838 Walker Rd Suite 21-2
Dover, DE 19904
Email: founders@lore.link