MyAegis Privacy Policy

MyAegis is developer time-tracking software. It records work sessions from local developer tools so users can review time, associate sessions with projects, prepare reports, and understand AI-assisted work.

The MyAegis Chrome extension has one purpose: track active developer browser time for MyAegis projects. It sends lightweight browser heartbeats to the local MyAegis daemon when tracking is enabled, the user is active, and the current page matches supported developer, documentation, testing, infrastructure, or project-management URL patterns.

• Account data: name, email address, GitHub account information used for sign-in, organization/team membership, settings, and API key metadata.
• Project and business data: projects, clients, tasks, budgets, retainers, integrations, reports, invoices, and related configuration entered by users.
• Tracking data: timestamps, session durations, tool names, capture source, project matches, browser URLs for browser sessions, file paths, git branches, line-change counts, terminal/AI hook metadata, and other work-session metadata needed to provide time tracking.
• Chrome extension data: the active tab URL, timestamp, generated machine ID, productive URL category, whether recent user activity occurred, and URL patterns the user chooses to assign to a MyAegis project.
• Usage and diagnostics: app events, page views, device/browser metadata, and error details collected through analytics and error-monitoring tools so we can operate, secure, debug, and improve MyAegis.
• Billing data: subscription status and limited billing metadata. Card details are handled by our payment processor and are not stored by MyAegis.

• It does not collect page text, images, videos, DOM content, or form values.
• It does not collect passwords, credentials, security questions, or PINs.
• It does not collect email bodies, chat messages, or other personal communications.
• It does not record screenshots, microphone input, camera input, or precise location.
• It listens for activity events only to determine whether the user was recently active; it does not record the keys typed, mouse position, scroll position, or click targets.

• Provide automatic developer time tracking and browser-session tracking.
• Match sessions to projects, clients, tasks, reports, budgets, and invoices.
• Sync local daemon data to the MyAegis web app when the user is authenticated.
• Authenticate users, secure accounts, enforce access controls, and prevent abuse.
• Provide support, troubleshoot bugs, maintain reliability, and improve the product.
• Process billing, subscriptions, and account administration.

MyAegis is local-first for high-frequency tracking. The Chrome extension posts heartbeats to the local daemon at 127.0.0.1:45678. The daemon buffers session and heartbeat data in local storage on the user's machine, then syncs it to the MyAegis API when the user is signed in and sync is available.

Remote communication with MyAegis services uses HTTPS. The extension does not send heartbeats directly to third-party advertising networks, data brokers, or analytics providers.

We do not sell user data. We share data only as needed to operate MyAegis, provide user-requested integrations, comply with law, protect users and the service, or complete a business transaction such as a merger or acquisition.

• Service providers: hosting, database, authentication, analytics, error monitoring, email, and payment providers that help us run MyAegis.
• User-connected integrations: services such as GitHub, ClickUp, or other integrations only when the user connects or uses those features.
• Legal and safety: when required by law or when necessary to protect users, MyAegis, or others from fraud, abuse, security incidents, or legal claims.

The use of information received from Chrome APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

• We use Chrome extension data only to provide or improve MyAegis developer time tracking.
• We do not sell Chrome extension data or transfer it to advertising platforms, data brokers, or information resellers.
• We do not use Chrome extension data for personalized ads, unrelated purposes, creditworthiness, or lending decisions.

• Users can pause Chrome tracking from the extension popup.
• Users can uninstall the Chrome extension or daemon to stop local collection.
• Users can revoke API keys and connected integrations from MyAegis settings.
• Users can request account deletion or data access by contacting us.

We retain account, project, billing, and tracking data while it is needed to provide MyAegis, comply with legal obligations, resolve disputes, enforce agreements, and maintain business records. Local daemon data remains on the user's machine until it is synced, deleted by product behavior, or removed by uninstalling local components.

We use technical, administrative, and organizational safeguards designed to protect user data. No system is perfectly secure, so users should keep their devices, browsers, API keys, and MyAegis account credentials protected.

Questions or requests about this policy can be sent to hello@myaegis.dev.