What happens to your content
Postlane runs on your machine. Your commits, drafts, voice guide, and credentials stay there. We never see them.
DATA FLOW
What crosses the boundary — and what does not
What we store
| We store | We never store |
|---|---|
| Your email address | Your commits or commit messages |
| Your license state (repo count) | Your drafts or post text |
| Opt-in telemetry event names (linked to your account) | Your voice guide |
| Your credentials | |
| Your repository names | |
| Anything from inside your editor |
GDPR Article 25 — Privacy by Design
Postlane qualifies under GDPR Article 25 (Data Protection by Design and by Default) because the processing architecture prevents the collection of personal content data, not merely refrains from it. That distinction matters for legal reviewers: architectural prevention is a stronger guarantee than policy prohibition. We cannot share your content with third parties because we do not have it.
LLM calls
Postlane does not make LLM API calls on your behalf. Drafting happens inside your own editor session — Claude Code, Cursor, Windsurf, or any MCP-capable IDE — using your own API credits or subscription. Postlane never sees the content that goes to the LLM or the draft that comes back. What your LLM provider does with that content is governed by your own agreement with that provider, not by Postlane.
Telemetry
Five event names are sent only when you have explicitly opted in. Each event is linked to your account — not anonymous. No content, repo names, or post text is ever included.
Events: post_approved, post_dismissed, provider_configured, repo_connected, skill_invoked — each linked to your account.
When: Only if you have explicitly opted in. The consent prompt defaults to off.
How to turn it off: Settings → App → “Send usage data” toggle.
Sub-processors
A small number of third-party services process limited data on our behalf. See the full list on our sub-processors page.