← Back

Privacy Policy

Published: September 19, 2025 | Effective: September 19, 2025

This Privacy Policy explains how Etheon, Inc., a Delaware corporation with its principal office at 524 Market Street, San Francisco, CA 94105, and Etheon AI LTD, a United Kingdom limited company with its principal office at 3rd Floor Suite, 207 Regent Street, London, England, W1B 3HH (“Etheon,” “we,” “us,” or “our”) handles information in connection with Jeriko and our related services (collectively, the “Services”).

By using the Services, you agree to this Privacy Policy. If you do not agree, do not use the Services.

1. Our Privacy Commitment

Jeriko is built with privacy at its core. Unlike cloud-based AI tools that process your data on remote servers, Jeriko runs entirely on your local machine as a compiled standalone binary. We fundamentally do not collect your data, and we do not share your data with anyone.

Your conversations, commands, credentials, session history, configurations, and all other data generated through your use of Jeriko remain exclusively on your device. We have no access to it and no ability to retrieve it.

2. Information We Do Not Collect

To be clear, Jeriko does not collect:

  • Your conversations with AI models
  • Your commands, prompts, or outputs
  • Your API keys, OAuth tokens, or credentials
  • Your files, documents, or code
  • Your usage patterns or telemetry
  • Your system information or device identifiers
  • Any personal data processed through the software

3. Data Stored Locally on Your Device

3.1 Configuration and Credentials

Jeriko stores configuration in ~/.config/jeriko/ and data in ~/.jeriko/ on your local machine. API keys and OAuth tokens are stored locally with restricted file permissions (0600). These credentials are sent only to the respective third-party APIs you have explicitly configured and authorized.

3.2 Session Data

All session history, conversation logs, memory files, and agent data are stored in a local SQLite database on your device. This data never leaves your machine.

3.3 Binary Security

Jeriko is distributed as a compiled standalone binary. The binary cannot be opened, inspected, or decompiled on your local machine. No third party—including Etheon—can remotely access data processed by Jeriko on your device. This makes Jeriko more secure than any cloud-based or interpreted AI tool.

4. Information We May Collect

4.1 Account Information

If you create an account for a paid subscription, we collect your email address and billing information. Billing is processed securely through Stripe; we do not store your full payment card details.

4.2 Website Analytics

When you visit jeriko.ai, we may collect basic analytics data (page views, referral source) using Google Analytics. This data is anonymized and used solely to improve our website.

4.3 Communications

If you contact us at info@etheon.ai, we retain the content of your communication to respond to your inquiry.

5. How We Use Information

The limited information we may collect is used only to:

  • Process billing and manage your subscription
  • Respond to support inquiries
  • Send essential product updates (e.g., security patches)
  • Improve our website and documentation
  • Comply with legal obligations

6. Data Sharing

We do not sell, rent, trade, or share your personal information with third parties.

The only exceptions are:

  • Payment processing: Stripe processes payments on our behalf under their own privacy policy
  • Legal requirements: We may disclose information if required by law, court order, or governmental authority
  • Your explicit connections: When you use Jeriko to connect to third-party services (Gmail, GitHub, Stripe, etc.), your credentials are sent directly from your device to those services—not through our servers

7. Third-Party AI Providers

When you use Jeriko's AI features, your prompts are sent directly from your device to the AI provider you have selected (Anthropic, OpenAI, or a local model). Etheon does not intercept, store, or process these communications. Each AI provider has its own privacy policy governing how they handle your data.

8. Data Security

Jeriko employs multiple layers of security to protect your data:

  • Compiled binary distribution—source code cannot be extracted or inspected
  • All sensitive credentials stored with 0600 file permissions
  • Sensitive environment variables automatically redacted from logs and output
  • Network communication with third-party APIs uses TLS encryption
  • Timing-safe authentication across all security-critical operations
  • No central server that stores or has access to your data

9. Data Retention

All operational data is stored locally on your machine. You can delete it at any time by removing the Jeriko configuration and data directories (~/.config/jeriko/ and ~/.jeriko/), or by uninstalling Jeriko entirely. We do not retain copies of your data on our infrastructure.

Account and billing information is retained for the duration of your subscription and for the period required by applicable tax and accounting laws.

10. Your Rights

You have full control over your data:

  • Disconnect any connected service at any time
  • Revoke OAuth tokens and delete API keys
  • Delete all local data by removing Jeriko's directories
  • Uninstall Jeriko completely
  • Request deletion of your account and billing information
  • Request a copy of any personal information we hold about you

If you are in the European Economic Area, the United Kingdom, or another jurisdiction with data protection laws, you may have additional rights including the right to access, correct, delete, or port your data. Contact us at info@etheon.ai to exercise these rights.

11. International Data Transfers

Etheon is headquartered in the United States with operations in the United Kingdom. If you provide us with account information from outside these jurisdictions, that information may be transferred to and processed in the United States or United Kingdom. We ensure appropriate safeguards are in place as required by applicable data protection laws.

12. Children's Privacy

The Services are not directed at children under 13 (or the age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will promptly delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will give at least 30 days' notice via email or in-product notice. Changes will be posted on this page with an updated effective date. Your continued use of the Services after changes means you accept the updated policy.

14. Contact

If you have questions about this Privacy Policy or how we handle your data, contact us at info@etheon.ai.

For legal matters: legal@etheon.ai

Etheon, Inc.
524 Market Street
San Francisco, CA 94105