Privacy Policy

Last updated June 27, 2026

Shotoku is a local-first, open-source tool. This policy explains what data exists, where it goes, and what we do with it — which is very little.

What Shotoku does with your data

Shotoku runs entirely on your machine. Authorization decisions, your policy file, and the decision ledger never leave your device unless you explicitly move them. We do not have servers that receive or store your decisions.

What we collect

We collect nothing automatically. Specifically:

• No telemetry or usage analytics
• No crash reports
• No identifiers, device information, or IP addresses
• No policy file contents
• No decision ledger data

This website

This landing page (shotoku.dev) is a static site hosted on Vercel. Vercel may collect standard server access logs (IP address, request path, timestamp) as part of their infrastructure. We do not use cookies, tracking pixels, or third-party analytics.

GitHub

The Shotoku source code is hosted on GitHub. If you open an issue, submit a pull request, or interact with the repository, GitHub's own privacy policy applies to that activity.

npm

Installing Shotoku via npm goes through the npm registry. npm may log your IP address and the packages you download as part of their standard infrastructure. We do not receive this data.

Contact

Questions about this policy can be sent to peschardjulius03@gmail.com.