privacy
How we handle your data.
Last updated: 2026-06-18
We're a developer-tools company. We treat your data the way we'd want ours treated.
- The open-source product collects zero telemetry. Nothing about your installs, configurations, or twin invocations leaves your machine. There's no opt-out because there's nothing to opt out of.
- WonderTwin Pro collects narrow operational telemetry. Pro twins are adaptive — they evolve as the real services they twin evolve — and that adaptation depends on telemetry. We've designed the collection to give you adaptive behavior without giving us your data.
- Sanitization happens on your machine, before transmission. We never see your request payloads, response bodies, environment variables, API keys, file paths, or anything that could identify you, your employer, or your customers.
- We've never sold your data, and we couldn't if we wanted to. What we receive is bounded, anonymized signal. There's no resolution at which it could be tied back to you.
- The auth boundary is the telemetry boundary.
Signed in (Pro or MCP) means telemetry is on; signed out means it's
off.
wt auth logoutreturns the runtime to anonymous, telemetry-free use — that's the opt-out.
Want the legal-grade version?
The summary above is the spirit. The full policy is the legal-grade version of the same — what we collect for Pro, what we never collect, sanitization, retention, your rights, sub-processors, security posture, and the rest.
Privacy questions: privacy@wondertwin.ai
Security disclosures: security@wondertwin.ai