Legal

Privacy Policy.

Last updated: 2026-04-12

Overview

Push is a macOS desktop application that you install and run locally on your own Mac. It orchestrates AI agents you configure. This policy describes the data Push itself handles. It does not cover the AI agents you run through Push — those follow their own policies.

What stays on your Mac

Push stores all of your workspace data locally in ~/.push/ on your Mac. That includes agent definitions, run history, transcripts, generated artifacts, and configuration. Push does not upload this data to our servers. If you delete the app and wipe ~/.push/, nothing remains on our side because nothing was sent in the first place.

What Push sends to us

  • Update checks. Push polls releases.pushto.do/appcast.xml on launch and every 24 hours. These requests transmit your Push version number and standard HTTP headers (User-Agent, Accept-Encoding, etc.). We don’t set cookies, don’t fingerprint, and don’t log IPs beyond what Cloudflare retains for DDoS protection.
  • Nothing else. Push does not send crash reports, analytics, telemetry, or usage data.

Optional iOS pairing (relay)

If you pair Push with the Push iOS companion app, both devices connect to our hosted relay at push-relay.com. The relay passes encrypted messages between your iPhone and your Mac. We don’t read, store, or log message contents. The relay holds only short-lived pairing tokens and connection metadata (device pair ID, last-seen timestamp).

Pairing is opt-in. If you don’t install the iOS app, the relay is never contacted.

Agents you configure

Push lets you run AI agents (Claude Code, Codex, Gemini, Cursor, Opencode, and custom adapters). Each agent has its own data practices — when an agent calls its provider, that data leaves your Mac under that provider’s policy, not Push’s. Review each provider’s policy before handing over sensitive content.

Push does not intercept, proxy, or mirror agent traffic. Your API keys are stored encrypted in ~/.push/ and used directly from your Mac to the agent’s provider.

Third parties

  • Cloudflare — serves our website, release DMGs (R2), and relay (Workers).
  • Apple — notarizes Push so macOS Gatekeeper accepts it. Apple may log that your Mac has run a notarized app the first time it launches.
  • Agent providers (Anthropic, OpenAI, etc.) — only when you explicitly configure an agent.

We don’t use advertising SDKs, analytics trackers, or any third-party service that fingerprints users.

Your rights

Because Push is local-first, you already control all of your data:

  • Access / export — everything is in ~/.push/ (SQL-compatible, JSON artifacts, plain-text logs).
  • Deletion — drag Push.app to the Trash and remove ~/.push/. Nothing of yours remains on our servers because nothing was sent there.
  • Unpair iOS — clearing the pairing in the iOS app severs the relay link. No further messages route between devices.

Children

Push is not directed at children under 13. We don’t knowingly collect data from children.

Changes

We’ll update this policy as Push evolves. Material changes get a note in the changelog.

Contact

Questions or data requests: privacy@massless.ai.