DeskFox 用户隐私协议
引言
欢迎使用 DeskFox(以下简称"本软件")。本软件是一款开源桌面工具,由 DeskFox 项目维护方独立运作,帮你在本地电脑上读文件、写文件、和各类 AI 模型对话。本协议告诉你我们如何处理你的数据,以及你拥有哪些权利。
本软件性质说明:本软件由 DeskFox 项目维护方以业余时间开发并免费开源,不构成商业服务,不存在企业级 SLA 承诺。请你在使用前充分理解本软件的"个人开源"性质——这意味着维护节奏、bug 响应速度、功能迭代均不可预期,你应当评估这一点是否适合你的使用场景(尤其商业场景)。详见第八节免责声明。
为什么你可以信任这份协议
本软件完全开源,源码托管在两个公开仓库:
你可以亲自审计本软件的所有代码,验证我们在协议里说的话是否属实——无论是收什么数据、不收什么数据,还是数据怎么发出去。这是比任何法律承诺都更强的隐私担保。
本软件遵循 MIT 开源协议(与上游 sst/opencode 一致),你可以自由使用、修改、分发,但需保留版权与许可证文本。
我们的核心承诺
DeskFox 不会读取或存储你的聊天内容、文件内容、API key。我们最多收集的是匿名的总体用量统计和更新检查所需的最少信息(如软件版本、平台),且全部可在设置中关闭。
关于角色边界(重要)
当你用 DeskFox 处理他人的数据(例如你公司的客户资料、同事信息、家庭成员资料),在《个人信息保护法》等数据保护法律的语境下,你自己是这些个人信息的"个人信息处理者(俗称数据控制者)",DeskFox 只是把工具交到你手里,不参与你处理的内容、目的、流向。
类比:微软不会因为你用 Word 写了客户合同,就成为该客户合同的处理者。本软件的角色定位与之相同。
详细责任划分见第八节 8.3。
本协议适用于你下载、安装、使用 DeskFox 桌面应用的全过程。
一、整体数据流(请先理解架构)
你的电脑
┌────────────────┐
│ DeskFox.exe │ ──┬─→ 你接入的 AI 模型方(Claude / GPT / Gemini / ...)
│ (本地运行) │ │ 传:聊天文本、加入上下文的文件内容、API 请求
│ │ │ ※ 直连模型方,不经任何 DeskFox 后端
│ 本地文件 │ │
│ 聊天历史 │ ├─→ DeskFox 使用统计端点(自 v2026.4.29.2 起已上线)
│ API key │ │ 传:匿名 install_id + 软件版本 + OS + CPU 架构 + 国家
│ 配置 │ │ ※ 不含聊天 / 文件 / API key 任何内容
│ │ │ ※ 三种方式任一关闭(详见第三节)
│ │ │
│ │ └─→ DeskFox 更新检查端点(自 v2026.4.29.2 起已上线)
│ │ 行为:HTTP GET 拉取一份静态 JSON
│ │ ※ 客户端不主动发自己的版本号(比对在本机完成)
│ │ ※ 不静默下载,不静默安装
│ │ ※ 设置可一键关闭(详见第三节)
└────────────────┘
理解四条数据通道:
| 通道 | 走向 | 谁能看到 | 你的控制 |
|---|
| 聊天 / 文件上下文 | 你电脑 → 你接入的模型方 | 模型方(由模型方隐私政策约束),DeskFox 看不到 | 不接入模型 = 完全不发(见第 2.2 节"接入定义") |
| 本地数据 | 留你电脑 | 只有能登录你电脑账号的人(包括你) | 卸载 + 删除本地目录 = 完全清除 |
| 使用统计 | 你电脑 → DeskFox 统计端点 | DeskFox,仅聚合层级,不识别个人 | 三种方式任一关闭 |
| 更新检查 | 你电脑 → DeskFox 更新端点(GET 静态 JSON) | DeskFox 服务器仅记接入日志,不收当前版本号 | 设置一键关闭,与统计开关独立 |
二、我们如何处理你的数据
2.1 留在你电脑上的(我们看不到)
| 数据类型 | 存储位置 | 是否离开你电脑 |
|---|
| 你打开 / 编辑的文件 | 你电脑的原路径 | ❌ 不离开(除非你"加聊天"主动发给模型) |
| 聊天历史 | DeskFox 用户配置目录(本地数据库) | ❌ 不离开 |
| 模型 API key | 本地配置文件 | ❌ 不离开(发请求时直接打到模型方,不过任何中转) |
| DeskFox 偏好设置 | 本地配置文件 | ❌ 不离开 |
| 文件树状态 / 最近打开 | 本地配置文件 | ❌ 不离开 |
2.2 发给第三方模型方的(由你的选择决定)
接入定义(重要)
本协议中"接入某个模型方"指你主动完成以下两步:
- 在 DeskFox 设置中填入该模型方的 API key
- 该 key 经 DeskFox 与模型方的接口请求成功跑通(模型方接受请求并返回响应)
未完成上述两步前,DeskFox 不向该模型方发送任何请求,即使界面上列出了该模型方的名字也不会发。这一边界划清避免"开箱即默认接入"的不知情。
接入成功后的数据流
接入成功后,当你主动做以下操作时,数据会从你电脑发到你接入的模型方:
- 在聊天框输入并发送消息
- 用"右键 → 加到聊天"把文件内容加入对话上下文
- 让模型 Edit / Write 你的文件(模型读 / 写文件需要先取到内容)
- 行评论 review 路径
发给模型方的:你的提问文本、被加入上下文的文件内容、你提供的 system prompt、agent 配置等。
重要:这些请求由 DeskFox 在你本机直接发起,完全不经过 DeskFox 的服务器。模型方收到什么、保留多久、怎么用,由各模型方的隐私政策决定(常见模型方政策见附录 A)。我们建议你在选择模型方前阅读对应的隐私政策。
2.3 我们永远不会收集的数据(无论现在或将来)
- ❌ 聊天内容:任何与模型对话的内容,我们不收
- ❌ 文件内容 / 文件名 / 文件路径:你打开或编辑的任何文件,我们不收
- ❌ API key:不收
- ❌ 细粒度行为日志:不记录你点了什么按钮、用了哪个功能多久(仅记录第三节列出的固定事件)
- ❌ 真实 IP 地址:仅用于服务端推算国家级地区,推算后立即丢弃 IP,不入库
- ❌ 能识别你身份的信息:姓名、邮箱、手机、账号、生物特征等
- ❌ 崩溃报告含真实数据:本机崩溃日志默认仅留本地;当前版本完全不收集崩溃数据(见第七节);若未来加入崩溃上报,会单独征求你同意,且只上传脱敏堆栈
三、与 DeskFox 服务器的通信
DeskFox 与 DeskFox 服务器的通信仅限以下两类,且数据范围严格受限。两类通信均自 DeskFox v2026.4.29.2 起已上线。
3.1 使用统计
目的:了解软件总体用户规模、地区分布、版本分布,用于判断维护投入和本地化优先级。
端点:https://telemetry.deskfox.ai/api/event(后端为自托管 Plausible Analytics)。
收集字段(每次事件携带的全部内容)
| 数据点 | 例子 | 用途 |
|---|
匿名安装 ID(install_id) | b4c7e2a1-...(本机生成的随机 UUID,首次启动产生,存于本地) | 区分独立设备数,无法关联到你的真实身份(我们没有任何映射表把 UUID 还原到人) |
软件版本号(version) | 2026.4.29.2 | 版本分布统计 |
操作系统平台(os) | win32 / darwin / linux(对应 Node.js process.platform) | OS 分布统计 |
CPU 架构(arch) | x64 / arm64 | 架构分布统计 |
国家(country) | CN / US 之类国家级(不到省/州) | 由 Plausible 服务端从请求 IP 推算后立即丢弃 IP,只留国家码 |
事件白名单(代码硬编码的强承诺)
本软件代码中强制限定只能上报以下事件,任何不在表内的事件名都会在客户端被静默丢弃(防御性编码,见 packages/desktop-electron/src/main/telemetry-strategy.ts 的 ALLOWED_EVENTS 常量)。
| 事件名 | 触发时机 | 携带内容 |
|---|
pageview(心跳) | 软件启动 | 仅上面表格中的 5 个字段,无额外信息 |
desktop.app_open | 软件启动 | 同上 |
desktop.project_open | 你打开一个项目 | 同上,不含项目名 / 路径 |
desktop.ai_request | 你发出一次模型请求 | 同上,不含提示词 / 文件内容 / 模型名 |
desktop.update_seen | 你看到更新提示弹窗 | 同上 |
desktop.update_downloaded | 新版本下载完成 | 同上 |
desktop.update_applied | 你点击重启应用更新 | 同上 |
频率
每次软件启动时上报一次心跳(pageview)+ 一次 desktop.app_open 事件;触发其它白名单事件时各上报一次。客户端有 5 分钟 / 20 事件的缓冲机制,失败重试 3 次。
默认开关
默认开启,首次启动有 native 弹窗告知(三个按钮:Allow / Disable telemetry / Privacy policy)。你可以在弹窗直接选关闭,或之后通过下列任一方式关闭(三选一,生效相同):
- 在应用内
设置 → 隐私 → 使用统计 关闭(写入下面的 config.json)
- 设置环境变量
OPENCODE_TELEMETRY=0(优先级最高,覆盖 config)
- 编辑
~/.config/opencode/config.json,加入 "telemetry": false
关闭后立即生效,客户端不再向统计端点发送任何请求。
存储与保留
| 数据形态 | 保留期 | 存储位置 |
|---|
| 原始事件记录 | 30 天后销毁 | 中国境内服务器 |
| 聚合统计(版本分布、国家分布、日活/月活) | 12 个月 | 同上 |
| 聚合后的趋势图 | 永久 | 同上 |
数据出境:本软件统计数据仅存储于中国境内,不发生跨境传输。如未来调整存储位置(例如海外节点),会按 PIPL 第三章相关条款重新征求你的同意,并在协议中显著标注。
3.2 更新检查
目的:告知你有新版本可用,由你自行决定是否下载和更新。
端点:https://updates.deskfox.ai/v1/latest/<client>/latest.json(静态 JSON)。
行为(代码层面的事实)
- 客户端发出 HTTP GET 请求,拉取上述静态 JSON
- 服务器只返回最新版本元数据(版本号、发布时间、release notes URL)
- 客户端不主动发自己的版本号给服务器(版本比对在你本机完成)
- 唯一在服务器侧出现的字段是网络层的 IP(用于服务器返回响应)和 URL 路径中的
<client>(desktop / cli,这告诉服务器你要哪个客户端的更新信息)
- 客户端本地 24 小时缓存,避免每次启动都打服务器
行为边界(重要)
- ✅ 仅查询有无新版本
- ✅ 若有新版本,弹窗或菜单提示,由你点击才会跳转下载
- ❌ 不静默下载新版本
- ❌ 不静默安装 / 不强制升级 / 不在你不知情时替换文件
- ❌ 不收集你的更新行为(你看到提示后是否更新,我们不知道——除非你自己启用了使用统计,那时会有
desktop.update_seen / update_downloaded / update_applied 事件,见 3.1 白名单)
频率
启动时检查一次,之后每 24 小时检查一次。本地缓存,失败静默忽略。
默认开关
默认开启,可通过下列任一方式关闭(两选一,与"使用统计"开关完全独立):
- 设置环境变量
OPENCODE_UPDATE_CHECK=0
- 编辑
~/.config/opencode/config.json,加入 "update_check": false
也就是说:你可以只关使用统计、保留更新检查;或反过来。
Microsoft Store 渠道的特殊说明
经 Microsoft Store 安装的 DeskFox(MSIX 包),升级完全由 Store 自动处理,本软件不再独立做更新检查(代码中对应 store-skip 策略)。这意味着:
- 你不会收到 DeskFox 自己的更新提示弹窗
- DeskFox 不会向 DeskFox 更新端点发送任何请求
- 升级行为完全遵循 Microsoft Store 规则,Store 会按其自身策略静默更新或推送你确认
与上游 sst/opencode 的差异
DeskFox 已禁用上游 sst/opencode 的官方自动升级通道(详见 改动日志.md "禁自动升级"条目),原因是上游通道会用上游版本覆盖 DeskFox。本节的更新检查是 DeskFox 自有通道,只用来通知 DeskFox 自己的版本更新,与上游通道无关。
四、第三方组件与依赖
4.1 微软 WebView2
DeskFox 使用 WebView2 渲染界面,这是 Windows 系统组件,由微软维护。WebView2 自身的数据收集行为受微软隐私声明约束,我们无法干预。如有疑问,请查阅 https://learn.microsoft.com/microsoft-edge/webview2/concepts/distribution#privacy。
4.2 上游开源依赖
DeskFox 基于开源项目 sst/opencode fork 而成(MIT 协议),并依赖一系列前端 / Rust 第三方库。这些库作为代码运行在你本机内,不会单独向外传输你的数据。完整依赖清单见源码 package.json 与 Cargo.toml。
4.3 你接入的 AI 模型方
你在 DeskFox 中接入(见第 2.2 节"接入定义")的任何模型方(如 Anthropic Claude / OpenAI / Google Gemini / 自部署模型 / 其它)各自独立处理你的请求数据,各自有独立的隐私政策。DeskFox 对模型方的数据处理行为不承担责任,但建议你优先选择有明确隐私政策、提供数据不留存选项的模型方。
五、你的控制权
本节所列控制权对应《中华人民共和国个人信息保护法》第十三条至第二十条规定的个人信息主体权利,包括知情权、决定权、查阅权、复制权、更正权、补充权、删除权、撤回同意权等。如你认为本软件未能履行该等义务,可通过第十二节联系渠道与 DeskFox 直接沟通。
你随时可以做以下操作来管理你的数据:
| 你想做的 | 怎么做 |
|---|
| 关闭使用统计 | 应用内 设置 → 隐私 → 使用统计,或环境变量 OPENCODE_TELEMETRY=0,或 ~/.config/opencode/config.json 中 "telemetry": false(三选一,生效相同) |
| 关闭更新检查 | 环境变量 OPENCODE_UPDATE_CHECK=0,或 ~/.config/opencode/config.json 中 "update_check": false(两选一,与使用统计开关独立) |
| 删除聊天历史 | 在 DeskFox 内删除对应会话,或直接删除本地数据库文件 |
| 撤销 / 替换某模型的 API key | 在 DeskFox 设置 → 模型 中删除/编辑,或编辑本地配置文件 |
| 不再使用某模型 | 在模型选择器中切换 / 移除 |
| 完全清除所有 DeskFox 数据 | 卸载 DeskFox + 手动删除本地配置目录(具体路径见附录 B) |
| 重置匿名安装 ID(install_id) | 删除本地配置目录(附录 B)后重启,即生成新 UUID |
| 完全离线使用 | 不接入任何模型方 + 关闭使用统计 + 关闭更新检查,DeskFox 退化为完全本地工具 |
5.1 关于"删除已上传的统计数据"
由于统计端点不存储任何可识别个人身份的字段(无邮箱、无姓名、无 IP 入库、无账号系统、无 install_id 与个人的映射表),已上传的事件无法关联回你。这意味着:
- 不存在"删除某用户的历史统计"这一动作可以执行(因为我们手里没有"用户"这个概念)
- 关闭使用统计开关后,客户端立即停止采集和上报新数据
- 删除本地
install_id 文件(见附录 B)后重启,生成新 UUID,与历史统计断开关联(虽然历史统计本就匿名,无法回溯)
这是本软件相对常见 SaaS 工具的隐私优势,但同时也意味着我们没有提供"用户数据查询/导出"接口——因为我们根本没有可查询/导出的个人数据。
六、开源与可审计性
6.1 源码托管
6.2 你能验证什么
因为代码全公开,你或任何技术人员都可以:
- 审计我们到底收什么、不收什么(grep 源码即可,事件白名单见
packages/desktop-electron/src/main/telemetry-strategy.ts)
- 自行编译 from source 验证 ship 出去的二进制行为一致(reproducibility)
- fork 改造你自己的版本(MIT 允许),完全摆脱 DeskFox 的统计与更新通道
6.3 许可证
本软件遵循 MIT 协议(完整文本见仓根 LICENSE)。你需要保留版权和许可证文本,但可自由使用、修改、合并、发布、分发、再许可、出售。MIT 协议本身已包含强力的"按现状提供"声明,详见第八节。
七、安全限制(请务必阅读)
DeskFox 当前版本存在以下已知安全限制,请你在使用前充分知悉:
- installer 不带数字签名:出于成本考虑,本软件 installer 不进行代码签名。Windows / macOS 在首次运行时可能弹出"未知发布者 / 来源不明"警告。仅当你从上述 GitHub / Gitee 官方仓库的 Release 页下载时,可以选择继续运行。来源不明的 installer 不要运行,可能是仿冒。
- 本地数据未加密:聊天历史、API key、配置文件以本机用户可读形式存储。任何能登录你电脑这个用户账号的人(或恶意程序)都能读取。请保护好你的电脑账号密码,共享电脑用户尤其注意。强烈建议同时启用操作系统全盘加密(见 7.1)。
- API key 是你的资产:被泄露的 API key 可能被恶意调用产生费用。如果怀疑泄露,请立刻去模型方控制台撤销 key,然后在 DeskFox 中替换新 key。
- 当前版本不收集任何崩溃数据(2026-05-01 截至):本软件当前未集成任何崩溃上报机制(无 Electron
crashReporter、无 Sentry、无 breakpad/crashpad、无 Rust panic 上报)。即软件崩溃时:
- 本地不会写入 DeskFox 专属的崩溃 dump 文件
- 不会向 DeskFox 或任何第三方上报任何崩溃信息
- 系统级 crash 行为(如 Windows 事件查看器、macOS Console.app)由操作系统接管,与本软件无关
如未来加入崩溃上报功能,会按本协议第十节"协议修订"规定:重新弹窗征求你同意,且只上传脱敏堆栈,绝不携带源数据。
7.1 关于"本地数据未加密"的缓解措施(强烈建议)
既然本软件本身不加密本地配置/聊天历史/API key,强烈建议你启用操作系统级别的全盘加密——这是工业级最低成本的安全措施:
- Windows 10/11 专业版及以上:启用 BitLocker(
设置 → 更新和安全 → 设备加密,或 控制面板 → BitLocker 驱动器加密)
- macOS:启用 FileVault(
系统设置 → 隐私与安全性 → FileVault → 打开)
- Linux:安装时选择 LUKS 全盘加密,或用
fscrypt 加密 home 目录
全盘加密保证:即使你的电脑被偷、硬盘被拔走,他人也无法读取你的 DeskFox 本地数据。
八、免责声明与责任限制
法律提示:本节是对 MIT 开源协议默认条款的中文具体化。如本节中文表述与仓根 LICENSE 英文文本就具体免责范围出现歧义,以本中文版本为准(与协议头部"中英冲突以中文版为准"的总体规则一致);MIT LICENSE 英文文本本身仍按其原文及国际开源社区惯例独立解释。
8.1 软件按"现状"提供
本软件完全免费、按"现状"(AS IS)提供,不附带任何明示或暗示的担保,包括但不限于适销性、特定用途适用性、不侵权等担保。
DeskFox、本软件作者、上游 sst/opencode 作者、所有贡献者均不保证:
- 本软件无 bug、无故障、无中断
- 本软件适合你的具体使用场景
- 本软件输出结果准确、可靠、最新
- 本软件兼容你的硬件、操作系统、网络环境
- 本软件能与你接入的任何模型方稳定协作
- 任何特定功能在未来版本中保留
8.2 DeskFox 不承担责任的具体场景(列举)
下列情形导致的任何直接或间接损失(包括财产损失、数据损失、商誉损失、营业损失、机会损失等),DeskFox 一概不承担责任:
A. 数据与设备相关
- 你电脑感染病毒、被攻击、硬盘损坏导致的数据丢失
- 你用 DeskFox 创建/编辑的内容因软件 bug、断电、误操作等任何原因丢失或损坏
- 你的 API key 被泄露、被盗、被恶意调用产生的任何费用
- 你的模型方账号被封停、限流、扣费、退款纠纷
B. 模型方服务相关
- 模型回答错误、有偏见、违法、误导、不符合事实
- 模型 API 异常、限流、停服、价格变动、政策变动
- 模型方的数据使用或数据泄露行为
- 你与模型方之间的任何法律纠纷
C. 你的使用行为相关
- 你用 DeskFox 做违法或违反公序良俗的事情
- 你的工作产出因 DeskFox bug、模型错误等原因导致的间接损失
- 你违反所接入模型方的使用条款
- 你将 DeskFox 用于商业用途产生的盈亏
- 你在 DeskFox 中处理涉及他人隐私 / 商业秘密 / 国家秘密的数据(见 8.3 个人信息处理者角色)
D. 系统与第三方
- 操作系统、WebView2、硬件不兼容
- 第三方 plugin / agent / fork / 二次打包版本的任何行为
- 来源不明的 installer(仿冒、植入恶意代码、二次打包)给你带来的任何损失
- 网络欠费、模型 API 余额耗尽
E. 升级与维护
- 软件停止维护、不再更新、停止 ship
- 升级后某项功能被移除或行为改变(我们会在 changelog 标注,但不保证向后兼容)
- 你跳过更新检查导致的兼容问题
8.3 你的责任(配套)
使用本软件即视为你接受以下责任:
- 数据备份:重要数据自行备份,不依赖任何单一软件
- API key 与账号安全:自行妥善保管,不泄露
- 模型方选择:自行评估并选择可信、合规的模型方,自行同意其条款
- 合规使用:遵守所在地法律法规,不利用本软件进行违法活动
- 场景适配:自行评估本软件是否适合你的使用场景(尤其商业场景);若涉及合规、法律、医疗、金融等高风险领域,请在专业人士指导下使用
- 来源核验:仅从官方渠道(GitHub Release / Gitee Release)下载 installer
- 个人信息处理者角色(重要):当你使用 DeskFox 处理他人(客户、雇主员工、家庭成员、第三方等)的个人信息时,在《个人信息保护法》等数据保护法律的语境下,你(而非 DeskFox 项目方)是该等个人信息的"个人信息处理者(controller)";DeskFox 项目方仅作为工具开发者提供软件本身,不参与你处理的数据内容、目的、对象、流向。你需自行向被处理人履行告知、取得同意等义务,自行评估处理行为的合法性、合理性、必要性,并就此承担相应法律责任与对外赔偿责任。如发生纠纷,DeskFox 项目方不就该等纠纷承担诉讼当事人责任或赔偿责任
8.4 责任上限
在适用法律允许的最大范围内,DeskFox 因本软件给你造成任何损失的赔偿责任,不超过人民币 0 元(本软件免费提供,无任何对价)。
如所在地法律不允许此责任上限,则适用当地法律允许的最低责任上限。
九、未成年人保护
9.1 适用对象
DeskFox 定位为面向成年人的生产力工具,不直接面向未成年人推广,亦未专门设计未成年人友好功能。
9.2 未满 14 周岁的儿童
依《中华人民共和国个人信息保护法》第三十一条与《中华人民共和国未成年人保护法》第七十二至七十七条的规定:不满 14 周岁的儿童不得单独使用本软件。如确有使用需要,必须由其监护人审阅本协议、单独同意各项条款,并在监护人全程指导下使用。
9.3 14 至 18 周岁的未成年人
14 周岁(含)以上、未满 18 周岁的未成年人在使用前,须取得监护人的单独同意(包括同意本协议各项条款、第三节使用统计的默认开启状态、以及使用本软件可能涉及的接入第三方模型方等行为)。如监护人不同意默认上报使用统计,可在首次启动弹窗中选择"Disable telemetry"关闭。
9.4 数据保护承诺
本软件结构性地不收集任何可识别身份的信息(见第 2.3、3.1 节),即使未成年人使用,DeskFox 端无法识别出未成年人身份,也无法将数据关联到具体未成年人。这是本软件相对常见 SaaS 工具的额外保护。
如发现我们无意中收集了可识别未成年人身份的信息(理论上不存在,但作为兜底),请通过第十二节联系渠道反馈,我们核实后立即删除。
十、协议修订
本协议可能随软件版本更新而修订。重大修订(例如改变数据流向、新增收集项目、改变默认开关、修改免责条款)必须:
- 在新版本 installer 发布说明(
docs/installer-versions.md)中明确标注
- 修订后的协议版本号在本文件头部更新
- 用户首次运行新版本时强制弹窗告知并需重新确认
非重大修订(例如错别字、链接更新、措辞优化)可直接更新本文件,不另行通知。
历次修订留痕保存在源码仓库的 git 历史中,任何人可通过 git log docs/legal/隐私协议.md 查看完整历史。
十一、适用法律
11.1 主导法律
本协议的解释、执行、纠纷处理,适用 中华人民共和国 法律(不含港澳台地区法律)。具体涉及但不限于:
- 《中华人民共和国民法典》
- 《中华人民共和国个人信息保护法》(PIPL)
- 《中华人民共和国数据安全法》
- 《中华人民共和国网络安全法》
- 《中华人民共和国未成年人保护法》
- 《中华人民共和国消费者权益保护法》(虽然本软件免费,但如适用)
MIT 开源协议本身(LICENSE 英文文本)则按其原文及国际开源社区惯例解释,不因本协议被替换或修改。
如果适用法律的某个条款使本协议某条款无效,仅该条款无效,其余条款继续有效。
如就本协议产生纠纷且协商不成,任一方可向中华人民共和国境内有管辖权的人民法院提起诉讼(具体管辖法院按《民事诉讼法》相关规定确定)。
11.2 域外管辖兜底(GDPR / CCPA 等)
本软件源码全公开、全球可下载,可能被适用法律包括但不限于以下域外法律的用户使用:
- 欧盟 / 欧洲经济区用户 — 可能适用《通用数据保护条例(GDPR)》
- 加州 / 美国其它州用户 — 可能适用《加州消费者隐私法案(CCPA / CPRA)》
- 其它国家或地区 — 适用其本地数据保护法
在该等域外法的属人 / 属地管辖触及本软件的范围内,按当地法律执行该等法律的强制要求(例如 GDPR Article 17 的删除权、Article 20 的可携带权、CCPA "知情权 / 删除权 / 不歧视权")。
但因本软件结构性地不收集可识别个人的数据(见第 2.3、3.1、5.1 节),实际可行使的权利大多与"已经为零"的现状一致 — 我们手里没有可"导出 / 删除"的个人数据。
如果当地法律要求的合规义务与本协议(或 PRC 法律下的现行设置)发生冲突,以该等域外法律的强制性要求为准,但仅在该用户和该次冲突的范围内适用,不影响本协议对其它用户 / 其它情形的整体效力。
十二、联系方式
本软件作为个人开源项目,不维护私人联系邮箱。所有反馈渠道均经由公开仓库,既保证响应可追溯,也避免单点依赖个人邮箱。
如你提出的请求涉及不便在公开 Issue 中披露的个人信息(例如行使数据主体权利时需要核验身份),也可通过上述 Security Advisory 渠道私密提交。
附录 A:常见模型方隐私政策链接
列举仅供参考,实际生效以模型方官方政策为准。
附录 B:DeskFox 本地数据存储路径
| 操作系统 | 路径 |
|---|
| Windows | %USERPROFILE%\.config\opencode\ |
| macOS | ~/.config/opencode/ |
| Linux | ~/.config/opencode/ |
更新检查的本地缓存:~/.cache/opencode/update_check.json(同上各平台对应路径)。
关于路径名(为什么是 opencode/ 而不是 deskfox/?)
DeskFox 当前版本沿用上游开源项目 sst/opencode 的目录名 opencode/,目的是与上游配置兼容(已使用 opencode 的用户安装 DeskFox 后,聊天历史、模型设置自动可用,无需迁移)。改用独立目录 deskfox/ 列入后续技术债清单。
同时安装上游 sst/opencode 与 DeskFox(共存场景)
如果你的电脑上同时安装上游 sst/opencode 与 DeskFox,请知悉:
- 两者共享同一配置目录(包括
install_id 文件、config.json、聊天历史、模型 API key、MCP 配置等)
- 任一端修改配置,另一端会读到最新值
- 两端同时打开同一项目有概率发生数据竞争(SQLite 锁竞争),建议避免
- 两端版本若 schema 漂移,互相打开有概率发生数据破坏(虽然两边都有版本兼容机制,但兜底建议先备份)
- 统计上报互不串流:DeskFox 上报到
telemetry.deskfox.ai,上游 opencode 上报到上游自己的端点(端点不同,代码层面不会跨流);但同一 install_id 会同时出现在两端后端(每端的"独立设备数"统计都会包含这台机器)
- 关闭一端的统计开关 = 同时关闭另一端的统计(因为开关写在共享 config.json 里),这对用户友好
完全清除所有 DeskFox 数据:卸载 DeskFox + 手动删除上述目录。注意:删除会同时清掉上游 opencode 的本地数据(如你也在使用),请先备份重要的聊天历史。
修订记录
| 版本 | 日期 | 修订内容 |
|---|
| v1.0 | 2026-05-01 | 正式版首次生效 |
历次修订留痕同时保存在源码仓库的 git 历史中,任何人可通过 git log docs/legal/隐私协议.md 查看完整历史(含正式版前的草稿迭代过程)。
DeskFox Privacy Policy
Introduction
Welcome to DeskFox (the "Software"). DeskFox is an open-source desktop tool, independently maintained by the DeskFox project maintainer. It helps you read and edit files locally and chat with various AI models. This policy explains how we handle your data and what rights you have.
Nature of this Software: This Software is developed and freely open-sourced by the DeskFox project maintainer in spare time. It does not constitute a commercial service and carries no enterprise-level SLA commitment. Please understand the "individual open-source" nature before use — maintenance cadence, bug response time, and feature iteration are all unpredictable, and you should evaluate whether this is suitable for your scenario (especially commercial scenarios). See Section 8 for the disclaimer.
Why You Can Trust This Policy
This Software is fully open source. The source code is hosted on two public repositories:
You can audit the code yourself to verify whether what we say in this policy is true — what we collect, what we don't, and how data leaves your machine. This is a stronger privacy guarantee than any legal promise.
The Software is licensed under the MIT License (same as upstream sst/opencode). You may use, modify, and distribute it freely, subject to keeping the copyright and license text.
Our Core Commitment
DeskFox does not read or store your chat content, file content, or API keys. The most we collect is anonymous aggregate usage statistics and the minimum information needed for update checks (software version, platform), all of which can be disabled in Settings.
Role Boundary (Important)
When you use DeskFox to handle data of others (e.g., your company's customer records, colleague information, family member data), under the Personal Information Protection Law (PIPL) and similar data-protection regimes, you yourself are the "personal information processor (controller)" of that data. DeskFox only puts the tool in your hands and does not participate in the content, purpose, or flow of what you process.
Analogy: Microsoft does not become the processor of your customer contracts merely because you typed them in Word. The Software's role positioning is the same.
Detailed allocation of responsibility: see Section 8.3.
This policy applies to your full lifecycle of downloading, installing, and using the DeskFox desktop application.
1. Overall Data Flow (Please Understand the Architecture First)
Your computer
┌────────────────┐
│ DeskFox.exe │ ──┬─→ AI model providers you connect (Claude / GPT / Gemini / ...)
│ (runs local) │ │ Sent: chat text, file content added to context, API requests
│ │ │ ※ Direct to provider; no DeskFox backend in the path
│ local files │ │
│ chat history │ ├─→ DeskFox usage statistics endpoint (live since v2026.4.29.2)
│ API keys │ │ Sent: anonymous install_id + software version + OS + arch + country
│ config │ │ ※ Contains NO chat / file / API key content
│ │ │ ※ Three ways to disable (see Section 3)
│ │ │
│ │ └─→ DeskFox update check endpoint (live since v2026.4.29.2)
│ │ Behavior: HTTP GET pulls a static JSON
│ │ ※ Client does NOT send its own version (compared locally)
│ │ ※ No silent download, no silent install
│ │ ※ Toggle off in Settings (see Section 3)
└────────────────┘
Four data channels:
| Channel | Direction | Who can see | Your control |
|---|
| Chat / file context | Your computer → Model provider you connect | Model provider (subject to their privacy policy); DeskFox cannot see | Connect no model = nothing sent (see Section 2.2) |
| Local data | Stays on your computer | Only those who can log into your computer account (including you) | Uninstall + delete local dir = fully wiped |
| Usage statistics | Your computer → DeskFox statistics endpoint | DeskFox, at aggregate level only, no individual identification | Three ways to disable |
| Update check | Your computer → DeskFox update endpoint (GET static JSON) | DeskFox server only sees access log; does NOT receive your version | Toggle off in Settings, independent of statistics toggle |
2. How We Handle Your Data
2.1 Stays on Your Computer (We Cannot See)
| Data type | Location | Leaves your computer? |
|---|
| Files you open / edit | Original path on your computer | ❌ No (unless you actively "Add to chat") |
| Chat history | DeskFox user config directory (local DB) | ❌ No |
| Model API keys | Local config file | ❌ No (sent directly to model provider, no relay) |
| DeskFox preferences | Local config file | ❌ No |
| File tree state / recent files | Local config file | ❌ No |
2.2 Sent to Third-Party Model Providers (Determined by Your Choice)
Definition of "Connection" (Important)
In this policy, "connecting to a model provider" means you have actively completed both of the following steps:
- Entered the provider's API key in DeskFox settings
- The key has successfully made a request to the provider's API (the provider accepted the request and returned a response)
Until both steps are complete, DeskFox does NOT send any request to that provider, even if the provider's name appears in the UI. This boundary is drawn so that no "out-of-the-box, unknowingly connected" situation can occur.
After a Successful Connection
Once a connection is established, when you actively perform any of the following, data is sent from your computer to that provider:
- Type and send a message in the chat box
- Use "Right-click → Add to chat" to include file content as context
- Have the model Edit / Write your files (the model needs to read/write file content)
- Line comment review path
What is sent: your prompt, file content added to context, your system prompt, agent configuration, etc.
Important: These requests are initiated by DeskFox directly from your machine and do not pass through any DeskFox server. What the model provider receives, retains, and how they use it is governed by their respective privacy policies (see Appendix A for common providers). We recommend reviewing the relevant provider's policy before connecting.
2.3 What We Will Never Collect (Now or in the Future)
- ❌ Chat content: any conversation with any model — never collected
- ❌ File content / names / paths: any file you open or edit — never collected
- ❌ API keys: never collected
- ❌ Granular behavior logs: we do not record which buttons you click or how long you use which feature (we record only the fixed events listed in Section 3)
- ❌ Real IP address: used only by the server to derive country, then immediately discarded, never stored
- ❌ Identifying information: name, email, phone, account, biometrics, etc.
- ❌ Crash reports with real data: local crash logs stay local by default; the current version collects no crash data at all (see Section 7); if crash reporting is added in the future, it will require separate consent and only sanitized stack traces will be uploaded
3. Communications with DeskFox's Server
DeskFox communicates with DeskFox's server only for the following two purposes, with strictly limited data. Both have been live since DeskFox v2026.4.29.2.
3.1 Usage Statistics
Purpose: Understand the overall scale, regional distribution, and version distribution of users, to inform maintenance and localization priorities.
Endpoint: https://telemetry.deskfox.ai/api/event (backed by self-hosted Plausible Analytics).
Fields Collected (Complete payload per event)
| Data point | Example | Purpose |
|---|
Anonymous install ID (install_id) | b4c7e2a1-... (random UUID generated locally on first launch, stored locally) | Counts unique devices; cannot be linked to your real identity (we hold no mapping table) |
Software version (version) | 2026.4.29.2 | Version distribution |
OS platform (os) | win32 / darwin / linux (Node.js process.platform) | OS distribution |
CPU architecture (arch) | x64 / arm64 | Architecture distribution |
Country (country) | CN / US etc. at country level (no province/state) | Derived by Plausible server-side from request IP; the IP itself is immediately discarded |
Event Whitelist (Hardcoded Strong Commitment)
The Software's source code strictly limits which events can be reported. Any event name not on this list is silently dropped at the client (defense-in-depth, see the ALLOWED_EVENTS constant in packages/desktop-electron/src/main/telemetry-strategy.ts).
| Event | Trigger | Payload |
|---|
pageview (heartbeat) | Software launch | Only the 5 fields above; no extra info |
desktop.app_open | Software launch | Same as above |
desktop.project_open | You open a project | Same; no project name / path |
desktop.ai_request | You issue a model request | Same; no prompt / file content / model name |
desktop.update_seen | You see the update prompt | Same |
desktop.update_downloaded | A new version finishes downloading | Same |
desktop.update_applied | You restart to apply update | Same |
Frequency
On each launch: one heartbeat (pageview) + one desktop.app_open event; other whitelisted events fire as their triggers occur. The client buffers (5 minutes / 20 events) and retries 3 times on failure.
Default State
On by default, with a native first-run dialog (three buttons: Allow / Disable telemetry / Privacy policy). You can disable directly in the dialog, or later via any one of the three methods below (any one suffices, all behave identically):
- In-app
Settings → Privacy → Usage Statistics (writes to config.json below)
- Environment variable
OPENCODE_TELEMETRY=0 (highest priority; overrides config)
- Edit
~/.config/opencode/config.json, set "telemetry": false
Disabling takes effect immediately; the client sends nothing further to the statistics endpoint.
Storage and Retention
| Data form | Retention | Location |
|---|
| Raw event records | Destroyed after 30 days | Servers within mainland China |
| Aggregated statistics (version / country / DAU / MAU breakdown) | 12 months | Same |
| Final aggregated trends / charts | Permanent | Same |
Cross-border transfer: The Software's statistics data is stored only within mainland China, with no cross-border transfer. Should the storage location change (e.g., to overseas nodes), we will re-obtain your consent under PIPL Chapter III, with a prominent notice in this policy.
3.2 Update Check
Purpose: Notify you when a new version is available; you decide whether to download and update.
Endpoint: https://updates.deskfox.ai/v1/latest/<client>/latest.json (static JSON).
Behavior (At the Code Level)
- The client issues an HTTP GET request to fetch the static JSON above
- The server only returns the latest version metadata (version number, release time, release notes URL)
- The client does NOT send its own version to the server; the comparison happens locally on your machine
- The only fields visible server-side are the network-layer IP (used to return the response) and the URL path's
<client> segment (desktop / cli, telling the server which client's update info you want)
- 24-hour local cache so we don't pound the endpoint on every launch
Behavior Boundaries (Important)
- ✅ Only queries for new versions
- ✅ If a new version exists, a notification or menu item appears; you must click to navigate to download
- ❌ No silent download of new versions
- ❌ No silent install / no forced upgrade / no replacing files without your knowledge
- ❌ No tracking of your update behavior (we don't know whether you accepted the prompt — unless you have usage statistics enabled, in which case
desktop.update_seen / update_downloaded / update_applied events fire per Section 3.1's whitelist)
Frequency
Once on launch, then every 24 hours. Locally cached; failures silently ignored.
Default State
On by default, can be disabled via any one of the methods below (either suffices; fully independent from the usage-statistics toggle):
- Environment variable
OPENCODE_UPDATE_CHECK=0
- Edit
~/.config/opencode/config.json, set "update_check": false
That is, you can disable usage statistics while keeping update checks, or vice versa.
Microsoft Store Channel (Special Case)
For DeskFox installed via the Microsoft Store (MSIX package), upgrades are handled entirely by the Store, and the Software does NOT perform its own update check (corresponding to the store-skip strategy in code). This means:
- You will not see DeskFox's own update prompt
- DeskFox does not send any request to DeskFox's update endpoint
- Update behavior follows Microsoft Store rules, with the Store performing silent updates or prompts per its own policy
Difference from Upstream sst/opencode
DeskFox has disabled the upstream sst/opencode official auto-update channel (see 改动日志.md entry "禁自动升级") because the upstream channel would overwrite DeskFox with the upstream binary. The update check described here is DeskFox's own channel, used only to notify of DeskFox's own version updates, unrelated to the upstream channel.
4. Third-Party Components and Dependencies
4.1 Microsoft WebView2
DeskFox uses WebView2 to render its UI. This is a Windows system component maintained by Microsoft. WebView2's own data collection behavior is governed by Microsoft's privacy statement, which we cannot influence. See https://learn.microsoft.com/microsoft-edge/webview2/concepts/distribution#privacy.
4.2 Open-Source Upstream Dependencies
DeskFox is forked from the open-source project sst/opencode under MIT license, and depends on a series of frontend / Rust third-party libraries. These libraries run as code on your local machine and do not independently transmit your data. Full dependency manifest in source package.json and Cargo.toml.
4.3 AI Model Providers You Connect
Any model provider you connect (per the definition in Section 2.2) — Anthropic Claude / OpenAI / Google Gemini / self-hosted / others — independently processes your request data, each with its own privacy policy. DeskFox is not responsible for model providers' data handling, but we recommend prioritizing providers with clear privacy policies and data-non-retention options.
5. Your Controls
The controls listed in this section correspond to the rights of personal information subjects under Articles 13-20 of the Personal Information Protection Law of the People's Republic of China (PIPL), including the right to be informed, to decide, to access, to copy, to correct, to supplement, to delete, and to withdraw consent. If you believe this Software has failed to fulfill these obligations, you may contact DeskFox directly via the channels in Section 12.
You can manage your data at any time:
| What you want | How |
|---|
| Disable usage statistics | In-app Settings → Privacy → Usage Statistics, or env var OPENCODE_TELEMETRY=0, or set "telemetry": false in ~/.config/opencode/config.json (any one suffices) |
| Disable update check | Env var OPENCODE_UPDATE_CHECK=0, or set "update_check": false in ~/.config/opencode/config.json (either suffices; independent of statistics toggle) |
| Delete chat history | Delete the relevant session inside DeskFox, or delete the local DB file directly |
| Revoke / replace a model API key | Settings → Models in DeskFox, or edit the local config file |
| Stop using a model | Switch / remove in the model selector |
| Fully wipe all DeskFox data | Uninstall DeskFox + manually delete the local config directory (see Appendix B) |
| Reset the anonymous install ID | Delete the local config dir (Appendix B) and relaunch — a new UUID is generated |
| Use fully offline | Connect no model providers + disable statistics + disable update check → DeskFox becomes a fully local tool |
5.1 On "Deleting Already-Uploaded Statistics Data"
Because the statistics endpoint stores no fields that can identify you personally (no email, no name, no IP retained, no account system, no mapping table from install_id to a person), already-uploaded events cannot be linked back to you. This means:
- There is no operation that can "delete a user's historical statistics" — because we don't have a "user" concept on our side
- After you disable usage statistics, the client stops collecting and uploading new data immediately
- Deleting your local
install_id file (Appendix B) and relaunching generates a new UUID, decoupling from historical statistics (which are anonymous to begin with and cannot be traced)
This is a privacy advantage of this Software relative to typical SaaS tools, but it also means we offer no "user data export / lookup" interface — because we simply don't have any personal data to export or look up.
6. Open Source & Auditability
6.1 Source Code Hosting
6.2 What You Can Verify
Because the code is fully public, you (or any technical person) can:
- Audit what we collect and what we don't (just
grep the source; the event whitelist is in packages/desktop-electron/src/main/telemetry-strategy.ts)
- Build from source to verify the shipped binaries behave consistently (reproducibility)
- Fork your own version (MIT permits) and fully bypass DeskFox's statistics and update channels
6.3 License
The Software is licensed under the MIT License (full text in repo root LICENSE). You must keep the copyright and license text, but may freely use, modify, merge, publish, distribute, sublicense, and sell. The MIT License itself contains a strong "AS IS" disclaimer; see Section 8.
7. Security Notice (Please Read Carefully)
DeskFox has the following known security limits in the current version. Please understand them before use:
- Installer is unsigned: For cost reasons, the installer is not code-signed. Windows / macOS may show "unknown publisher / unidentified developer" warnings on first run. Only proceed if you downloaded from the official GitHub / Gitee Release page above. Do not run installers from unknown sources — they may be impersonations.
- Local data is not encrypted: Chat history, API keys, and config files are stored in user-readable form on your machine. Anyone who can log into your computer account (or any malicious software with that access) can read them. Protect your account password; users on shared computers should be especially careful. We strongly recommend enabling OS-level full-disk encryption (see 7.1).
- Your API key is your asset: A leaked API key can be used to incur costs. If you suspect a leak, immediately revoke the key in the model provider's console, then replace it in DeskFox.
- Current version collects no crash data (as of 2026-05-01): The Software currently integrates no crash-reporting mechanism (no Electron
crashReporter, no Sentry, no breakpad/crashpad, no Rust panic reporter). This means when the Software crashes:
- No DeskFox-specific dump file is written locally
- No crash information is reported to DeskFox or any third party
- System-level crash behavior (Windows Event Viewer, macOS Console.app) is handled by the operating system and is unrelated to this Software
If crash reporting is added in the future, it will follow Section 10 ("Policy Revisions"): a re-consent dialog will be shown, and only sanitized stack traces will be uploaded — never source data.
7.1 Mitigation for "Local Data is Not Encrypted" (Strongly Recommended)
Since the Software does not encrypt local config / chat history / API keys, we strongly recommend you enable OS-level full-disk encryption — the lowest-cost industrial security measure:
- Windows 10/11 Pro and above: Enable BitLocker (
Settings → Update & Security → Device encryption, or Control Panel → BitLocker Drive Encryption)
- macOS: Enable FileVault (
System Settings → Privacy & Security → FileVault → Turn On)
- Linux: Choose LUKS full-disk encryption at install, or use
fscrypt for the home directory
Full-disk encryption ensures that even if your computer is stolen or its drive removed, others cannot read your DeskFox local data.
8. Disclaimer & Limitation of Liability
Legal note: This section is a Chinese-friendly elaboration of the default MIT License terms. In case of ambiguity between the Chinese-language wording of this section and the English LICENSE in repo root regarding the specific scope of disclaimer, the Chinese version of this policy controls (consistent with the "Chinese version prevails" rule in the policy header). The English MIT LICENSE itself remains independently governed by its original text and international open-source community conventions.
8.1 The Software Is Provided "AS IS"
The Software is provided free of charge, on an "AS IS" basis, without warranty of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, and non-infringement.
DeskFox, the Software's authors, the upstream sst/opencode authors, and all contributors make no warranty that:
- The Software is bug-free, fault-free, or uninterrupted
- The Software is suitable for your specific use case
- The Software's output is accurate, reliable, or up-to-date
- The Software is compatible with your hardware, OS, or network
- The Software will work stably with any model provider you connect
- Any specific feature will be retained in future versions
8.2 Specific Scenarios for Which DeskFox Bears No Liability
DeskFox bears no liability for any direct or indirect loss (including loss of property, data, goodwill, business, opportunity, etc.) arising from the following:
A. Data and Device
- Your computer being infected with malware, attacked, or its drive failing, leading to data loss
- Content you create / edit using DeskFox being lost or corrupted due to software bugs, power outage, mis-operation, or any other cause
- Any cost incurred by your API key being leaked, stolen, or maliciously called
- Your model provider account being banned, throttled, charged, or in dispute
B. Model Provider Services
- Model responses being incorrect, biased, illegal, misleading, or factually wrong
- Model API outage, throttling, discontinuation, pricing changes, policy changes
- Model providers' data use or data leak behavior
- Any legal dispute between you and any model provider
C. Your Use Behavior
- You using DeskFox for illegal purposes or purposes contrary to public morals
- Indirect losses to your work output caused by DeskFox bugs or model errors
- Your violation of any model provider's terms of service
- Profit/loss from your commercial use of DeskFox
- Your processing of others' privacy / commercial secrets / state secrets in DeskFox (see 8.3 on the personal-information-processor role)
D. Systems and Third Parties
- OS, WebView2, or hardware incompatibility
- Behavior of third-party plugins / agents / forks / repackaged versions
- Any loss caused by installers from unknown sources (impersonation, malware insertion, repackaging)
- Network outage, model API balance depletion
E. Updates and Maintenance
- The Software ceasing to be maintained, updated, or shipped
- Features being removed or changed across upgrades (we will note in changelog but do not guarantee backward compatibility)
- Compatibility issues caused by you skipping update checks
8.3 Your Responsibilities (Counterpart)
By using the Software, you accept the following responsibilities:
- Data backup: Back up important data yourself, do not rely on any single piece of software
- API key and account security: Safeguard yourself, do not leak
- Model provider choice: Evaluate and choose trustworthy, compliant providers; agree to their terms yourself
- Compliant use: Comply with the laws of your jurisdiction; do not use the Software for illegal activity
- Scenario fitness: Evaluate yourself whether the Software is suitable for your scenario (especially commercial); for high-risk fields like compliance, legal, medical, finance, use only with professional guidance
- Source verification: Download installers only from official channels (GitHub Release / Gitee Release)
- Personal-information-processor role (important): When you use DeskFox to handle personal information of others (customers, employees of an employer, family members, third parties, etc.), under PIPL and similar data-protection regimes, you (not the DeskFox project maintainer) are the "personal information processor (controller)" of that data. The DeskFox project maintainer only provides the Software as a tool developer and does not participate in the content, purpose, target, or flow of your processing. You are responsible for fulfilling your own notice and consent obligations toward the data subjects, evaluating the legality, reasonableness, and necessity of your processing, and bearing the corresponding legal liability and external compensation responsibility. In any related dispute, the DeskFox project maintainer does not bear party-to-the-litigation responsibility or compensation liability
8.4 Liability Cap
To the maximum extent permitted by applicable law, DeskFox's liability for any loss caused to you by the Software shall not exceed CNY 0 (zero yuan, RMB) (the Software is provided free of charge, with no consideration whatsoever).
If your jurisdiction does not allow this cap, the lowest cap permitted by local law applies.
9. Protection of Minors
9.1 Intended Audience
DeskFox is positioned as a productivity tool for adults and is not directly marketed to minors, nor specifically designed with minor-friendly features.
9.2 Children Under 14
Per Article 31 of the Personal Information Protection Law of the PRC and Articles 72-77 of the Law on the Protection of Minors of the PRC: children under 14 may not use the Software unsupervised. If usage is genuinely needed, the guardian must review this policy, separately consent to each provision, and supervise the use throughout.
9.3 Minors Aged 14 to 18
Minors aged 14 (inclusive) to under 18 must obtain separate guardian consent before use, including consent to this policy, the default-on state of usage statistics in Section 3, and any third-party model-provider connections that may arise from using the Software. If the guardian does not consent to default-on usage statistics, "Disable telemetry" can be selected in the first-run dialog.
9.4 Data Protection Commitment
The Software structurally collects no identifying information (see Sections 2.3, 3.1). Even if minors use it, DeskFox's side cannot identify minor status nor link data to any specific minor. This is an additional layer of protection compared to typical SaaS tools.
If you discover that we have inadvertently collected information that can identify a minor (theoretically impossible, but as a fallback), please notify us via the channels in Section 12; we will verify and delete immediately.
10. Policy Revisions
This policy may be revised alongside software updates. Material revisions (e.g., changing data flow, adding new collection items, changing default toggles, modifying disclaimers) must:
- Be clearly noted in the corresponding
docs/installer-versions.md entry
- Bump the version number at the top of this file
- Trigger a mandatory dialog and re-consent on first launch of the new version
Non-material revisions (typos, link updates, wording polish) may be made directly without separate notice.
A complete revision history is preserved in the source repository's git log: git log docs/legal/PRIVACY.md shows the full history.
11. Governing Law
11.1 Primary Law
The interpretation, performance, and dispute resolution of this policy is governed by the laws of the People's Republic of China (excluding Hong Kong, Macao, and Taiwan). Specifically including but not limited to:
- Civil Code of the People's Republic of China
- Personal Information Protection Law (PIPL)
- Data Security Law
- Cybersecurity Law
- Law on the Protection of Minors
- Law on the Protection of Consumer Rights and Interests (where applicable, even though the Software is free)
The MIT License itself (English text in LICENSE) is interpreted per its original text and international open-source community conventions, not affected by this policy.
If any clause of this policy is invalidated by applicable law, only that clause is invalid; the rest remain in effect.
In case of dispute over this policy that cannot be resolved through negotiation, either party may file suit at a competent People's Court within the People's Republic of China (the specific court being determined under the relevant provisions of the Civil Procedure Law).
11.2 Extraterritorial Fallback (GDPR / CCPA, etc.)
The Software is fully open-source and globally downloadable, and may be used by people subject to extraterritorial laws including but not limited to:
- EU / EEA users — General Data Protection Regulation (GDPR) may apply
- California / other US state users — California Consumer Privacy Act (CCPA / CPRA) may apply
- Other countries / regions — local data protection laws may apply
To the extent such extraterritorial laws by their own personal/territorial reach apply to this Software, we comply with their mandatory requirements (e.g., GDPR Article 17 right to erasure, Article 20 right to data portability, CCPA "right to know / delete / non-discrimination").
However, because the Software structurally collects no personally identifiable data (see Sections 2.3, 3.1, 5.1), most exercisable rights are practically equivalent to "already zero" — we hold no personal data to export or delete.
If any compliance obligation under such extraterritorial law conflicts with this policy (or the existing settings under PRC law), the mandatory requirement of that extraterritorial law prevails, but only with respect to that user and that specific conflict; the overall validity of this policy for other users / circumstances is unaffected.
12. Contact
As an individual open-source project, this Software does not maintain a private contact email. All feedback channels go through public repositories — both for traceability and to avoid single-point dependence on a personal email address.
If your request involves personal information you'd rather not disclose in a public Issue (e.g., when exercising data subject rights and identity verification is needed), the Security Advisory channel above is also available for private submission.
Appendix A: Common Model Provider Privacy Policy Links
Listed for reference only. The provider's official policy controls.
Appendix B: DeskFox Local Data Location
| OS | Path |
|---|
| Windows | %USERPROFILE%\.config\opencode\ |
| macOS | ~/.config/opencode/ |
| Linux | ~/.config/opencode/ |
Update-check local cache: ~/.cache/opencode/update_check.json (corresponding paths on each OS).
About the Path Name (Why opencode/ instead of deskfox/?)
DeskFox currently reuses the upstream sst/opencode directory name opencode/, for compatibility with upstream config (users coming from opencode get their chat history and model settings automatically without migration). Migrating to a dedicated deskfox/ directory is on the technical-debt list.
Coexistence: Both Upstream sst/opencode and DeskFox Installed
If you have both upstream sst/opencode and DeskFox installed on the same machine, please note:
- They share the same config directory (including the
install_id file, config.json, chat history, model API keys, MCP configs, etc.)
- A change in either side is read by the other on next startup
- Opening the same project simultaneously in both can cause data races (SQLite lock contention) — avoid this
- If their versions diverge in schema, opening data from the other can cause corruption (both sides have version-compat handling, but back up first as a precaution)
- Statistics streams do NOT cross: DeskFox sends to
telemetry.deskfox.ai, upstream opencode to its own endpoint (different endpoints; no cross-leakage at code level); however, the same install_id will appear in both backends (each side's "unique device count" statistic will include this machine)
- Disabling statistics on one side = disabling on the other (the toggle lives in the shared
config.json); this is user-friendly
To fully wipe DeskFox data: uninstall DeskFox + manually delete the directory above. Note: this also clears upstream opencode's local data (if you also use it); back up important chat history first.
Revision History
| Version | Date | Changes |
|---|
| v1.0 | 2026-05-01 | Initial official release |
Full revision history (including pre-release draft iterations) is preserved in the source repository's git log; run git log docs/legal/PRIVACY.md to view it.