Docs / Privacy Policy

Privacy Policy

Effective date: May 3, 2026 · Last updated: May 3, 2026

Dunetrace is an open-source, self-hosted tool. This policy describes what data the Dunetrace SDK and backend services collect, how that data is stored, and the protections in place.

1. Privacy by design — no raw content transmitted

The Dunetrace SDK is built around a single, non-negotiable principle: no raw content ever leaves your agent process.

Before any event is transmitted, the following fields are SHA-256 hashed inside the SDK process:

  • Prompt text and system messages
  • Model completions and outputs
  • Tool call arguments
  • Tool responses
  • Retrieval query strings
  • HTTP request URLs (when using httpx/requests auto-instrumentation)
  • User input strings

What is transmitted instead of raw content:

  • SHA-256 hex digests of the above
  • Structural metadata: token counts, latency timings, step indices, finish reasons, success flags, output lengths
  • Agent and run identifiers you set
  • Timestamps

2. What data is stored

Because Dunetrace is self-hosted, all data is stored in your own PostgreSQL database, running in your own infrastructure. Dunetrace Inc. (or its maintainers) has no access to your data.

The following tables are written to your database:

TableWhat it contains
eventsHashed event payloads, token counts, latencies, step indices, agent/run IDs
failure_signalsDetected failure type, severity, confidence, structural evidence (counts, indices), agent/run IDs
processed_runsRun IDs, processing timestamps, signal counts
api_keysHashed API keys, agent/customer IDs
issuesAggregated issue tracking (failure type, status, run counts) per agent
digest_logTimestamps of weekly digest sends
fixesFix history: signal ID, fix type, applied-via (Langfuse or clipboard), prompt name, version, timestamp

3. What data is never stored

  • Prompt text or system messages
  • Model completions
  • Tool call arguments or responses
  • User queries or inputs
  • Any personally identifiable information from end users of your agent

4. Data retention

Because Dunetrace is self-hosted, data retention is entirely under your control. There is no built-in expiry. You can delete rows from any table directly, or drop and recreate the database at any time. No data is sent to or retained by any third-party cloud service.

5. External services

The only external network calls Dunetrace makes are:

  • Slack webhook (if configured): alert payloads containing failure type, severity, agent ID, run ID, step index, structural evidence (counts, not content), and a plain-English explanation. No raw prompts or completions.
  • Generic webhook (if configured): same payload as Slack, signed with HMAC-SHA256.

No telemetry, analytics, crash reporting, or usage data is sent to Dunetrace maintainers.

6. Website analytics

The Dunetrace marketing website (www.dunetrace.com) uses Google Analytics 4 (GA4) to collect anonymous usage statistics such as page views and referrers. This data is governed by Google's Privacy Policy. No personal data from your agents is ever sent to this site.

7. Open source

Dunetrace is open source under Apache 2.0. You can audit every line of code that handles your data at github.com/dunetrace/dunetrace.

8. Changes to this policy

Material changes will be announced via the GitHub repository. The effective date at the top of this page will be updated.

9. Contact

Privacy questions: dunetrace@gmail.com