Skip to main content

Privacy-First Design

Cluely is built with privacy as a core principle. You have complete control over your data and can choose between local and cloud AI processing.

Local vs Cloud AI

Complete Local Processing

When using Ollama, all data stays on your computer:
  • Screenshots never leave your device
  • No internet connection required for AI processing
  • No API keys or cloud services
  • No usage tracking or telemetry
Setup for maximum privacy:
USE_OLLAMA=true
OLLAMA_MODEL=llama3.2
OLLAMA_URL=http://localhost:11434
Privacy benefits:
  • ✅ Zero data transmission to external servers
  • ✅ Works completely offline
  • ✅ No API costs or usage limits
  • ✅ Full control over AI model and data
  • ✅ Compliant with strict privacy regulations
Recommended for: Sensitive work, confidential meetings, regulated industries, or anyone prioritizing privacy.

Screenshot Privacy

Automatic Cleanup

Screenshots are automatically managed to prevent accumulation of sensitive data: 
// From electron/ScreenshotHelper.ts:54-75
public clearQueues(): void {
  // Clear screenshotQueue
  this.screenshotQueue.forEach((screenshotPath) => {
    fs.unlink(screenshotPath, (err) => {
      if (err) console.error(`Error deleting screenshot`, err)
    })
  })
  this.screenshotQueue = []

  // Clear extraScreenshotQueue
  this.extraScreenshotQueue.forEach((screenshotPath) => {
    fs.unlink(screenshotPath, (err) => {
      if (err) console.error(`Error deleting extra screenshot`, err)
    })
  })
  this.extraScreenshotQueue = []
}
Cleanup triggers:
  • When clearing queues manually
  • When queue exceeds 5 screenshots (oldest deleted automatically)
  • When deleting individual screenshots

Storage Locations

Screenshots are stored locally in your user data directory: 
# macOS
~/Library/Application Support/interview-coder/screenshots/
~/Library/Application Support/interview-coder/extra_screenshots/

# Windows
%APPDATA%/interview-coder/screenshots/
%APPDATA%/interview-coder/extra_screenshots/

# Linux
~/.config/interview-coder/screenshots/
~/.config/interview-coder/extra_screenshots/
Cluely has two screenshot queues:
  • Primary queue (screenshots/): For initial problem screenshots
  • Extra queue (extra_screenshots/): For debug and follow-up screenshots
Each queue maintains up to 5 screenshots independently.

Manual Screenshot Deletion

Delete screenshots at any time: 
const result = await appState.deleteScreenshot(screenshotPath)
if (result.success) {
  console.log('Screenshot deleted from disk')
}

Data Handling

No Telemetry or Tracking

Cluely does not collect:
  • ❌ Usage analytics
  • ❌ Error reports
  • ❌ User behavior tracking
  • ❌ Personal information
  • ❌ Screenshot content (when using Ollama)

What Data is Stored

Local storage only:
  • Screenshots (temporary, auto-deleted)
  • Application preferences
  • Screenshot metadata (questions attached to screenshots)
  • Window position and size
Stored in: app.getPath("userData") directory Not stored:
  • API responses
  • Chat history (beyond current session)
  • Conversation context after app closes

API Key Security

1

Never commit .env files

Your .env file contains API keys and should never be committed to version control.
# .gitignore already includes
.env
.env.local
.env.*.local
2

Use environment variables

API keys are read from environment variables at runtime:
// From electron/LLMHelper.ts:42-44
this.geminiApiKey = (apiKey ?? "").trim() || 
                    process.env.GEMINI_API_KEY?.trim() || ""
this.fallbackGeminiApiKey = process.env.GEMINI_FALLBACK_API_KEY?.trim() || ""
3

Rotate keys if exposed

If you accidentally expose an API key:
  1. Immediately revoke it in the provider’s console
  2. Generate a new key
  3. Update your .env file
  4. Restart Cluely

Network Security

HTTPS Connections

All cloud API communications use HTTPS: 
// OpenRouter
const response = await fetch("https://openrouter.ai/api/v1/chat/completions", {
  headers: {
    'Authorization': `Bearer ${this.openRouterApiKey}`,
  }
})

// K2 Think
const response = await fetch("https://api.k2think.ai/v1/chat/completions", {
  headers: {
    'Authorization': `Bearer ${this.k2ThinkApiKey}`,
  }
})

Localhost-Only for Ollama

Ollama runs on localhost:11434 by default: 
private ollamaUrl: string = "http://localhost:11434"
The Ollama endpoint is only accessible from your local machine. No network exposure by default.

Privacy Recommendations

For Maximum Privacy

1

Use Ollama exclusively

USE_OLLAMA=true
OLLAMA_MODEL=llama3.2
No data leaves your computer.
2

Regularly clear screenshots

Manually delete screenshots after use or let auto-cleanup handle it.
3

Review screenshot content

Before taking screenshots, ensure they don’t contain:
  • Passwords or credentials
  • Personal identifiable information (PII)
  • Confidential business data
  • Financial information
4

Use dedicated profile

Run Cluely in a separate user profile for work vs personal use.

For Regulated Industries

If you work in healthcare, finance, legal, or other regulated industries:
Only use Ollama (local AI) for any sensitive or regulated content.Cloud AI providers may not be compliant with:
  • HIPAA (healthcare)
  • GDPR (EU privacy)
  • SOC 2 (security)
  • PCI DSS (payment data)
  • Attorney-client privilege

Auditing and Transparency

Open Source Verification

Cluely is open source - you can verify privacy claims: Review data handling:
  • electron/LLMHelper.ts - AI provider interactions
  • electron/ScreenshotHelper.ts - Screenshot management
  • electron/main.ts - Application initialization
No hidden telemetry: Search the codebase for tracking: 
grep -r "analytics\|telemetry\|tracking" electron/
# Returns no results - no tracking code

Network Monitoring

You can monitor Cluely’s network activity: 
# macOS - Monitor network connections
lsof -i -P | grep "Interview Coder"

# Linux - Use tcpdump
sudo tcpdump -i any host localhost
With Ollama: You’ll only see localhost connections With Cloud AI: You’ll see HTTPS connections to AI provider endpoints

Frequently Asked Questions

Screenshots are permanently deleted using fs.unlink(). They may be recoverable with data recovery tools until the disk space is overwritten.For complete deletion, use secure deletion tools or encrypt your disk.
No. Conversation context only exists during the current session in memory. Nothing is persisted after the app closes.
Yes, if you use Ollama. The app works completely offline with local AI models.Cloud AI providers (Gemini, OpenRouter, K2 Think) require internet connectivity.
API keys are stored in your .env file and loaded into memory at runtime. They are never transmitted except to authenticate with the respective AI provider.Keep your .env file secure with file system permissions:
chmod 600 .env
  1. Immediately delete the screenshot from Cluely’s interface
  2. Clear the screenshot directories manually if needed
  3. If using cloud AI, data was already sent to the provider
  4. Use Ollama to prevent this in the future

Build docs developers (and LLMs) love

Get started for freeTalk to us