Privacy Policy

AI Token Usage Tracker for macOS — Last updated: March 10, 2026

Summary: AI Token Usage Tracker does not collect, transmit, or share any personal data. All information is stored locally on your Mac. The app communicates only with the APIs you configure — no third-party analytics, no tracking, no telemetry.

1. Data We Collect

None. The app does not collect any personal information, usage analytics, crash reports, or telemetry data of any kind.

2. Data Stored on Your Device

The following data is stored exclusively on your Mac:

Anthropic Admin API Key — stored securely in the macOS Keychain, encrypted by the operating system. Never sent to any party other than Anthropic's own API servers.
Anthropic API Key (optional) — if you enable rate limit monitoring, a separate regular API key is also stored in the macOS Keychain. Used solely to query current rate limits from Anthropic's API.
App preferences — display settings, selected API key filters, section toggles, currency selection, notification thresholds, and custom API endpoint URLs are stored in macOS UserDefaults within the app's sandbox container.
Cached API responses — token usage data, cost reports, model pricing, and exchange rates are cached as JSON files in the app's Application Support directory and in UserDefaults to reduce API calls.
In-app session logs — diagnostic log entries are kept in memory only (max 500 entries) and are discarded when the app is closed. Logs are never written to disk or transmitted.

All of this data remains on your device and is never transmitted to us or any third party.

3. Network Requests

The app makes outbound HTTPS requests only to the following services:

Anthropic Admin API (api.anthropic.com) — to retrieve your organization's token usage, cost reports, workspace information, and API key metadata. Authenticated with your Admin API Key.
Anthropic Messages & Models API (api.anthropic.com) — if rate limit monitoring is enabled, the app sends a minimal request to determine your current rate limits per model. Authenticated with your regular API key. No meaningful user data is transmitted.
Exchange Rate API (open.er-api.com) — to fetch current USD exchange rates for currency conversion. No authentication or personal data is sent.
GitHub (raw.githubusercontent.com) — to fetch the latest model pricing data from the LiteLLM open-source project. No authentication or personal data is sent.
Anthropic Status Page (status.claude.com) — opened in your default browser when you click the status link. No data is sent by the app.

You may configure custom endpoint URLs for the Anthropic API, exchange rate service, and model pricing source in the app's Settings. If you do, requests will be directed to those endpoints instead.

The app does not communicate with any advertising networks, analytics platforms, social media services, or any other external services beyond those listed above.

4. Third-Party Services

The app relies on the following third-party services for its core functionality:

Anthropic — subject to Anthropic's Privacy Policy
Exchange Rate API — subject to ExchangeRate-API Terms

Please review their respective privacy policies for information on how they handle data.

5. Local Network Server (JSON API)

The app includes an optional localhost HTTP server for integrating with external tools (e.g., dashboards or scripts). When enabled:

The server binds exclusively to 127.0.0.1 (IPv4 loopback) — it is not accessible from other devices on your network.
It exposes aggregated usage statistics (costs, token counts, workspace names, model names) as JSON.
It does not expose your API keys.
The server is disabled by default and requires Pro access to enable.

6. Local Notifications

The app can send local macOS notifications (e.g., when your monthly spend exceeds a threshold you set). These are processed entirely on your device by macOS. No push notification service or external server is involved.

7. In-App Purchases

The app offers an optional Pro upgrade via the Mac App Store using Apple's StoreKit framework. All payment processing, receipt validation, and transaction management are handled entirely by Apple. The app does not operate its own payment server and does not collect any payment or financial information.

8. Children's Privacy

This app is not directed at children under 13 and does not knowingly collect any information from children.

9. Data Security

Both your Admin API key and your regular API key (if configured) are stored in the macOS Keychain, which provides hardware-backed encryption and is isolated per application. All other app data is stored within the macOS App Sandbox container. Network communication uses HTTPS encryption exclusively. The app does not store data on remote servers.

10. Your Rights

Since all data is stored locally on your device, you have full control over it at all times:

View — all settings are visible in the app's Settings panel.
Delete — remove the app to delete all associated data, or clear individual settings within the app.
Export — use the CSV export feature to obtain your usage data.

11. Changes to This Policy

If we update this privacy policy, the revised version will be posted at this URL with an updated "Last updated" date. Continued use of the app after changes constitutes acceptance of the updated policy.

12. Contact

If you have questions about this privacy policy, please contact:

Siegfried-Thor Bolz
Email: privacy@siegfried-bolz.de