Privacy Policy
Last updated: May 23, 2026
Claude AI Harness is a personal AI document workspace operated at claude.yaoyuheng2001.me. This policy explains what information is processed when you use the application.
What We Collect
The following data is stored on the server when you use this application:
| Category | Data stored | Table / Storage |
|---|---|---|
| Account | Email address, hashed password, registration date | users |
| Conversations | All messages you send and Claude's replies (full content) | threads, messages |
| Documents | Generated or uploaded documents and their versions | documents |
| Long-term Memory | Persistent notes the model saves across conversations (you control this) | user_memory |
| Telemetry | Tool calls made, first ~2000 chars of your input (message preview), token counts, response latency, model used | telemetry |
| Feedback | Thumbs-up / thumbs-down ratings on responses | ratings |
| Bug Reports | Text and screenshots you submit via the Bug button; your email is attached to the report | bug-reports.json, bug-images/ |
Your Rights
You have the following data subject rights, exercisable directly in the application:
- View & edit long-term memory — Click the 记忆 button in the top bar to read, edit, or clear your persistent memory.
- Export all your data (data portability) — Click 我的数据 in the top bar, then click 📥 Export All Data (JSON) to download a complete JSON file containing your account info, all conversations, documents, memory, telemetry, feedback, and bug reports.
- Delete your account and all data (right to erasure) — Click 我的数据 in the top bar, then click 🗑 Delete My Account and All Data. You will be asked to confirm by entering your email address, then a 5-second countdown begins before the final deletion. After deletion your account, all conversations, documents, memory, telemetry, ratings, and bug reports are permanently removed.
- Delete individual conversations — Click the delete button next to any conversation in the sidebar.
What Administrators Can See
The site administrator can view all data in the admin panel (/admin), including:
- All user accounts (email, registration date, role)
- All conversations and messages for all users
- All bug reports and attached screenshots
- Aggregated telemetry and feedback data
This admin access exists for the purposes of debugging, abuse investigation, and service improvement. The administrator is the same person as the site operator (yaoyuheng2001.me). Your conversation content is not shared with any third parties beyond what is required to operate the service (e.g., sending your prompts to the Anthropic API to generate responses).
Google Data
When you connect Google, this application requests the Google Drive file scope so it can create Google Docs files from documents you choose to upload. The application uses Google access only to create those files and open the resulting document link. It does not sell Google user data or use it for advertising.
Storage
Conversation and document data may be stored locally in your browser. Google OAuth tokens are stored on the server to allow document uploads after authorization. API keys and OAuth secrets are not exposed in frontend code.
Usage Analytics & Feedback
To improve the quality of this service, we collect anonymized usage telemetry when you interact with the AI assistant. This includes:
- Interaction metadata — timestamps, token counts, response latency, tool calls made during a conversation, and which tools were available.
- Message previews — a truncated excerpt of your input (up to 2,000 characters) is logged to help diagnose failure patterns. Full conversation history is not recorded in telemetry.
- Feedback signals — when you click the thumbs-up or thumbs-down button on a response, the feedback type and a short preview of the assistant message are recorded.
This data is stored on the server and is used solely for internal service improvement — for example, identifying common failure modes and building evaluation test suites. It is not shared with third parties, not used for advertising, and not sold.
Third-Party Services
The application may send your prompts, uploaded content, and images to the configured AI API provider to generate responses. If web search is enabled, search queries may be sent to the configured search provider.
Share Links
You can generate a shareable link for any conversation or document to share with others. Key points about share links:
- What is exposed — When sharing a conversation, the link contains all text messages and Artifact documents; images and uploaded file attachments are not included and are rendered as "[Attachment hidden]" placeholders. When sharing a document, the link contains the full HTML content of the document.
- Expiry — Share links expire after 30 days by default. After expiry the link returns a "Link expired" message.
- Revocation — You can revoke any share link at any time under Settings → My Shares. After revocation, visitors see "The sharer has revoked this link" (HTTP 410) rather than a 404.
- Fork (continue chatting) — The share page includes a "Fork & Continue" button. Clicking it creates an independent copy of the conversation in the viewer's account without affecting your original.
- Persistence — Share records are stored in the server SQLite database (
sharestable). When you delete your account, all your share records are deleted as well.
Data Sharing
Data is shared only with service providers needed to operate the application, such as the configured AI API provider, Google APIs for Docs upload, and optional search APIs. Data is not sold.
Contact
For privacy questions, contact the site operator at the domain owner contact for yaoyuheng2001.me.