Last updated: 2026-04-13
Patina is made by Trout Technologies AS, org. nr. 937 330 278, Oslo, Norway. This policy describes what data Patina collects, where it is stored, and what leaves your machine.
| Data | Collected? | Default |
|---|---|---|
| Active app name and bundle ID | Yes | On |
| Window title (stored with credentials redacted; file paths and URLs stripped before LLM transmission) | Yes | On |
| UI element role and label (e.g. "button", "Save") | Yes | On |
| Mouse click events (which element was clicked) | Yes | On |
| Timestamps | Yes | On |
| Clipboard text content | Opt-in | Off |
| Text field values (when you leave a field) | Opt-in | Off |
| Screenshots or screen recordings | No | — |
| Keystrokes | No | — |
| Audio, camera, or file contents | No | — |
| Passwords or secure text fields | No | — |
Password managers (1Password, Bitwarden, LastPass, Dashlane, Keychain Access, KeePassXC, Enpass) are excluded entirely — no observations are recorded while they are active.
All observation data is stored locally in a SQLite database at ~/Library/Application Support/Patina/patina.db. You own this file. We never access it.
Pattern analysis runs in one of three modes:
Trial (default, no setup needed): Patina sends up to 3 analysis batches through our proxy at patina.work/api/analyze, which forwards them to Together AI. A locally generated device identifier (random UUID) is sent in the request header and stored server-side with a usage count to enforce the limit. After 3 analyses, no further requests are made unless you add a license or API key.
With a Patina license key: Patina sends sanitized observation summaries through the same proxy. The proxy logs your license ID, a request ID, token counts, and a timestamp for rate limiting. It does not store the content of your observations.
With your own API key: Patina sends sanitized observation summaries directly to the endpoint you configure. Default: api.together.xyz. You can point this at any OpenAI-compatible service (OpenAI, Ollama, a local server, etc.). We are not involved in this transfer. See your provider's privacy policy.
Without any of the above: No network requests. Observation and activity logs only.
What is sent: App names, element roles, element labels, sanitized window titles, event types, and timestamps. These are aggregated into a text summary for the LLM.
What is never sent:
Default model: Meta Llama 3.3 70B Instruct Turbo, hosted by Together AI (San Francisco, USA). With a BYO API key, you choose the model and provider.
No app telemetry. The app makes no analytics, crash reporting, or update-check requests. The only outbound connection is the pattern analysis call described above.
Patina scans all captured text for credentials before storage and before transmission. Detected types include: API keys (OpenAI, Anthropic, AWS, GitHub, Slack, and 20+ other providers), JWT tokens, bearer tokens, database connection strings, PEM private keys, credit card numbers (Luhn-validated), and high-entropy strings. Detected credentials are either blocked (clipboard) or redacted with markers like [redacted:github_token].
Delete ~/Library/Application Support/Patina/patina.db to erase all collected data. There are no cloud backups. Uninstalling the app and removing this file leaves no trace.
Patina observes whatever is visible in your apps, which may include messages, emails, or names belonging to other people. You are responsible for ensuring you have the right to process data visible on your screen. Other people whose data appears on your screen have not consented to Patina's observation.
Your observation data is processed and stored locally. You are the data controller for it. We do not access your local database.
Server-side, we store: license records (email, license key, payment IDs), usage logs (license ID, token counts, timestamps), trial device identifiers (random UUID, usage count), and download metrics (see section 11). We retain license and usage records indefinitely to support refunds and rate limiting. Email hello@patina.work to request deletion.
For metadata sent to the LLM provider (via trial, license, or your own API key): you are the data controller. The LLM provider is the data processor under their terms. Our proxy does not retain request or response content.
Patina is not intended for anyone under 16.
If we change this policy, we will update the date at the top. Continued use after a change constitutes acceptance.
When you download Patina from patina.work, we log: truncated IP address (last octet zeroed for IPv4, /48 prefix for IPv6), browser user agent, operating system, HTTP referer, country, and city. This data is stored in Cloudflare D1. No cookies are set. No third-party analytics or tracking scripts are loaded. We use this data to count downloads by platform and region.
When you buy a license, Stripe sends us your email address and payment session ID. We store these with your license record. We do not store credit card numbers or billing addresses. We retain license records (email, license key, purchase date) indefinitely to support refunds and license verification. Email hello@patina.work to request deletion.
Questions: hello@patina.work