Privacy & data handling

"You're going to watch my engineers' AI sessions?" is the first question every leader asks us, and it's the first fear every engineer has. Fair. This page is the straight answer: exactly what Accrete sees, what it doesn't, where the data lives, and the norms we ask teams to adopt before turning it on. No legal boilerplate — the terms of service can do that job. This is the practical story.

What Accrete sees

Accrete parses the session transcripts that Claude Code already writes to each developer's machine. From those transcripts, it captures:

• Prompts — the messages a developer actually typed to the agent, classified apart from tool output and agent chatter.
• Tool activity — what the agent did: files read and edited, commands run, subagents spawned.
• Practice signals — concrete behaviors like planning before coding, delegating to subagents, using saved commands and skills, tracking tasks, committing work.
• Project attribution — which project each session belongs to, so work can be grouped sensibly.

That's the inventory. Everything in the dashboard — the activity views, the session drill-downs, the per-person adoption matrix — is built from this and nothing else. How it works walks through the pipeline end to end.

What Accrete doesn't see

The boundary is simple: if it didn't happen inside an agent session, Accrete has no idea it happened.

• No screen recording. No screenshots.
• No keystroke logging.
• No email, Slack, calendar, or browser activity.
• No webcam, no microphone, no idle-time tracking.
• Nothing from your IDE outside the agent session itself.

Accrete is not employee-monitoring software wearing a different shirt. It reads one artifact — agent session transcripts — and that artifact already exists on the developer's machine before we touch it.

Where the data lives

Two places, and the developer comes first.

On the developer's machine. The sync client parses sessions into a durable local database that the developer owns and can explore directly. This matters more than it sounds: Claude Code purges raw transcripts after roughly 30 days, so the local database is often the only durable record of a developer's own work — useful to them with or without a team.

On the team's server. The client pushes parsed session data — not raw transcript files — to a server holding one isolated database per company. Not a shared cluster with a company_id column. A separate database. Your data is never pooled, blended, or compared with another company's, and there is no mechanism by which it could be.

The norms we recommend

The tool works or fails on one question: do engineers keep using AI agents honestly once they know sessions are visible? So we're prescriptive about rollout.

Tell the team before you turn it on. Not in a buried policy update — say it out loud, show them this page, show them the dashboard. An engineer who discovers observation after the fact is right to be angry, and the trust cost lands on you, not us.

Use it for coaching, never as performance-review ammunition. We mean this practically, not as a values statement. The moment session data feeds a performance rating, engineers will manage the metric: theatrical plan-mode usage, sanitized prompts, real work pushed to untracked tools. The data goes dark precisely where it was most useful. Surveillance kills the honest usage that makes the data worth having — coaching framing isn't a courtesy, it's what keeps the instrument working.

Let engineers see their own data first. They keep the local copy and can explore it themselves. The best rollouts we can imagine start with "here's what you'll see about yourself" rather than "here's what your manager will see about you." Common questions from both audiences are in the FAQ.

What we publish — and what we never will

Aggregate, real-world data on how teams use AI coding tools is part of what makes Accrete useful, and we intend to publish research from it. The commitment:

• Published findings are anonymized and aggregated across companies. Patterns, not transcripts.
• We will never publish a company's data, a team's data, or an individual's data — not named, not "anonymized but guessable," not as a case study without explicit written agreement.
• Pre-launch honesty: we have no published research yet, because we don't have the data yet. When we do, this is the standard it will meet.

Honest caveats

We'd rather you hear the tradeoffs from us.

Prompts can contain sensitive text. Developers paste things into agents: stack traces, config snippets, customer-bug details, occasionally a credential that shouldn't be there. Accrete stores prompts as written; it does not currently detect or redact secrets. What we recommend: keep secrets out of prompts as a team norm (it's good agent hygiene regardless — that text also goes to the model provider), use environment variables and secret managers rather than pasted values, and fold "what's safe to paste into an agent" into your rollout conversation. If a secret does land in a prompt, rotate it — same as if it had been committed.

Parsed is not anonymous. The dashboard attributes sessions to people, because per-person coaching is the product. If you need attribution-free analytics, Accrete is the wrong tool, and we'd rather say so than blur the point.

A determined bad-faith manager could misuse per-person data. Software can't prevent that; norms and access decisions do. That's why the rollout conversation above isn't optional advice.

Talk to us about it

If your security team has questions we haven't answered here, we want them — they make this page better. Join the early access list, or become a design partner and put your hardest data-handling questions to the founder directly.