StatsAI docs
Privacy model
What StatsAI reads locally, what stays on your devices, and what syncs as sanitized rollups.
Last updated: June 9, 2026
Design principle
StatsAI is built around metadata-only sync. The CLI reads local provider logs on your machine, normalizes them locally, and sends sanitized daily rollups to the hosted dashboard. Sensitive workflow data should never need to reach our servers through the default production path.
The open-source collector is auditable: you can inspect what it reads, how it normalizes events, and what it strips before HTTP sync. For field-level detail, see the sync contract.
Stays on your machine
| Category | Examples |
|---|---|
| Conversation content | Prompts, model responses, tool transcripts |
| Local evidence | Raw JSONL log lines, parse line numbers, source record IDs |
| File context | Local file paths and plain-text source labels |
| Private notes | Subscription notes and other user-entered commentary |
Nothing in this table is required for cross-device usage rollups. The collector can compute totals and breakdowns locally without uploading the underlying evidence.
Synced as rollups
| Category | Examples |
|---|---|
| Usage totals | Daily token and request rollups |
| Breakdowns | Provider, model, and account-level aggregates |
| Identity metadata | Canonical account email or provider user ID, display labels |
| Dedup keys | Hashed identifiers for paths, sources, events, and summaries |
| Subscription periods | Plan name, price, and active date ranges (without private notes) |
Estimated cost figures are API-equivalent calculations for analytics. They are not invoices and should not be treated as definitive billing records from AI providers.
Verify before you sync
Quick summary of the next outbound batch:
statsai sync --dry-run
Full JSON payload written locally:
statsai sync --sink file --output ./statsai-sync-batch.json
Confirm device access and compare local vs remote state:
statsai sync --sink http --verify
All three commands run on your machine. Use them before enabling automatic sync from a new device or after changing source configuration.
Public profile cards
Optional shareable profile features publish only the content you explicitly choose to make public. Private rollups and device sessions are not exposed to other users by default.
For hosted-service legal terms, see the Privacy Policy and Terms of Service.