Security & data sovereignty

Your data never
leaves your Mac.

Local-first architecture. API keys in the OS Keychain. Direct connection to AI providers — no Altr proxy, no markup, no visibility into your work.

Local-first architectureBYOK — zero markupOS Keychain storageApple Silicon nativeNo cloud sync by default

Three non-negotiables

OS Keychain storage

Your API keys never touch our servers.

Altr stores your Anthropic and OpenAI API keys in the macOS Keychain — the same secure enclave used by 1Password and Safari. They are never written to SQLite, never sent to Altr servers, never logged. The key travels from the Keychain directly to the provider API over TLS.

  • Stored in macOS Keychain, not on disk or in our database
  • Read at call time, never held in memory longer than needed
  • Removed cleanly when you delete the app
SQLite on disk

Your context stays on your Mac.

Every spec, Slack thread capture, ticket, and execution trail artifact is stored in a SQLite database on your machine at `~/Library/Application Support/run.altr.desktop/altr.db`. Nothing leaves your Mac unless you explicitly connect an integration.

  • No cloud sync by default — local-first architecture
  • Readable by you: standard SQLite, no proprietary format
  • Encrypted at rest by macOS FileVault when enabled
BYOK — Bring Your Own Key

You pay the AI provider. We take no cut.

Altr never proxies your LLM calls through our servers. Your Mac connects directly to Anthropic or OpenAI using your key. We never see your prompts, your completions, or your usage. You get the provider's direct pricing — no Altr markup, no credit system.

  • Direct connection: your Mac → Anthropic / OpenAI
  • Altr never receives or logs your prompts or completions
  • Provider billing is between you and Anthropic/OpenAI

How it flows

Source
Signal
Destination
Your Mac
key fetchstays on device
macOS Keychain
Your Mac
LLM calldirect TLS, no proxy
Anthropic / OpenAI
Anthropic / OpenAI
completionAltr never sees this
Your Mac
Your Mac
artifact storedlocal only
SQLite on disk

Altr is never in the data path between your Mac and the AI provider

Full transparency

What we do see.

Crash reportsAnonymized stack traces via Sentry. No user data included.
Opt-in telemetryFeature usage events (e.g. "opened spec editor"). Opt-out on first launch.
Nothing elseWe have no access to your specs, threads, code, or API keys.

Compliance

SOC 2 Type II — in progress.

We are working toward SOC 2 Type II certification. In the meantime, our architecture is designed to meet enterprise data residency requirements from day one.

Status

In progress

2026 target

Questions about your
data or architecture?

We do founder-led onboarding. Ask us anything about how Altr handles your data — before you sign up.

Talk to the founders →Read about the workflow →

Stop rebuilding
the story at every handoff.

We'll walk through Altr using your actual workflow, your stack, and your review standards — and show you where the loop closes.

founder-led onboarding · no spam · unsubscribe anytime