Legal
Nothing phones home.
Loom Conductor has no telemetry, no analytics, and no account beyond your Claude login. There is no server of ours behind the app, so there is no place for your data to go even if we wanted it.
What we collect
Nothing. By construction.
Most privacy policies describe what a company does with your data. Ours is shorter, because the app is built so that the question does not come up.
No telemetry or analytics
Loom sends no usage data, crash reports, or tracking events anywhere. What the fleet does on your machine stays on your machine.
No account, no sign-up
There is no Loom account to create and no email to hand over. The only login involved is your existing Claude login, which the fleet uses exactly as the Claude Code CLI would.
Keys live in the keychain
Conductor provider keys are stored in the OS keychain only, never in config files or plain text, and a secret-path deny-list blocks sessions from reading or writing known credential paths.
What leaves your machine, and where it goes
Loom is a desktop app that talks only to the model providers you configure. That traffic is yours, under your accounts and those providers' own privacy terms:
- The fleet's six Claude Code sessions talk to Anthropic through your existing Claude login, the same as running the CLI in a terminal yourself.
- The Conductor talks to whichever bring-your-own-key provider you picked: OpenAI, Anthropic, Google, xAI, Groq, Cerebras, DeepSeek, Mistral, OpenRouter, or any OpenAI-compatible endpoint. See bring your own key.
- Prefer that the Conductor's traffic never leaves the building? Point it at a local model via LM Studio, MLX, or Ollama and it stays on your machine entirely.
Everything else is local: your files, git history, terminal output, themes, and workspace settings. Outbound HTTP from the app flows through an SSRF-guarded Rust proxy, and every file, git, and shell operation is checked against the registry of workspaces you authorized. Your provider keys and deny-listed secret paths never leave your machine at all, and your code goes only to the providers you chose, and to nobody else.
Verifiable
You do not have to take our word.
Read the source
The entire app is Apache-2.0 and public at github.com/yimingbeckmann/loom-conductor. The absence of telemetry is something you can check, not something you have to believe.
Watch the wire
Because all outbound HTTP goes through the app's own proxy, the network behavior is inspectable. The only destinations are the providers you configured.
Report a problem
If you find anything that contradicts this page, treat it as a security issue and disclose it through the security policy.
Hand it the work.
Walk away.
macOS, Linux, and Windows. Around 13 MB. Free and open source.