Privacy Policy
Effective date: June 2026
Label Alchemy is built with a privacy-first approach. The default mode sends zero data to any external server. This policy describes what data is processed, where it goes, and what you can control.
What Label Alchemy does NOT do
Section titled “What Label Alchemy does NOT do”- Does not collect analytics or usage telemetry
- Does not phone home with file counts, feature usage, or session data
- Does not read your Salesforce credentials or
.envfiles - Does not store your source code anywhere
- Does not log API keys, license keys, or any secrets
- Does not write secrets to
settings.jsonor any plain-text file
Default mode (deterministic naming): fully local
Section titled “Default mode (deterministic naming): fully local”When AI naming is disabled (the default), Label Alchemy:
- Reads your source files from disk (local only)
- Runs the scanner and naming engine entirely in memory
- Writes changes back to your local disk
- Makes no network calls
Nothing leaves your machine.
AI naming mode: data sent to your LLM provider
Section titled “AI naming mode: data sent to your LLM provider”When AI naming is enabled, Label Alchemy sends content to the LLM provider you configured with your own API key. Specifically:
What is sent:
- The string value of each detected hard-coded string
- File type context (Apex, LWC, Aura) and surrounding code fragment to help the model understand the naming context
What is NOT sent:
- Full file contents
- File paths
- Org credentials or metadata
Who receives the data: Your chosen provider (Anthropic, OpenAI, Google, DeepSeek, OpenRouter, or a custom endpoint). Label Alchemy has no visibility into what the provider does with this data. Review the privacy policy of your chosen provider if handling sensitive business data.
How to avoid sending data to a cloud provider: Use Ollama or LM Studio as your provider. Both run the model locally on your machine. Nothing is sent to any server outside your machine.
License validation
Section titled “License validation”If you have a license, Label Alchemy contacts the Lemon Squeezy licensing server to validate your license key. This request includes:
- Your license key
- Your VS Code machine ID (a random identifier generated by VS Code; not personally identifiable)
No source code, file contents, or project metadata is included in this request.
Validation occurs:
- On first activation with a license key
- Every 7 days while the extension is active
- On re-activation after a restart
If validation cannot reach the server, a 3-day grace period applies before paid features are restricted. A warning is shown after 1 day of failed validation.
Secret storage
Section titled “Secret storage”API keys and license keys are stored in VS Code’s encrypted secret storage (SecretStorage
API). This storage:
- Is encrypted at the OS level (macOS Keychain, Windows Credential Manager, Linux secret service)
- Is not accessible to other extensions without explicit permission
- Is never written to
settings.json,state.vscdb, or any plain-text file - Is not included in VS Code sync by default
Local storage
Section titled “Local storage”Label Alchemy stores the following in VS Code workspace state (local, not synced):
- The last org alias used for deploy (convenience; no credentials)
- The file list from the most recent conversion (for “Deploy Last Conversion”)
This data never leaves your machine.
Children’s privacy
Section titled “Children’s privacy”Label Alchemy is a developer tool intended for professional use. It does not knowingly collect any information from users under 13 years of age.
Changes to this policy
Section titled “Changes to this policy”If the data handling practices described above change materially, we will update this page and note the new effective date. Material changes will be announced in the changelog.
Contact
Section titled “Contact”For privacy questions or to report a concern, email support@labelalchemy.dev, or open a discussion in the community repository. For security issues specifically, follow the security policy — do not open a public issue.