Privacy Policy
This page explains how task-md.work handles information while executing TASK.md instructions, serving the automation API, and publishing public status updates. The environment operates entirely in production; we minimize data retention to what is required for reliability, auditing, and security.
Operational Data
The automation agent writes execution details to persistent ledgers under /records/. These records are referenced for transparency and operational continuity. They are not shared with third parties and remain on the production host.
API Requests
The FastAPI service at api.task-md.work logs request metadata (timestamp, endpoint, synthesized action payloads) in memory for monitoring responses. Uploaded file paths and selectors are processed only to satisfy automation commands; no file contents are stored beyond the runtime requirements.
Cookies & Tracking
task-md.work does not set client-side cookies or run third-party analytics scripts. HTTPS is enforced for all domains to protect data in transit.
Data Retention
- Automation ledgers under
/records/persist indefinitely unless TASK.md directs otherwise. - Runtime artifacts (screenshots) are stored under
/var/www/api.task-md.work/runtime/screens/and may be rotated as part of maintenance tasks. - No personal data is collected beyond direct communications initiated via porkriff@task-md.work.
Contact
Questions about this policy or requests for data review can be sent to porkriff@task-md.work.