Effective: April 24, 2026
Plain-language summary: We collect only what we need to sell and manage your software license. The Application runs entirely on your device. We have no ability to access, view, or collect any data, files, or content you work with inside the Application.
Cate is a locally installed desktop application built on the Electron framework. Once installed, it runs directly on your computer. All processing, file handling, and application functionality occurs on your local device. The Application does not upload, stream, or otherwise transmit your work data to our servers or any third-party servers.
We have no ability to access the data you work with in the Application. We do not want it, we do not receive it, and we have designed the Application so that it is never sent to us.
The only outbound network connections the Application makes are license validation requests to our licensing server, to verify your License Key is active.
When you purchase a license through our portal, we collect: full name and email address; company or organization name (if provided); billing name and billing address; License Key(s) issued to your account; license tier, purchase date, renewal date, and license status; and the number of activated devices and activation timestamps.
All payment transactions are processed by our third-party payment processor, Lemon Squeezy (https://www.lemonsqueezy.com). We do not receive or store full payment card numbers. The payment-related data retained in our systems is limited to: transaction ID and purchase amount; payment method type (e.g., card brand—not full card number); and renewal and refund history. Your full card details are handled entirely by our payment processor and are governed by their privacy policy and PCI-DSS security certification. We encourage you to review their privacy policy at https://www.lemonsqueezy.com/privacy.
Each time the Application starts, it sends a license validation request to our licensing vendor (Lemon Squeezy) to confirm your license is valid and active.
If enabled, the Application automatically submits a crash report when it encounters an unhandled error. Crash reports contain: a stack trace identifying the code location of the error; Application version, operating system type and version, and available system memory; and a random session identifier (not linked to your account). Crash reports do not contain your name, email address, License Key, or any data from files you have open. You can disable crash reporting at any time in the Application’s Settings menu.
If you contact us for support, we collect your name and email address, the content of your support request, and any log files, screenshots, or other attachments you voluntarily provide. Please do not include sensitive personal data or confidential business information in support requests unless directly necessary.
We do not collect, access, or process: the contents of any files you open or create in the Application; any keystrokes, clipboard contents, or screen activity; your browsing history or activity in other applications; your location; or any usage analytics or in-app behavioral data.
We use the information described above for the following specific purposes:
If you are located in the European Economic Area or the United Kingdom, our legal bases for processing your personal data are:
We share data with a small number of third-party service providers acting on our behalf. These providers are contractually prohibited from using your data for any purpose other than providing the service we have engaged them for. Current categories include: payment processor, cloud hosting provider, email delivery service, crash reporting service, and customer support platform.
We may disclose your information if required by law or in good-faith belief that disclosure is necessary to: (a) comply with a legal obligation or valid legal process; (b) protect our rights or property; (c) investigate or prevent fraud or security incidents; or (d) protect the safety of our users or the public.
In the event of a merger, acquisition, or asset sale, your data may be transferred as part of that transaction. We will provide reasonable notice before your data becomes subject to a materially different privacy policy.
We do not sell, rent, or trade your personal information to third parties for their commercial purposes. As defined under the CCPA/CPRA, we do not “sell” or “share” your personal information for cross-context behavioral advertising. All third-party service providers described in Section 5.1 are contractually bound as “Service Providers” (as defined under the CCPA/CPRA) and are prohibited from using your data for any purpose other than performing services on our behalf.
We retain your information only as long as necessary for the purposes described in this document or as required by law:
When data is no longer required, we securely delete or anonymize it.
We take reasonable technical and organizational measures to protect the personal data we hold. All data transmitted between the Application and our servers is encrypted in transit using TLS 1.2 or higher. Sensitive data stored in our systems is encrypted at rest. Access to personal data is restricted to authorized personnel with a legitimate need. We do not store full payment card data—all card handling is performed by our PCI-DSS compliant payment processor. We conduct periodic reviews of our security practices.
No security measure is perfect. In the event of a data breach affecting your personal data, we will notify you as required by applicable law.
The Application stores the following data on your local device: your License Key and activation status (cached locally to allow the Application to start without an internet connection); application preferences and configuration settings; crash logs (if crash reporting is disabled, these remain on-device only); and any files, projects, or data you create or import while using the Application.
This locally stored data is under your control. Uninstalling the Application will remove the application files; depending on your operating system, some preference or cache files may remain in your user profile directory and can be deleted manually. We have no access to locally stored data.
Depending on your jurisdiction, you may have the following rights regarding your personal data:
California residents may have additional rights under the CCPA/CPRA, including the right to know what data we hold, the right to delete, and the right to opt out of the sale of personal information. We do not sell personal information. We do not currently collect Sensitive Personal Information (“SPI”) as defined under the California Privacy Rights Act. If our data collection practices change in the future to include SPI (such as precise geolocation, financial account information, or similar categories), we will update this document to include the required disclosures and provide a mechanism for you to limit the use of such information.
To exercise any of these rights, contact us at privacy@blueghost.ai. We will respond within the timeframe required by applicable law (typically 30 days) and may need to verify your identity before processing your request.
Our servers and service providers may be located in the United States or other countries that may have different data protection standards than your country of residence. Where we transfer personal data from the EEA, UK, or Switzerland to third countries, we rely on appropriate safeguards such as the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the DPF, or the Swiss-U.S. DPF, where our sub-processors are certified participants; Standard Contractual Clauses (SCCs) approved by the European Commission; or other lawful transfer mechanisms recognized under applicable data protection law.
The Application is not directed to children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will promptly delete it.
We may update this Privacy Policy from time to time. Material changes will be communicated via the Application, email, or our website with at least thirty (30) days’ prior notice. Your continued use of the Application following the expiration of the notice period constitutes your acceptance of the revised terms. Non-material changes (such as typographical corrections or clarifications) may take effect immediately upon posting.
If you have questions about this Privacy Policy, please contact:
Blue Ghost, LLC
1603 Capitol Ave, Suite 310
Cheyenne, WY 82001
Privacy:
privacy@blueghost.ai
General / Legal:
legal@blueghost.ai
Customer Support:
support@blueghost.ai
Website:
www.blueghost.ai
Support response time: within 2 business days.
If you are located in the EEA or UK and are not satisfied with our response to a privacy inquiry, you have the right to lodge a complaint with your local supervisory authority.
© Blue Ghost, LLC. All rights reserved.