Privacy Policy

Your data stays local.

QuotaLens is a local Electron app. It does not run its own backend server and does not send your account data to a developer-controlled service.

What the app stores

OAuth tokens

OAuth token secrets are stored in the operating system keychain through keytar. Stored token types may include access_token, refresh_token, and id_token.

These tokens are used to refresh usage data and reconnect to the ChatGPT/OpenAI account authorization flow.

Optional OpenAI Admin API key

If you connect the optional API Cost panel, the OpenAI Admin API key is stored in the operating system keychain through keytar. The key is used only to fetch organization cost data from the OpenAI Platform Costs API. It is not written to accounts.json.

App settings

Non-secret app preferences are stored locally in Electron's user data folder in settings.json. Stored settings may include widget transparency and auto-refresh interval.

What the app reads

Codex active account

To show which account is currently used by Codex, the app may read the local Codex auth file: ~/.codex/auth.json. QuotaLens uses this file only to derive display metadata such as email and ChatGPT account id. It does not copy Codex token secrets into the widget account store and does not modify the Codex auth file.

Account metadata

Non-secret account metadata is stored locally in Electron's user data folder in accounts.json. Stored metadata may include account id generated by the app, email, plan type, ChatGPT account id, account status, last fetched timestamp, and last error message.

Backup and recovery files

The app keeps a local accounts.json.bak file as a last-known-good backup. If accounts.json becomes invalid JSON, the app may preserve the broken file as accounts.json.corrupt-<timestamp>.json. These files may contain the same non-secret account metadata listed above.

Network requests

The app fetches usage data directly from the ChatGPT/OpenAI usage endpoint configured in the app. If the optional API Cost panel is connected, the app also fetches cost data directly from the OpenAI Platform organization costs endpoint.

The app does not proxy usage data through a separate backend owned by this project.

Removing an account

When you click Remove for an account, the account is removed from the local account list and the app attempts to delete its stored tokens from the OS keychain.

Contact

For privacy or support questions, contact quotalens.app@outlook.com.