Privacy & Terms

Privacy policy & terms of use

This page explains what personal data AI Commander processes when you use the relay at aicommander.dev, who else is involved, how long it is kept and how to exercise your rights — and it sets out the liability terms that apply because AI Commander lets an AI run shell commands, often as root, on machines you control.

1. Who is responsible

The operator responsible for the AI Commander service, and the controller for the processing described here, is:

Legal entity: 2Dynamic Games sp. z o.o. (operator of the AI Commander service, trading as “Coder AI”)
Registered address: ul. Wadowicka 7, 30-347 Kraków, Poland (European Union)
Contact email: support@coderai.dev

The same company operates Coder AI and other services; AI Commander is offered on a best-effort, no-warranty basis (see section 8).

2. What data we process

AI Commander is built to hold as little as possible. By default you can drive a machine without any account — you simply quote its session code — so for anonymous use we hold no identity data at all. The data we do process is:

Account email (only if you sign in) — used for passwordless magic-link sign-in and to bind machines you link to your account. It is encrypted at rest (a dedicated EMAIL_SECRET root key); a separate keyed lookup HMAC is used to find your record without ever storing the address in plaintext.
Session codes (AIC-XXXX-XXXX-XXXX) — the credential for a machine. The plaintext code is never stored; every record is keyed by a one-way, salted (peppered) HMAC hash, so a database leak contains no usable codes.
API keys and agent tokens — stored only as salted hashes, never in plaintext, and revocable.
Minimal operational metadata — magic-link tokens, OAuth state, web-session records, and per-IP / per-email rate-limit counters needed to run the service and resist abuse. Connection-time data (such as IP address) is processed transiently at the edge for rate limiting and is not retained as a profile.
Cookies — only a strictly necessary SameSite=Lax session cookie set after you sign in to the dashboard. There are no advertising or cross-site tracking cookies.

We never log or store your commands or their output. Command text and stdout/stderr are processed only transiently in the relay's memory while they stream through, then discarded — they are never written to logs or any database. Cloudflare observability/logpush is deliberately left off so the platform does not retain them either.

3. How we use it

Running the service — registering agents, routing commands to the right machine by session code, and (for signed-in users) resolving machine aliases. Legal basis: performance of the service you request, GDPR Art. 6(1)(b).
Sign-in & account features — delivering magic-link emails and keeping you signed in. Legal basis: Art. 6(1)(b).
Abuse prevention — per-IP and per-email rate limiting, an optional bot gate (Cloudflare Turnstile) on the OAuth page, and security hardening. Legal basis: our legitimate interest in keeping the service available and free of fraud, Art. 6(1)(f).

We do not sell personal data, and we do not use your data to build advertising profiles.

4. Recipients and subprocessors

AI Commander relies on the following third parties, each for a narrow, defined purpose:

Cloudflare — hosting and infrastructure: the Workers runtime that powers the relay, Durable Objects for live sessions, the KV stores, the D1 account database, R2 for download distribution, and the edge/CDN. Cloudflare processes TLS-terminated request data in transit. It does not receive a persisted copy of your commands or their output.
Cloudflare Turnstile — an optional bot challenge on the OAuth authorize page.
Mailgun — delivery of sign-in (magic-link) emails. Mailgun receives the recipient email address and the link. AI Commander uses Mailgun's EU region (api.eu.mailgun.net).

We do not add a subprocessor that receives command payloads, because no command payload is ever stored or forwarded to anyone but the agent that runs it.

5. Retention

Commands and output — not retained at all (see section 2).
Magic links, web sessions and old revoked API keys — short-lived; a scheduled hourly cleanup job purges them once they expire so the tables do not grow unbounded.
Account data (your encrypted email, machine aliases, API-key hashes) — kept while your account exists; removed when you delete your account.
Session-code records — keyed by hash and tied to an agent registration; cleared when the code is changed or the agent uninstalled.

6. Access model & anonymous use

A session code is the credential for its machine: anyone who knows a current code can act on it until the owner resets the code or blocks their account. Linking an account is optional: signing in (magic link, no password) lets you save machines under friendly aliases, reach them with a personal API key, and keep using a machine at any time — until the owner resets the code or blocks your account. There is also a short no-account convenience window: for the first hour after a code is created or refreshed, anyone can connect anonymously without signing in. Full detail is in the Security section of the docs.

7. Your rights

Subject to the conditions in the GDPR, you have the right to access your personal data, rectify inaccurate data, erase it, restrict or object to processing, and data portability. To exercise any of these — or to delete your account — contact support@coderai.dev. Because most processing is keyed by hashes and accounts are minimal, you may need to provide enough information to identify the account concerned. You also have the right to lodge a complaint with a supervisory authority — in Poland, the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych, UODO), ul. Stawki 2, 00-193 Warszawa.

8. The service is provided “as is”

AI Commander is a relay plus an agent that, once installed by the user, can execute shell commands — by default as root — on the user's machine. It is remote shell access, not a sandbox. Because of that, the following terms apply to everyone who uses the service:

You are solely responsible for your machines and every command run on them. The person who installs the agent is solely and fully responsible for that machine, for every command executed on it (by themselves, by another person they share a code with, or by an AI acting on their behalf), for any data exposed, and for all consequences.

Authorization. You warrant that you own, or are explicitly authorized to control, any machine on which you install the agent, and any machine you connect to via a session code. Installing or using AI Commander on machines you do not own or are not authorized to control is prohibited and is entirely your responsibility.
Safeguarding credentials. You are responsible for protecting your session codes and API keys. Anyone who knows a current session code (no account needed in its first hour, or via a linked account at any time) can request commands on the corresponding machine — guard them like an SSH private key.
“As is” / “as available”. The service is provided “AS IS” and “AS AVAILABLE”, without warranties of any kind, whether express or implied, including (without limitation) the implied warranties of merchantability, fitness for a particular purpose, availability, uninterrupted or error-free operation, and non-infringement. We do not warrant that the relay will be available at any given time.
No liability. To the maximum extent permitted by law, the operator (2Dynamic Games sp. z o.o.) shall not be liable for any direct, indirect, incidental, consequential, special, exemplary or punitive damages — including, without limitation, data loss, downtime, business interruption, security incidents, unauthorized access, or damage to systems or devices — arising out of or relating to your use of, or inability to use, the service, even if advised of the possibility of such damages.
Indemnity. You agree to indemnify and hold harmless the operator against any claims, losses, liabilities, damages, costs and expenses arising from your use of the service, the commands you (or an AI acting on your behalf) run through it, or your breach of these terms.

Nothing in this section limits liability that cannot be limited or excluded under applicable mandatory law.

9. Report a bug or feature, and contact

Found a bug or have a feature request? Use the in-page widget: (it appears once the feedback widget loads). You can also reach the team for any matter — including privacy requests and security reports — at support@coderai.dev.

10. Changes to this notice

We may update this notice as the service evolves. The current version is always published at this URL; the date below reflects the last revision.

Last updated: 2026-06-15